Submit Search
Upload
Edge immersion days module 2 - protect your application at the edge using aws waf & shield advanced
•
0 likes
•
106 views
R
RoiElbaz1
Follow
Edge workshop @Floor28 (Oct 7th 2019)
Read less
Read more
Internet
Report
Share
Report
Share
1 of 28
Download now
Download to read offline
Recommended
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Amazon Web Services
AWS DDoS防範: Shield Advanced & WAF
AWS DDoS防範: Shield Advanced & WAF
Amazon Web Services
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Amazon Web Services
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
Amazon Web Services
AWS WAF - A Web App Firewall
AWS WAF - A Web App Firewall
Amazon Web Services
Aws meetup aws_waf
Aws meetup aws_waf
Adam Book
Application Resiliency
Application Resiliency
Amazon Web Services
Infrastructure Security: Your Minimum Security Baseline.pdf
Infrastructure Security: Your Minimum Security Baseline.pdf
Amazon Web Services
Recommended
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Amazon Web Services
AWS DDoS防範: Shield Advanced & WAF
AWS DDoS防範: Shield Advanced & WAF
Amazon Web Services
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...
Amazon Web Services
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
Amazon Web Services
AWS WAF - A Web App Firewall
AWS WAF - A Web App Firewall
Amazon Web Services
Aws meetup aws_waf
Aws meetup aws_waf
Adam Book
Application Resiliency
Application Resiliency
Amazon Web Services
Infrastructure Security: Your Minimum Security Baseline.pdf
Infrastructure Security: Your Minimum Security Baseline.pdf
Amazon Web Services
Defending your workloads with aws waf and deep security
Defending your workloads with aws waf and deep security
Mark Nunnikhoven
Cloud-Native DDoS Attack Mitigation
Cloud-Native DDoS Attack Mitigation
Amazon Web Services
Best Practices for SecOps on AWS
Best Practices for SecOps on AWS
Amazon Web Services
AWS August Webinar Series - DDoS Resiliency
AWS August Webinar Series - DDoS Resiliency
Amazon Web Services
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Amazon Web Services
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Amazon Web Services
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record Change
Amazon Web Services
CTD301_Amazon CloudFront Flash Talks
CTD301_Amazon CloudFront Flash Talks
Amazon Web Services
(STG205) Secure Content Delivery Using Amazon CloudFront
(STG205) Secure Content Delivery Using Amazon CloudFront
Amazon Web Services
Become a Cloud Security Ninja - RedLock Lab
Become a Cloud Security Ninja - RedLock Lab
Amazon Web Services
Deep Dive on IoT at AWS
Deep Dive on IoT at AWS
Amazon Web Services
Amazon CloudFront Best Practices and Anti-patterns
Amazon CloudFront Best Practices and Anti-patterns
Abhishek Tiwari
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...
Amazon Web Services
Toward Full Stack Security
Toward Full Stack Security
Amazon Web Services
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar
Amazon Web Services
Best Practices on AWS - IL Webinar August 2017
Best Practices on AWS - IL Webinar August 2017
Amazon Web Services
Amazon guard duty_lab
Amazon guard duty_lab
Bela Sojina MBA, PMP
(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
Amazon Web Services
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Amazon Web Services
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...
Amazon Web Services
Automating DDoS and WAF Response
Automating DDoS and WAF Response
Amazon Web Services
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Amazon Web Services
More Related Content
What's hot
Defending your workloads with aws waf and deep security
Defending your workloads with aws waf and deep security
Mark Nunnikhoven
Cloud-Native DDoS Attack Mitigation
Cloud-Native DDoS Attack Mitigation
Amazon Web Services
Best Practices for SecOps on AWS
Best Practices for SecOps on AWS
Amazon Web Services
AWS August Webinar Series - DDoS Resiliency
AWS August Webinar Series - DDoS Resiliency
Amazon Web Services
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Amazon Web Services
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Amazon Web Services
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record Change
Amazon Web Services
CTD301_Amazon CloudFront Flash Talks
CTD301_Amazon CloudFront Flash Talks
Amazon Web Services
(STG205) Secure Content Delivery Using Amazon CloudFront
(STG205) Secure Content Delivery Using Amazon CloudFront
Amazon Web Services
Become a Cloud Security Ninja - RedLock Lab
Become a Cloud Security Ninja - RedLock Lab
Amazon Web Services
Deep Dive on IoT at AWS
Deep Dive on IoT at AWS
Amazon Web Services
Amazon CloudFront Best Practices and Anti-patterns
Amazon CloudFront Best Practices and Anti-patterns
Abhishek Tiwari
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...
