• TOP
  • Managed Rules

Cyber Security Cloud
Managed Rules
for AWS WAF

Managed rules for AWS WAF are designed to help you spend less time writing firewall rules
and more time building applications.

What are Managed Rules?

Managed rules for AWS Web Application Firewall (WAF) are a set of rules written, curated and managed by Cyber Security CLoud and other AWS Marketplace Sellers that can be easily deployed in front of your web applications running on Amazon CloudFront, AWS Application Load Balancers, or Amazon API Gateway.
With these managed rules, you can quickly get started and protect your web application or APIs against common threats like the OWASP Top 10 security risks, threats specific to Content Management Systems (CMS) like WordPress or Joomla, or even emerging Common Vulnerabilities and Exposures (CVE) without having to manage infrastructure.

How do I use them?

Enabling managed rules on AWS WAF is simple

  • Go to AWS Marketplace or to the AWS WAF Console

    01
  • Discover and subscribe to your managed rules

    02
  • Associate the rules with your AWS WAF web ACL

    03

Cyber Security Cloud Managed Rules for AWS WAF

  • HighSecurity
    OWASP

    This ruleset is for new AWS WAF. With the HighSecurity OWASP Set, you can start protecting your web applications right away with a low false-positive rate and a higher defense capability. Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XSS, directory traversal and known exploits involving web-applications using technologies such as Apache Struts2/ Apache Tomcat/ Oracle WebLogic/ WordPress/ Drupal/ Joomla! and Malicious Bots rulesets.

  • API Gateway
    Serverless

    This ruleset is for new AWS WAF. With the API Gateway/Serverless ruleset, you can start protecting your Amazon API Gateway and Serverless environment right away with a low false-positive rate and a higher defense capability. Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XML External Entity attacks, Server Side Request Forgery, XSS, directory traversal and Malicious Bots rulesets.

  • Classic
    OWASP

    This ruleset is for AWS WAF Classic. With the OWASP Set, you can start protecting your web applications right away with a low false-positive rate and a higher defense capability. Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XSS, directory traversal and known exploits involving web-applications using technologies such as Apache Struts2/ Apache Tomcat/ Oracle WebLogic/ WordPress/ Drupal/ Joomla! and Malicious Bots rulesets.

Managed Rules are
better with WafCharm !

Managed Rules can simplify the operations of AWS WAF. However, by using it together with “WafCharm”, a service for automatic optimization of AWS WAF rules, more flexible and robust security measures can be implemented.

Real-Time Notifications

When using Managed Rules, it is not possible to know the detection status of each rule in real-time.
However, by using it together with WafCharm, you can receive false-positive and actual attack status notifications via e-mail.

More Intuitive Controls
over Managed Rules

Customers using WafCharm can control Managed Rules through their own management. And, since individual rules of Managed Rules can be confirmed in a list, it is easier to know which rule triggered the detection and switch that particular rule to COUNT mode.

Signature customization

You can change the setting of the corresponding rule to count from the AWS Management console.

About Cyber Security Cloud

Cyber Security Cloud is one of top Web Security Service providers in Japan, consistently developing, operating and providing internally developed Web Security services. Our services include: