SlideShare a Scribd company logo

Using AWS WAF and Lambda for Automatic Protection

Download as PPTX, PDF
Amazon Web Services
Amazon Web Services

Securing your web applications can be a daunting task, as attackers find different ways to exploit your web application or impact your availability. In this webinar (Level 300), we will share AWS Lambda scripts that you can use to automate security with AWS WAF (web application firewall) and write dynamic rules that can prevent HTTP floods, protect against bad-behaving IPs, and maintain IP reputation lists. You can also learn how Brazilian retailer, Magazine Luiza, leveraged AWS WAF and Lambda to protect its site and guaranteed an operationally smooth Black Friday. Objectives: • Learn how to use AWS WAF and Lambda together to automate security responses. • Get the Lambda scripts and CloudFormation templates that prevent HTTP floods, automatically block bad-behaving IPs, bad-behaving bots, and allow you to import and maintain publicly available IP reputation lists. • Gain an understanding of strategies for protecting your web applications using AWS WAF, CloudFront, and Lambda. Who Should Attend: IT Managers, Security Engineers, DevOps Engineers, Developers, Solution Architects, and Web Site Administrators

1 of 32
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Nathan Dye AWS WAF Software Development Manager Gleicon Moraes, Magazine Luiza Infrastructure Manager March 2, 2016 Using AWS WAF & Lambda for Automatic Protection
Agenda WAF & Lambda Intro Security Automation Scripts & Templates Customer story
Web site without AWS WAF Good users Attackers Web site Exploit
Web site with AWS WAF Good users Web site Exploit Attackers
What is AWS WAF? Web application firewall (WAF) that gives you control over who (or what) can access your web applications. • Full-feature API • Customizable security • Integrated with Amazon CloudFront - protection at the edge • Use cases: protection against exploits, abuse, and application DDoS
What is AWS Lambda? Lambda automatically runs your code without requiring you to provision servers. • “Server-less” scripting; event driven actions • Integrated with other AWS services • Use cases: scheduled events, provisioning services, and customer analysis
• Bad guys are adaptive and persistent • Better protection • Integrate application specific or open-source data sources • Sophisticated out of band analysis Why build automated security?
Automated security Good users Logs Threat analysis Rule updater Web siteRules Exploit Attackers
Automated security – traditional data center Good users Logs Threat analysis Rule updater Web site Exploit Attackers Rules
Automated security – AWS makes it easier Good users Logs Threat analysis Rule updater Web site Exploit Attackers Rules
Other AWS Services we’ll use Amazon CloudFront Amazon CloudWatch AWS CloudFormation Amazon S3 Amazon API Gateway
Types of attacks that need automation HTTP floods Scans & probesIP reputation lists Bots & scrapers Attackers
IP reputation lists Collection of IP addresses with a bad reputation based on sending history • Open proxies or known hosts that send spam/trojans/viruses • Constantly changing/updating • Solution: import open source lists (i.e., Emerging Threats, Spamhause, Tor Node list) and update lists using CloudWatch events
IP reputation lists (cont’d)
IP reputation lists (cont’d) <Example Demo>
HTTP floods Legitimate requests at a level that excessively consume web server resources • Requests targeted at expensive components, i.e., login, product search, etc. • Different than other types of flood attacks because requests follow protocol. • Creates the problem of identifying attack from flash crowd. • Solution: count number of requests in CloudFront access logs and block offenders Attackers
HTTP floods (cont’d)
HTTP floods (cont’d) <Example Demo>
Scans & probes Program that communicates with web application front end to identify potential vulnerabilities • Initiated by you – good; initiated by someone else – bad • Someone (something) with bad intentions • Consume resources by requesting URLs that don’t exist • Solution: count 40x error in access logs and block offenders
Scans & probes (cont’d) <Example Demo>
Bots & scrapers Software application that run automated tasks over the internet. • Good bots (search engines, weather, price comparison) vs bad bots (scrape content, steal data, malware) • Aggressive vs conservative days • Constantly changing/updating • Solution: use robots.txt and “honeypot” file to identify & block offenders
Bots & scrapers (cont’d)
Bots & scrapers (cont’d) <Example Demo>
Customer story Magazine Luiza • One of the largest retail chains in Brazil • More than 700 stores, 24K staff, & 8 distribution centers • e-commerce platform customers use for purchases • Moving “all in” to AWS over the past 2-3 years • Breaking up monolithic app
Customer story (cont’d) Challenges • Balance security with performance & cost • Traditional WAFs didn’t work: 1. Inflated models – lots of rules & based on vm or hardware 2. Couldn’t scale - constrained by bandwidth & CPU 3. Automation meant more hardware • Need to block bad bots (based on IP) without affecting search & shopping experience • Have solution in place by Black Friday
Customer story (cont’d) Previous Architecture
Customer story (cont’d) New Architecture
Customer story (cont’d) Milestones Before Black Friday • September – October: confirmed new architecture and started building. • October – new architecture ready to go • November – started countdown and moved over all production traffic
Customer Story (cont’d) Black Friday • November 26: jumped from 4 – 28.9 million views/day • November 26: all hands on deck for the last infrastructure scale. • 12am: everyone went home, 5 people decided to sleep in our leisure room, I kept following monitoring. • November 27: Traffic started to ramp up around 6AM and stayed high during the entire weekend.
Customer Story (cont’d) Advice to Others • Do analysis in house & start small • Use the right library for the job • Identify what needs protection • Think about the time it takes to process logs • Defense in Depth: simple security rules at perimeter, complex security rules closer to app
Resources Security Blogs • Rate-Based Blacklisting Heitor Vital <heitorc@amazon.com> • IPs Generating Errors Ben Potter <benpo@amazon.com> • Blocking Bots (this month) Vlad Vlasceanu <vladv@amazon.com> • Importing IP Reputation Lists (this month) Lee Atkinson <leeatk@amazon.co.uk> Tutorials Page • aws.amazon.com/waf/preconfiguredrules/
Thank you!

