WAF
AWS WAF is a web application firewall that protects applications and APIs from common exploits such as SQL injection and cross-site scripting. It filters traffic using customizable rules and AWS Managed Rules, and can guard resources fronted by CloudFront, API Gateway, or Application Load Balancer. Rate-based rules and bot control help defend against volumetric and automated attacks at the application layer.
Capabilities
- Block OWASP Top 10 exploits (SQLi, XSS, RCE)
- Managed and custom rule sets
- Rate limiting, bot control, and geo-blocking
- Inspect and log HTTP(S) requests at layer 7