SlideShare a Scribd company logo

Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS Shield - July 2017 AWS Online Tech Talks

Download as PPTX, PDF
Amazon Web Services
Amazon Web Services

Learning Objectives: - Learn how to secure your web applications - Learn how to configure AWS Shield and AWS WAF - Learn how to defend the most common Layer 7 attacks Distributed denial of service (DDoS) and other web attacks can affect your application’s availability, compromise its security, and consume excessive resources. AWS Shield and AWS Web Application Firewall (WAF) help secure your applications from these types of attacks. AWS Shield is a managed DDoS protection service that offers always-on detection and automatic inline mitigation to minimize application downtime and latency. AWS WAF is a web application firewall that helps protect your applications from common web exploits such as SQLi, XSS, and botnets. This introductory tech talk will provide you an overview and demonstration of these services.

Technology
1 of 24
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Jeffrey Lyon and Sundar Jayashekar July 12, 2017 Secure your Web Applications with AWS WAF & AWS Shield
What to expect from this session Types of Threats AWS Shield AWS WAF DEMO © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Types of Threats Bad BotsDDoS Application Attacks Reflection Layer 4 floods Slowloris SSL abuse HTTP floods Amplification Content scrapers Scanners & probes Crawlers SQL injection Application exploits Social engineering Sensitive data exposureApplication Layer Network / Transport Layer AWS Shield © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Benefits of AWS Shield AWS Integration DDoS protection without infrastructure changes Affordable Don’t force unnecessary trade-offs between cost and availability Flexible Customize protections for your applications Always-On Detection and Mitigation Minimize impact on application latency © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Shield Standard Protection Advanced Protection Available to ALL AWS customers at no additional cost Paid service that provides additional protections, features, and benefits © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Shield Standard Layer 3/4 protection  Automatic detection & mitigation  Protection from most common attacks (SYN/UDP floods, reflection attacks, etc.)  Built into AWS services Layer 7 protection  AWS WAF for Layer 7 DDoS attack mitigation  Self-service & pay-as-you-go Automatic protection against 96% of Layer 3/4 attacks Available globally on all internet-facing AWS services © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Shield Advanced Additional detection & monitoring Protection against large DDoS attacks Visibility into attack detection & mitigation AWS WAF at no additional cost 24X7 DDoS response team Cost protection (absorb DDoS scaling cost) © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Shield Advanced Application Load Balancer Classic Load Balancer Amazon CloudFront Amazon Route 53 Available on ...  Northern Virginia (us-east-1)  Oregon (us-west-2)  Ireland (eu-west-1)  Tokyo (ap-northeast-1) In the following regions ... © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Types of Threats Bad BotsDDoS Application Attacks Reflection Layer 4 floods Slowloris SSL abuse HTTP floods Amplification Content scrapers Scanners & probes Crawlers SQL injection Application exploits Social engineering Sensitive data exposureApplication Layer Network / Transport Layer AWS WAF © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What is AWS WAF Web traffic filtering with custom rules Malicious request blocking Active monitoring and tuning © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS WAF – Key Benefits Fast Incidence Response Preconfigured Protection APIs + Flexible Rule Language Ease of Use © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How Does AWS WAF Protect You? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How Does AWS WAF Protect You? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How Does AWS WAF Protect You? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
HTTP floods (Rated- based Rules) Scanners and probes SQL injection Bots and scrapers IP reputation lists Cross-site scripting Common protections using AWS WAF today .. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS WAF Demo-1 Whitelisting good users © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Example: Whitelisting good users Verify that a valid referrer is present Host: www.example.com User-Agent: Mozilla/5.0 (Macintosh; … Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referrer: http://www.example.com/ Connection: keep-alive AWS WAF RAW request headers CloudFront Check: Header “Referrer” Match Type: Contains Match: “example.com” Action: ALLOW Rule String match condition Good users © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS WAF Demo-2 Virtual Patching © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Example: Apache Struts Vulnerability © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Virtual Patching: A security policy enforcement layer which prevents the exploitation of a known vulnerability in the code. For more details: https://forums.aws.amazon.com/ann.jspa?annID=4489
AWS WAF Demo-3 Brute Force on Login © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Example: Rate limit access to login page © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. String Match condition on URI Protection from Brute force login attempts Rate-based Rule
Recap • Layer 7 DDoS • Bots and scrapers • Application vulnerabilities • Brute Force attempts • Whitelist users With AWS Shield and AWS WAF we showed you how you can protect your web applications against: © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What about OWASP Top 10 coverage? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. We recently launched a Toolkit! Give it a try https://aws.amazon.com/blogs/aws/prepare-for-the- owasp-top-10-web-application-vulnerabilities-using-aws- waf-and-our-new-white-paper/ Includes a easily deployable CloudFormation template that writes the sample rules for you! This is our call to action for you today.
Thank you! © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Recommended

