Cyber Security Cloud
Managed Rules for AWS WAF

Cyber Security Cloud Managed Rules (HighSecurity OWASP Set)

This ruleset is for new AWS WAF. With the HighSecurity OWASP Set, you can start protecting your web applications right away with a low false-positive rate and a higher defense capability. Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XSS, directory traversal and known exploits involving web-applications using technologies such as Apache Struts2/ Apache Tomcat/ Oracle WebLogic/ WordPress/ Drupal/ Joomla! and Malicious Bots rulesets.
NOTE: Cyber Security Cloud recommends that when installing this ruleset for the first time, place the ruleset in Count mode.

Cyber Security Cloud Managed Rules for AWS WAF -HighSecurity OWASP Set-

  • Mitigate
    OWASP Top 10
    Threats
  • Stronger Defense
    with Low
    False-Positive Rate
  • Quickly Build a
    Secure Environment
Start using
Cyber Security Cloud
Managed Rules

Cyber Security Cloud Managed Rules(API Gateway/Serverless)

This ruleset is for new AWS WAF. With the API Gateway/Serverless ruleset, you can start protecting your Amazon API Gateway and Serverless environment right away with a low false-positive rate and a higher defense capability. Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XML External Entity attacks, Server Side Request Forgery, XSS, directory traversal and Malicious Bots rulesets.
NOTE: Cyber Security Cloud recommends that when installing this ruleset for the first time, place the ruleset in Count mode.

Cyber Security Cloud Managed Rules for AWS WAF -API Gateway/Serverless-

  • Quickly Build
    a Secure
    API Gateway/Serverless
    Environment
  • Stronger Defense
    with Low False-Positive
    Rate
  • Mitigate
    OWASP API Gateway/Serverless
    Top 10 Threats
Start using
Cyber Security Cloud
Managed Rules

Cyber Security Cloud Managed Rules (Classic OWASP Set)

This ruleset is for AWS WAF Classic. With the OWASP Set, you can start protecting your web applications right away with a low false-positive rate and a higher defense capability. Included are a lot of managed rules targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), XSS, directory traversal and known exploits involving web-applications using technologies such as Apache Struts2/ Apache Tomcat/ Oracle WebLogic/ WordPress/ Drupal/ Joomla! and Malicious Bots rulesets.
NOTE: Cyber Security Cloud recommends that when installing this ruleset for the first time, place the ruleset in Count mode.

Cyber Security Cloud Managed Rules for AWS WAF Classic -OWASP Set-

  • Mitigate
    OWASP Top 10
    Threats
  • Stronger Defense
    with Low
    False-Positive Rate
  • Quickly Build a
    Secure Environment
Start using
Cyber Security Cloud
Managed Rules

Extra Secure when used together with WafCharm

Managed Rules can simplify the operations of AWS WAF. However, by using it together with “WafCharm”, a service for automatic optimization of AWS WAF rules, more flexible and robust security measures can be implemented.

1. Detection status confirmation in real-time

When using Managed Rules, it is not possible to know the detection status of each rule in real-time.
However, by using it together with WafCharm, you can receive false-positive and actual attack status notifications via e-mail.

  • Without WafCharm

    Without WafCharm
  • With WafCharm

    With WafCharm

2. Managed Rules Control enables fine adjustment of Managed Rules

When used together with WafCharm, you can intuitively change individual rules of Managed Rules to COUNT mode.
In addition, since you can check the contents of a rule on the WafCharm management screen, it is possible to know which rule triggered the detection.

  • Without WafCharm

    Without WafCharm
  • With WafCharm

    With WafCharm

Managed Rules Control

Customers using WafCharm can control Managed Rules through their own management screen.
And, since individual rules of Managed Rules can be confirmed in a list, it is easier to know which rule triggered the detection and switch that particular rule to COUNT mode.
Managed Rules Control

3. Stronger defense by signature customization of Managed Rules

Signature customization of Managed Rules is possible when used together with WafCharm.

Without WafCharm

Without WafCharm

With WafCharm

With WafCharm

About Cyber Security Cloud

Cyber Security Cloud is one of top Web Security Service providers in Japan, consistently developing, operating and providing internally developed Web Security services. Our services include:

  • 99% Continuation Rate through
    Extensive Support System

    99% Continuation Rate through Extensive Support System

    24/7 Technical support
    by WAF professionals

  • Global Availability


    Globally Available


    Subscribers inOver 30 Countries/Regions, Including Asia, Europe, and America

  • Internationally Patented
    New Technology

    99% Continuation Rate through Extensive Support System

    WafCharm usesinternationally patented AI
    for automatic signature optimization.
    Patent No.: 6375047