Recommended

Azure governance
Azure governanceAzure governance
Azure governance
girish goudar
 
Design Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIsDesign Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIs
Stormpath
 
Azure governance
Azure governanceAzure governance
Azure governance
Udaiappa Ramachandran
 
AWS Simple Storage Service (s3)
AWS Simple Storage Service (s3) AWS Simple Storage Service (s3)
AWS Simple Storage Service (s3)
zekeLabs Technologies
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
Benjamin Hüpeden
 
Azure purview
Azure purviewAzure purview
Azure purview
Shafqat Turza
 
Multi-cloud strategies and services
Multi-cloud strategies and servicesMulti-cloud strategies and services
Multi-cloud strategies and services
Tatiana Lavrentieva
 
Introduction to Azure Blueprints
Introduction to Azure BlueprintsIntroduction to Azure Blueprints
Introduction to Azure Blueprints
Cheah Eng Soon
 

Recommended

Azure governance
Azure governanceAzure governance
Azure governance
girish goudar
 
Design Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIsDesign Beautiful REST + JSON APIs
Design Beautiful REST + JSON APIs
Stormpath
 
Azure governance
Azure governanceAzure governance
Azure governance
Udaiappa Ramachandran
 
AWS Simple Storage Service (s3)
AWS Simple Storage Service (s3) AWS Simple Storage Service (s3)
AWS Simple Storage Service (s3)
zekeLabs Technologies
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
Benjamin Hüpeden
 
Azure purview
Azure purviewAzure purview
Azure purview
Shafqat Turza
 
Multi-cloud strategies and services
Multi-cloud strategies and servicesMulti-cloud strategies and services
Multi-cloud strategies and services
Tatiana Lavrentieva
 
Introduction to Azure Blueprints
Introduction to Azure BlueprintsIntroduction to Azure Blueprints
Introduction to Azure Blueprints
Cheah Eng Soon
 
A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence Adoption
Amazon Web Services
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900
thisiswali
 
CAF intro Hosters modern
CAF intro Hosters modernCAF intro Hosters modern
CAF intro Hosters modern
ssuserdb85d71
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API Management
Callon Campbell
 
What is Cloud Computing with Amazon Web Services?
What is Cloud Computing with Amazon Web Services?What is Cloud Computing with Amazon Web Services?
What is Cloud Computing with Amazon Web Services?
Amazon Web Services
 
RESTful API - Best Practices
RESTful API - Best PracticesRESTful API - Best Practices
RESTful API - Best Practices
Tricode (part of Dept)
 
AWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAWS Cloud Migration Insights Forum
AWS Cloud Migration Insights Forum
Amazon Web Services
 