AWS WAF
AWS WAFAWS WAF
AWS WAFAmazon Web Services
 
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar Amazon Web Services
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAFAmazon Web Services
 
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...Amazon Web Services
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAMAmazon Web Services
 
AWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAmazon Web Services
 
Introducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksIntroducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksAmazon Web Services
 
AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)
AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)
AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)Amazon Web Services
 

Recommended

AWS WAF
AWS WAFAWS WAF
AWS WAFAmazon Web Services
 
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar Amazon Web Services
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAFAmazon Web Services
 
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...Amazon Web Services
 
Deep dive into AWS IAM
Deep dive into AWS IAMDeep dive into AWS IAM
Deep dive into AWS IAMAmazon Web Services
 
AWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAmazon Web Services
 
Introducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksIntroducing AWS Firewall Manager - AWS Online Tech Talks
Introducing AWS Firewall Manager - AWS Online Tech TalksAmazon Web Services
 
AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)
AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)
AWS re:Invent 2016: Offload Security Heavy-lifting to the AWS Edge (CTD204)Amazon Web Services
 
Amazon EC2 Masterclass
Amazon EC2 MasterclassAmazon EC2 Masterclass
Amazon EC2 MasterclassAmazon Web Services
 
DDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS ShieldDDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS ShieldAmazon Web Services
 
AWS VPC Fundamentals- Webinar
AWS VPC Fundamentals- WebinarAWS VPC Fundamentals- Webinar
AWS VPC Fundamentals- WebinarAmazon Web Services LATAM
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best PracticesAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksAmazon Web Services
 
Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Amazon Web Services
 
Introduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaIntroduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaAn Nguyen
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIsAmazon Web Services
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAmazon Web Services
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
 
AWS Networking Fundamentals
AWS Networking FundamentalsAWS Networking Fundamentals
AWS Networking FundamentalsAmazon Web Services
 
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatchAmazon Web Services
 
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...Amazon Web Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Web Services
 
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Amazon Web Services
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAmazon Web Services
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & LoggingJason Poley
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon InspectorAmazon Web Services
 
Cloud-Native DDoS Mitigation - AWS Online Tech Talks
Cloud-Native DDoS Mitigation - AWS Online Tech TalksCloud-Native DDoS Mitigation - AWS Online Tech Talks
Cloud-Native DDoS Mitigation - AWS Online Tech TalksAmazon Web Services
 
Cloud-Native App Protection: Web Application Security at Pearson and other cu...
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Cloud-Native App Protection: Web Application Security at Pearson and other cu...
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Amazon Web Services
 

More Related Content

What's hot

DDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS ShieldDDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS ShieldAmazon Web Services
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best PracticesAmazon Web Services
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018Amazon Web Services
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksAmazon Web Services
 
Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Amazon Web Services
 
Introduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaIntroduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaAn Nguyen
 
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIsAmazon Web Services
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAmazon Web Services
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
 
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatchAmazon Web Services
 
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...Amazon Web Services
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Web Services
 
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Amazon Web Services
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAmazon Web Services
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & LoggingJason Poley
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon InspectorAmazon Web Services
 

What's hot (20)

Amazon EC2 Masterclass
Amazon EC2 MasterclassAmazon EC2 Masterclass
Amazon EC2 Masterclass
 
DDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS ShieldDDoS Mitigation Techniques and AWS Shield
DDoS Mitigation Techniques and AWS Shield
 
AWS VPC Fundamentals- Webinar
AWS VPC Fundamentals- WebinarAWS VPC Fundamentals- Webinar
AWS VPC Fundamentals- Webinar
 