Amazon Web Services
Toward Full Stack Security
Toward Full Stack Security
Amazon Web Services
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar
Amazon Web Services
Best Practices on AWS - IL Webinar August 2017
Best Practices on AWS - IL Webinar August 2017
Amazon Web Services
Amazon guard duty_lab
Amazon guard duty_lab
Bela Sojina MBA, PMP
(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
Amazon Web Services
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Amazon Web Services
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...
Amazon Web Services
What's hot
(20)
Defending your workloads with aws waf and deep security
Defending your workloads with aws waf and deep security
Cloud-Native DDoS Attack Mitigation
Cloud-Native DDoS Attack Mitigation
Best Practices for SecOps on AWS
Best Practices for SecOps on AWS
AWS August Webinar Series - DDoS Resiliency
AWS August Webinar Series - DDoS Resiliency
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Detective Controls: Gain Visibility and Record Change
Detective Controls: Gain Visibility and Record Change
CTD301_Amazon CloudFront Flash Talks
CTD301_Amazon CloudFront Flash Talks
(STG205) Secure Content Delivery Using Amazon CloudFront
(STG205) Secure Content Delivery Using Amazon CloudFront
Become a Cloud Security Ninja - RedLock Lab
Become a Cloud Security Ninja - RedLock Lab
Deep Dive on IoT at AWS
Deep Dive on IoT at AWS
Amazon CloudFront Best Practices and Anti-patterns
Amazon CloudFront Best Practices and Anti-patterns
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...
Toward Full Stack Security
Toward Full Stack Security
AWS Web Application Firewall and AWS Shield - Webinar
AWS Web Application Firewall and AWS Shield - Webinar
Best Practices on AWS - IL Webinar August 2017
Best Practices on AWS - IL Webinar August 2017
Amazon guard duty_lab
Amazon guard duty_lab
(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Using AWS CloudTrail Logs for Scalable, Automated Anomaly Detection - SID341 ...
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...
Similar to Edge immersion days module 2 - protect your application at the edge using aws waf & shield advanced
Automating DDoS and WAF Response
Automating DDoS and WAF Response
Amazon Web Services
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Amazon Web Services
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
Vladimir Simek
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
Amazon Web Services
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Amazon Web Services
Building a Secured Network environment on AWS
Building a Secured Network environment on AWS
Amazon Web Services
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced Attacks
Amazon Web Services
Learn how AWS customers are implementing robust security posture for their A...
Learn how AWS customers are implementing robust security posture for their A...
Amazon Web Services
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Amazon Web Services
Secure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on Security
Amazon Web Services
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
Amazon Web Services
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Amazon Web Services
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & Remediation
Amazon Web Services
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
Amazon Web Services
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
Amazon Web Services
194325_EdgeatScale_NoNotes.pptx
194325_EdgeatScale_NoNotes.pptx
Amazon Web Services
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
Amazon Web Services
AWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS Foundations
Amazon Web Services
Mitigating techniques
Mitigating techniques
Richard Harvey
Compliance and Security Mitigation Techniques
Compliance and Security Mitigation Techniques
Amazon Web Services
Similar to Edge immersion days module 2 - protect your application at the edge using aws waf & shield advanced
(20)
Automating DDoS and WAF Response
Automating DDoS and WAF Response
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Building a Secured Network environment on AWS
Building a Secured Network environment on AWS
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced Attacks
Learn how AWS customers are implementing robust security posture for their A...
Learn how AWS customers are implementing robust security posture for their A...
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Secure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on Security
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & Remediation
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
A Self-Defending Border - Protect Your Web-Facing Workloads with AWS Security...