10 Best Practices to Accelerate your Cloud Migration
10 Best Practices to Accelerate your Cloud Migration10 Best Practices to Accelerate your Cloud Migration
10 Best Practices to Accelerate your Cloud Migration
Amazon Web Services
 
Platform as a Service (PaaS)
Platform as a Service (PaaS)Platform as a Service (PaaS)
Platform as a Service (PaaS)
Halil Burak Cetinkaya
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
gjuljo
 
Cloud Workload Suitability
Cloud Workload SuitabilityCloud Workload Suitability
Cloud Workload Suitability
Vedanta Barooah
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
Raju Kumar
 
AWS vs Azure - Cloud Services Comparison
AWS vs Azure - Cloud Services ComparisonAWS vs Azure - Cloud Services Comparison
AWS vs Azure - Cloud Services Comparison
Aniket Kanitkar
 
Cloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudCloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the Cloud
Safe Software
 
The RED Method: How to monitoring your microservices.
The RED Method: How to monitoring your microservices.The RED Method: How to monitoring your microservices.
The RED Method: How to monitoring your microservices.
Grafana Labs
 
[Azure Governance] Lesson 2 : Azure Locks
[Azure Governance] Lesson 2 : Azure Locks[Azure Governance] Lesson 2 : Azure Locks
[Azure Governance] Lesson 2 : Azure Locks
☁ Hicham KADIRI ☁
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
Marcos Oikawa
 
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure PolicyGovern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
Microsoft Tech Community
 
Introduction to AWS Glue
Introduction to AWS GlueIntroduction to AWS Glue
Introduction to AWS Glue
Amazon Web Services
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Timothy McAliley
 
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar SeriesSetup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Amazon Web Services
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF
Amazon Web Services
 

More Related Content

What's hot

A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence Adoption
Amazon Web Services
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900
thisiswali
 
CAF intro Hosters modern
CAF intro Hosters modernCAF intro Hosters modern
CAF intro Hosters modern
ssuserdb85d71
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API Management
Callon Campbell
 
What is Cloud Computing with Amazon Web Services?
What is Cloud Computing with Amazon Web Services?What is Cloud Computing with Amazon Web Services?
What is Cloud Computing with Amazon Web Services?
Amazon Web Services
 
RESTful API - Best Practices
RESTful API - Best PracticesRESTful API - Best Practices
RESTful API - Best Practices
Tricode (part of Dept)
 
AWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAWS Cloud Migration Insights Forum
AWS Cloud Migration Insights Forum
Amazon Web Services
 
10 Best Practices to Accelerate your Cloud Migration
10 Best Practices to Accelerate your Cloud Migration10 Best Practices to Accelerate your Cloud Migration
10 Best Practices to Accelerate your Cloud Migration
Amazon Web Services
 
Platform as a Service (PaaS)
Platform as a Service (PaaS)Platform as a Service (PaaS)
Platform as a Service (PaaS)
Halil Burak Cetinkaya
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
gjuljo
 
Cloud Workload Suitability
Cloud Workload SuitabilityCloud Workload Suitability
Cloud Workload Suitability
Vedanta Barooah
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
Raju Kumar
 
AWS vs Azure - Cloud Services Comparison
AWS vs Azure - Cloud Services ComparisonAWS vs Azure - Cloud Services Comparison
AWS vs Azure - Cloud Services Comparison
Aniket Kanitkar
 
Cloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudCloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the Cloud
Safe Software
 
The RED Method: How to monitoring your microservices.
The RED Method: How to monitoring your microservices.The RED Method: How to monitoring your microservices.
The RED Method: How to monitoring your microservices.
Grafana Labs
 
[Azure Governance] Lesson 2 : Azure Locks
[Azure Governance] Lesson 2 : Azure Locks[Azure Governance] Lesson 2 : Azure Locks
[Azure Governance] Lesson 2 : Azure Locks
☁ Hicham KADIRI ☁
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
Marcos Oikawa
 
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure PolicyGovern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
Microsoft Tech Community
 
Introduction to AWS Glue
Introduction to AWS GlueIntroduction to AWS Glue
Introduction to AWS Glue
Amazon Web Services
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Timothy McAliley
 

What's hot (20)

A Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence AdoptionA Roadmap to Cloud Center of Excellence Adoption
A Roadmap to Cloud Center of Excellence Adoption
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900
 
CAF intro Hosters modern
CAF intro Hosters modernCAF intro Hosters modern
CAF intro Hosters modern
 
Exposing services with Azure API Management
Exposing services with Azure API ManagementExposing services with Azure API Management
Exposing services with Azure API Management
 
What is Cloud Computing with Amazon Web Services?
What is Cloud Computing with Amazon Web Services?What is Cloud Computing with Amazon Web Services?
What is Cloud Computing with Amazon Web Services?
 