IAM Introduction and Best Practices
IAM Introduction and Best PracticesIAM Introduction and Best Practices
IAM Introduction and Best Practices
 
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
AWS Landing Zone Deep Dive (ENT350-R2) - AWS re:Invent 2018
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
 
Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)Deep Dive - Amazon Virtual Private Cloud (VPC)
Deep Dive - Amazon Virtual Private Cloud (VPC)
 
Introduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaIntroduction To AWS & AWS Lambda
Introduction To AWS & AWS Lambda
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs
 
AWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best PracticesAWS Multi-Account Architecture and Best Practices
AWS Multi-Account Architecture and Best Practices
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
 
AWS Networking Fundamentals
AWS Networking FundamentalsAWS Networking Fundamentals
AWS Networking Fundamentals
 
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch
 
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...
 
Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015Amazon Route 53 - Webinar Presentation 9.16.2015
Amazon Route 53 - Webinar Presentation 9.16.2015
 
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
 
AWS Monitoring & Logging
AWS Monitoring & LoggingAWS Monitoring & Logging
AWS Monitoring & Logging
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon Inspector
 

Similar to Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS Shield - July 2017 AWS Online Tech Talks

Cloud-Native DDoS Mitigation - AWS Online Tech Talks
Cloud-Native DDoS Mitigation - AWS Online Tech TalksCloud-Native DDoS Mitigation - AWS Online Tech Talks
Cloud-Native DDoS Mitigation - AWS Online Tech TalksAmazon Web Services
 
Cloud-Native App Protection: Web Application Security at Pearson and other cu...
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Cloud-Native App Protection: Web Application Security at Pearson and other cu...
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Amazon Web Services
 
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...Amazon Web Services
 
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Amazon Web Services
 
Automating DDoS and WAF Response
Automating DDoS and WAF ResponseAutomating DDoS and WAF Response
Automating DDoS and WAF ResponseAmazon Web Services
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
Intro to threat_detection_and_remediation on aws
Intro to threat_detection_and_remediation on awsIntro to threat_detection_and_remediation on aws
Intro to threat_detection_and_remediation on awsBela Sojina MBA, PMP
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)Amazon Web Services
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSAmazon Web Services
 
Introduction to Threat Detection and Remediation
Introduction to Threat Detection and RemediationIntroduction to Threat Detection and Remediation
Introduction to Threat Detection and RemediationAmazon Web Services
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 
Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...RoiElbaz1
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 
Advanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application DefenseAdvanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application DefenseAmazon Web Services
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduAWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduVladimir Simek
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAmazon Web Services
 
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017Amazon Web Services
 

Similar to Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS Shield - July 2017 AWS Online Tech Talks (20)

Cloud-Native DDoS Mitigation - AWS Online Tech Talks
Cloud-Native DDoS Mitigation - AWS Online Tech TalksCloud-Native DDoS Mitigation - AWS Online Tech Talks
Cloud-Native DDoS Mitigation - AWS Online Tech Talks
 
Cloud-Native App Protection: Web Application Security at Pearson and other cu...
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Cloud-Native App Protection: Web Application Security at Pearson and other cu...
Cloud-Native App Protection: Web Application Security at Pearson and other cu...
 
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...
 
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018
 
Automating DDoS and WAF Response
Automating DDoS and WAF ResponseAutomating DDoS and WAF Response
Automating DDoS and WAF Response
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
 
Intro to threat_detection_and_remediation on aws
Intro to threat_detection_and_remediation on awsIntro to threat_detection_and_remediation on aws
Intro to threat_detection_and_remediation on aws
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWS
 
Introduction to Threat Detection and Remediation
Introduction to Threat Detection and RemediationIntroduction to Threat Detection and Remediation
Introduction to Threat Detection and Remediation
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
 
Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
 
Advanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application DefenseAdvanced Techniques for DDOS Mitigation and Web Application Defense
Advanced Techniques for DDOS Mitigation and Web Application Defense
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduAWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
 
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & Remediation
 
AWS - Security & Compliance
AWS - Security & ComplianceAWS - Security & Compliance
AWS - Security & Compliance
 
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 

Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS Shield - July 2017 AWS Online Tech Talks

