Amazon WAF (Web Application Firewall)
WAF is a web application firewall that helps protect web applications from attacks by allowing, blocking, or monitoring web requests based on conditions that you define. It protects against common web exploits and bots that can affect availability, compromise security, or consume excessive resources.
Remain secure against multiple attack techniques
Default rules monitor incoming requests to help protect your website from common attack techniques like SQL injection, and Cross-Site Scripting (XSS). Create custom rules that can block or rate-limit traffic from specific user-agents, IP addresses, or regions.
Monitor, limit or block bots from access to your app
WAF Bot Control gives you visibility and control over common and pervasive bot traffic to your applications. Set up monitoring, distinguish between benign and malicious bots, and rate-limit or block them entirely to secure your service from DDoS (Distributed Denial of Service) attacks.
Protect your site from access by compromised accounts
Account Takeover Prevention (ATP) monitors traffic to your application’s login page to detect unauthorized access to user accounts using compromised credentials. As login attempts are made to your application, ATP checks in real time whether the user names and passwords submitted have been compromised elsewhere on the web.
Our work with WAF
We use WAF in our work with a major company, where it is critical to the security of their mobile app. Among the settings in place are rules to deny access from bots and known malicious addresses, impose lower rate limits on requests originating outside the UK, provide CAPTCHA verification, and blanket rate limits to specific sensitive endpoints.
With a volume of 6 million daily requests, the app relies on WAF’s reliability and robustness. Suspicious activity or incidents are flagged and analysed by our team, allowing us to continually improve security.
Our insights
Talk 1-1 with a consultant
Book a call with one of our consultants to discuss your challenges.