194325_EdgeatScale_NoNotes.pptx
194325_EdgeatScale_NoNotes.pptx
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS Foundations
Mitigating techniques
Mitigating techniques
Compliance and Security Mitigation Techniques
Compliance and Security Mitigation Techniques
Recently uploaded
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
girls4nights
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Delhi Call girls
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Sheetaleventcompany
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
soniya singh
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
aditipandeya
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
imessage0108
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
aditipandeya
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Delhi Call girls
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
APNIC
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
Thierry TROUIN ☁
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
kojalkojal131
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
James Anderson
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
anamikaraghav4
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
soniya singh
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Damian Radcliffe
Recently uploaded
(20)
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Ashram Chowk Delhi 💯Call Us 🔝8264348440🔝
Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
Call Girls Dubai Prolapsed O525547819 Call Girls In Dubai Princes$
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Samaira 🤌 8250192130 🚀 Vip Call Girls Kolkata
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Edge immersion days module 2 - protect your application at the edge using aws waf & shield advanced
1.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF & Shield Advanced Protect your application at the Edge
2.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Threat landscape
3.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Types of threats Application Ping of Death | ICMP Flood | Teardrop | reflections | UDP floods SYN/ACK Flood | Slowloris | SSL Abuse Presentation Session Transport Network HTTP Flood | Malformed HTTP App exploits | CVE |s XSS | SQLi | RFI Bots | Scrapers | Crawlers Bad BotsDDoS Web Application Attacks
4.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Trends of DDoS attacks 0 200 400 600 800 1000 1200 1400 1600 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 Largest DDoS Attacks (Gbps) Largest DDoS Attacks Memcached Attacks Mirai Attacks
5.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Cloud native protection
6.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Pillars of perimeter protection MONITOR RESPOND PREPARE Build a DDoS resilient application on AWS Be aware of threat environment and application health Engage response team
7.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Cloud native protection Built-in protection Protection tools Always-on Automatic Distributed Easy to use Customizable APIs AWS scale Experts support
8.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Built-in protection for everyone AWS Shield Standard Automatic defense against the most common network and transport layer DDoS attacks for any AWS resource, in any AWS Region Available to ALL AWS customers at no additional cost
9.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Daily DDoS attacks mitigated by AWS
10.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Protection tools
11.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. DDoS resilient architecture Route 53 ALB Security Group EC2 Instances Application Load Balancer CloudFront Public Subnet Web Application Security Group Private Subnet AWS WAF DDoS Attack Users Cloudwatch S3 API Gateway
12.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. API Acceleration - Slack • Slack host their API behind ALB for serving json files with more than 10B requests/week. They were looking for DDoS protection • Slack selected CloudFront for its reliability, flexibility and AWS integration Average response time decreased to 200ms from 480ms
13.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF & Shield Advanced
14.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF Managed layer 7 inspection and mitigation tool, monitors HTTP/S requests and protects web applications from malicious activities Custom Rules Security AutomationManaged Rules
15.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF benefits AWS WAF Easy to deploy Fast incident response Affordable Full API support Managed service
16.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Custom rules 1. Define conditions: IP Match, Geo-IP, String Match, Regex Match, SQLi, XSS, Size Constraints 2. Define rules: Regular or rate based 3. Add to Web Access Control Lists: Order & action (Block, Allow, Count) 4. Attach to AWS Resource: CloudFront, ALB
17.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Seller managed rules Rules managed by experts Choice of 6 partners Pay as you go Easy to deploy automatic updates
18.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Security automations Honeypot for bad bots CloudFront Log parsing Reputation
19.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. WAF automation - eVitamins • An global online retailer of health and beauty products. They were looking to solve DDoS, Bots & Crawlers security challenges. • eVitamins selected AWS WAF for its protection, automation and easiness of use.
20.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS Firewall manager • Central management for Security profile • Automated policy enforcement across accounts & applications • WAF rule sets
21.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Additional detection & monitoring Advanced protection Visibility into attack detection & mitigation AWS WAF & FM at no additional cost 24X7 DDoS Response Team Cost protection (absorb scaling costs) Advanced Protection AWS Shield Advanced
22.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. CloudWatch metrics for Shield Advanced Metrics: • DDoSDetected • DDoSAttackBitsPerSecond, DDoSAttackPacketsPerSecond, DDoSAttackRequestsPerSecond Dimensions: • UDPTraffic, DNSReflection, SYNFlood, RequestFlood…
23.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Improving DDoS response time Customer account AWS managed capabilities AWS Shield Engagement Lambda DRT notification topic SoC Engineer Shield Advanced IoT button DRT Support
24.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. attacks MONITOR RESPOND PREPARE AWS ShieldInternet Cloud native protection in a nutshell AWS services AWS WAF Customer infrastructure Application Presentation Session Transport Network Web Application Attacks DDoS Bad Bots x x x x MONITOR RESPOND PREPARE DDoS Cloudwatch CloudFront Access logs DDoS Response Team Security Automation
25.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. To learn more about Perimeter protection on AWS DDoS Resiliency Whitepaper AWS re:Invent 2017: Automating DDoS Response in the Cloud (SID324) AWS re:Invent 2017: NEW LAUNCH! Introduction to Managed Rules for AWS WAF (SID217) Best Practices for DDoS Mitigation on AWS Advanced Techniques for Securing Your Web Applications with AWS WAF and AWS Shield
26.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Appendixes
27.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Evolution of WAF & DDoS mitigation On-Premise Cloud-Routed Cloud-Native
28.
© 2018, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. WebACL example Rule Allow, Count, Block Rate-Based Rule Count, Block Rule Allow, Count, Block Match Condition SQL injection Match Condition Cross-site scripting Match Condition Size constraint Match Condition IP addresses Managed Rules No override, Override to count WebACL WebACL Match Condition String and Regex Match Condition Geo match Rule Allow, Count, Block Rule Allow, Count, Block Rule Allow, Count, Block
Download now