Cyber Security Cloud, Inc. (CSC) announced that it has started providing Partner Managed Rules “Cyber Security Cloud Managed Rules for AWS WAF -API Gateway / Serverless-” on AWS Marketplace. By using this ruleset, users can start protecting their API Gateway and Serverless environments right away with a low false-positive rate and a higher defense capability.

■ About AWS WAF
AWS WAF is a Web Application Firewall provided by Amazon Web Services (AWS) that helps protect web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. With AWS WAF, you can control which traffic to allow or block to the web applications by specifying customizable web security rules.

■ Focus on the market movement of the shift to API and serverless environment
Until now, the website environment has been shifting from on-premise to the cloud. Also, within the cloud, in recent years, the shift to a serverless environment that does not require server management has been accelerating.
The reason behind this is that there is a growing need in the market for server operations to be left to the platform AWS, and for users to focus on developing and building applications.

■ Providing products that match market needs
The set of Managed Rules released this time is developed with rules optimized for customers using API and serverless environments such as Amazon API Gateway / AWS Lambda.
By using this set of CSC Managed Rules, it takes almost no time to build a firewall so that users can focus on application development and quickly build services and use the advantages of APIs and serverless environments that do not require server management. In addition, because managed rules are managed and updated by CSC, there are no operational and administrative costs.

■ Overview of Managed Rules to be provided
A comprehensive package for mitigating OWASP API Gateway / Serverless Top 10 threats for the new AWS WAF.
It provides a single package targeting common vulnerabilities such as code injection techniques (SQLi, NoSQLi, OScommandi, etc), cross-site scripting, directory traversal, XML External Entity attacks, Server Side Request Forgery, XSS, directory traversal as well as defense against scans and Malicious Bots.

Product Name: Cyber Security Cloud Managed Rules for AWS WAF -API Gateway/Serverless-

＊Features:
1. Mitigating OWASP API Gateway / Serverless Top 10 threats
2. Designing high defense and minimizing false positives that become an operational risk
3. Able to build a secure API and serverless environment immediately
4. Support available in both English and Japanese.

＊Pricing:
Charge per month in each available region (pro-rated by the hour): $25
Charge per million requests in each available region: $1.2

＊Selling Page:
https://aws.amazon.com/marketplace/pp/B081TKTBQ8/

■ About Cyber Security Cloud, Inc.
With an aim to create a secure cyberspace that people around the world can use safely, Cyber Security Cloud provides web application security services worldwide using the world's leading cyber threat intelligence and AI technology. CSC is also certified as the 7th AWS WAF Managed Rules Seller in the world by AWS (Amazon Web Service) which boasts a 34% global cloud market share.¹

As a leading cybersecurity company, CSC plans to continue to strive to improve and develop new technologies and aim to be a company that can deliver effective security solutions to contribute to the information revolution.

¹: Cloud Infrastructure Services Market Share Growth Report "The Leading Cloud Providers Continue to Run Away with the Market" by Synergy Research Group

※ The company names and service names described in this release are registered trademarks of the respective companies.
※ Amazon Web Services and AWS are trademarks of Amazon.com, Inc. or its affiliates in the United States and other countries.

For more information, please visit Cyber Security Cloud.
For any media & PR related inquiries, please contact us.