Information security is of paramount importance to Citrus Consulting and Amazon Web Services (AWS) customers. Security is a core functional requirement that protects mission-critical information from accidental or deliberate theft, leakage, integrity compromise, and deletion. As job zero at Citrus Consulting, Security lies at the core of all our implementations and deployments on the cloud.
AWS WAF helps protect your web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. Protect yourself against bot traffic and block common attack patterns, such as SQL injection or cross-site scripting.
Citrus Consulting boasts of Security Certified AWS Consultants that work with our customers to enhance the overall security posture for our customers. A stepping stone towards the same is leveraging the AWS Web Application Firewall for your workloads deployed on AWS.
How AWS WAF works ?
You can deploy AWS WAF on Amazon CloudFront as part of your CDN solution, the Application Load Balancer that fronts your web servers or origin servers running on EC2, Amazon API Gateway for your REST APIs, or AWS AppSync for your GraphQL APIs. With AWS WAF, you pay only for what you use and the pricing is based on how many rules you deploy and how many web requests your application receives.
Benefits of AWS WAF
Protection against Attacks
WAF supports hundreds of rules that can inspect any part of the web request with minimal latency impact to incoming traffic. AWS WAF protects web applications from attacks by filtering traffic based on rules that you create.
Web Traffic Visibility
AWS WAF gives near real-time visibility into web traffic, which can use to create new rules or alerts in Amazon CloudWatch and also assists in security automation, analytics, or auditing purposes
Managed rules, for issues like the Open Web Application Security Project (OWASP) Top 10 security risks are automatically updated as new issues emerge, so that you can spend more time building application
With AWS Firewall Manager integration, you can centrally define and manage your rules, and reuse them across all the web applications that you need to protect
Every feature in AWS WAF can be configured using either the AWS WAF API, this allows started embedding security in early application development stage