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Jeffrey Lyon and Sundar Jayashekar July 12, 2017 Secure your Web Applications with AWS WAF & AWS Shield
  • 2. What to expect from this session Types of Threats AWS Shield AWS WAF DEMO © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 3. Types of Threats Bad BotsDDoS Application Attacks Reflection Layer 4 floods Slowloris SSL abuse HTTP floods Amplification Content scrapers Scanners & probes Crawlers SQL injection Application exploits Social engineering Sensitive data exposureApplication Layer Network / Transport Layer AWS Shield © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 4. Benefits of AWS Shield AWS Integration DDoS protection without infrastructure changes Affordable Don’t force unnecessary trade-offs between cost and availability Flexible Customize protections for your applications Always-On Detection and Mitigation Minimize impact on application latency © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 5. AWS Shield Standard Protection Advanced Protection Available to ALL AWS customers at no additional cost Paid service that provides additional protections, features, and benefits © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 6. AWS Shield Standard Layer 3/4 protection  Automatic detection & mitigation  Protection from most common attacks (SYN/UDP floods, reflection attacks, etc.)  Built into AWS services Layer 7 protection  AWS WAF for Layer 7 DDoS attack mitigation  Self-service & pay-as-you-go Automatic protection against 96% of Layer 3/4 attacks Available globally on all internet-facing AWS services © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 7. AWS Shield Advanced Additional detection & monitoring Protection against large DDoS attacks Visibility into attack detection & mitigation AWS WAF at no additional cost 24X7 DDoS response team Cost protection (absorb DDoS scaling cost) © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 8. AWS Shield Advanced Application Load Balancer Classic Load Balancer Amazon CloudFront Amazon Route 53 Available on ...  Northern Virginia (us-east-1)  Oregon (us-west-2)  Ireland (eu-west-1)  Tokyo (ap-northeast-1) In the following regions ... © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 9. Types of Threats Bad BotsDDoS Application Attacks Reflection Layer 4 floods Slowloris SSL abuse HTTP floods Amplification Content scrapers Scanners & probes Crawlers SQL injection Application exploits Social engineering Sensitive data exposureApplication Layer Network / Transport Layer AWS WAF © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 10. What is AWS WAF Web traffic filtering with custom rules Malicious request blocking Active monitoring and tuning © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 11. AWS WAF – Key Benefits Fast Incidence Response Preconfigured Protection APIs + Flexible Rule Language Ease of Use © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 12. How Does AWS WAF Protect You? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 13. How Does AWS WAF Protect You? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 14. How Does AWS WAF Protect You? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 15. HTTP floods (Rated- based Rules) Scanners and probes SQL injection Bots and scrapers IP reputation lists Cross-site scripting Common protections using AWS WAF today .. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 16. AWS WAF Demo-1 Whitelisting good users © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 17. Example: Whitelisting good users Verify that a valid referrer is present Host: www.example.com User-Agent: Mozilla/5.0 (Macintosh; … Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referrer: http://www.example.com/ Connection: keep-alive AWS WAF RAW request headers CloudFront Check: Header “Referrer” Match Type: Contains Match: “example.com” Action: ALLOW Rule String match condition Good users © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 18. AWS WAF Demo-2 Virtual Patching © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 19. Example: Apache Struts Vulnerability © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Virtual Patching: A security policy enforcement layer which prevents the exploitation of a known vulnerability in the code. For more details: https://forums.aws.amazon.com/ann.jspa?annID=4489
  • 20. AWS WAF Demo-3 Brute Force on Login © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 21. Example: Rate limit access to login page © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. String Match condition on URI Protection from Brute force login attempts Rate-based Rule
  • 22. Recap • Layer 7 DDoS • Bots and scrapers • Application vulnerabilities • Brute Force attempts • Whitelist users With AWS Shield and AWS WAF we showed you how you can protect your web applications against: © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 23. What about OWASP Top 10 coverage? © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. We recently launched a Toolkit! Give it a try https://aws.amazon.com/blogs/aws/prepare-for-the- owasp-top-10-web-application-vulnerabilities-using-aws- waf-and-our-new-white-paper/ Includes a easily deployable CloudFormation template that writes the sample rules for you! This is our call to action for you today.
  • 24. Thank you! © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.