Please enter url.

Documenting Gotchas in AWS's WAF Offerings

submited by
Style Pass
2022-01-17 19:00:08

Most recently, CVE-2021-44228 pushed all of us into adopting slapdash measures to protect our applications. One such newfound technique that gained some traction was WAF or the Web Application Firewall. A WAF protects your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources. AWS supports this via the AWS WAF offering and provides the payer accounts with the flexibility to deploy them centrally on the child accounts using AWS Firewall Manager. My experience with both of these offerings is quite limited but a single iteration of the deployment cycle for both of these services highlighted a few glaring gotchas hidden in plain sight or sometimes missing from the docs. I hope this guide will help the folks in security or infrastructure to make more informed deployments. šŸ‘€

Only the first 8 KB (8,192 bytes) of the request body are forwarded to AWS WAF for inspection. For information about how to manage this, see Web request body inspection.

Read more smunshi.net/...
Share :  
Leave a Comment
Related Posts

Jeff Bezos Steps Down as Amazonā€™s CEO After 27 Years

Comment

5 Costly Mistakes in Cyber Incident Response Preparation

Comment

sleevi / psl-problems

Comment

rtomayko / ronn

Comment

ā€œIt's open source! Weā€™ll let our customers fix it.ā€ | R. Miles McCain

Comment

Conductor: Why We Migrated from Kubernetes to Nomad

Comment

On Comments in Code

Comment

Wells Fargo tells customers itā€™s shuttering all personal lines of credit

Comment

Mapillary, the crowdsourced database of street-level imagery, has been acquired by Facebook

Comment

Gusto makes first acquisition, buying Ardius to expand into R&D tax credits

Comment
Recent Posts

Talos built Sonic to reduce the time it takes to read and write data from the network with minimal latency

Comment

Working with stacked commits in GitHub with Sapling

Comment

Discovering and Diagnosing a Google AdSense Rendering Bug

Comment

Microsoft says cloud AI demand is exceeding supply even after 79% surge in capital spending

Comment

In constantly reaching for past parallels to explain our peculiar times we miss the real lessons of the master historian

Comment

16-year-old child of billionaire tech CEO reported missing

Comment

DRINK ME: (Ab)Using a LLM to compress text

Comment

Russia stands alone in vetoing UN resolution on nuclear weapons in space

Comment

GMB launches legal action against ā€˜out of controlā€™ Amazon at Coventry warehouse

Comment

UK's Investigatory Powers Bill to become law despite tech world opposition

Comment

TikTok ban could escalate US-China trade war, ex-White House CIO tells The Reg

Comment

ByteDance 'would rather' torpedo TikTok than sell it off

Comment

Pharo - Pharo 12 Released!

Comment

THE UNIVERSE AS A COMPUTER, John Archibald Wheeler

Comment

Qwen1.5-110B: The First 100B+ Model of the Qwen1.5 Series

Comment

Michaelā€™s Substack

Comment

Give Your App Shortcut Icons The Color They Deserve

Comment

Python Enhancement Proposals

Comment

watchID - Identify Any Watch with a picture - powered by Horoview.com

Comment

Mass claim case launched against Apple for deliberately slowing its iPhones

Comment