RESTful API - Best Practices
RESTful API - Best PracticesRESTful API - Best Practices
RESTful API - Best Practices
 
AWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAWS Cloud Migration Insights Forum
AWS Cloud Migration Insights Forum
 
10 Best Practices to Accelerate your Cloud Migration
10 Best Practices to Accelerate your Cloud Migration10 Best Practices to Accelerate your Cloud Migration
10 Best Practices to Accelerate your Cloud Migration
 
Platform as a Service (PaaS)
Platform as a Service (PaaS)Platform as a Service (PaaS)
Platform as a Service (PaaS)
 
Azure Monitoring Overview
Azure Monitoring OverviewAzure Monitoring Overview
Azure Monitoring Overview
 
Cloud Workload Suitability
Cloud Workload SuitabilityCloud Workload Suitability
Cloud Workload Suitability
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
 
AWS vs Azure - Cloud Services Comparison
AWS vs Azure - Cloud Services ComparisonAWS vs Azure - Cloud Services Comparison
AWS vs Azure - Cloud Services Comparison
 
Cloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudCloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the Cloud
 
The RED Method: How to monitoring your microservices.
The RED Method: How to monitoring your microservices.The RED Method: How to monitoring your microservices.
The RED Method: How to monitoring your microservices.
 
[Azure Governance] Lesson 2 : Azure Locks
[Azure Governance] Lesson 2 : Azure Locks[Azure Governance] Lesson 2 : Azure Locks
[Azure Governance] Lesson 2 : Azure Locks
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
 
Govern your Azure environment through Azure Policy
Govern your Azure environment through Azure PolicyGovern your Azure environment through Azure Policy
Govern your Azure environment through Azure Policy
 
Introduction to AWS Glue
Introduction to AWS GlueIntroduction to AWS Glue
Introduction to AWS Glue
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
 

Viewers also liked

Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar SeriesSetup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Amazon Web Services
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF
Amazon Web Services
 
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...
Amazon Web Services
 
AWS WAF introduction and live demo - Pop-up Loft Tel Aviv
AWS WAF introduction and live demo - Pop-up Loft Tel AvivAWS WAF introduction and live demo - Pop-up Loft Tel Aviv
AWS WAF introduction and live demo - Pop-up Loft Tel Aviv
Amazon Web Services
 
AWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAWS WAF - A Web App Firewall
AWS WAF - A Web App Firewall
Amazon Web Services
 
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Amazon Web Services
 
Adicionando segurança web: AWS WAF
Adicionando segurança web: AWS WAFAdicionando segurança web: AWS WAF
Adicionando segurança web: AWS WAF
Amazon Web Services LATAM
 
Sqs and loose coupling
Sqs and loose couplingSqs and loose coupling
Sqs and loose coupling
Sandip Chaudhari
 
Security automation
Security automationSecurity automation
Security automation
Hexis Cyber Solutions
 
Securing the Automation of Application Deployment with UrbanCode Deploy
Securing the Automation of Application Deployment with UrbanCode DeploySecuring the Automation of Application Deployment with UrbanCode Deploy
Securing the Automation of Application Deployment with UrbanCode Deploy
IBM UrbanCode Products
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
Amazon Web Services
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
CloudPassage
 
Protecting Your Data in AWS
Protecting Your Data in AWS Protecting Your Data in AWS
Protecting Your Data in AWS
Amazon Web Services
 
2012: Putting your robots to work: security automation at Twitter
2012: Putting your robots to work: security automation at Twitter2012: Putting your robots to work: security automation at Twitter
2012: Putting your robots to work: security automation at Twitter
Neil Matatall
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
Amazon Web Services
 
Achieving Continuous Monitoring with Security Automation
Achieving Continuous Monitoring with Security AutomationAchieving Continuous Monitoring with Security Automation
Achieving Continuous Monitoring with Security Automation
Tripwire
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
Amazon Web Services
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
Apigee | Google Cloud
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Amazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
Sai Kesavamatham
 

Viewers also liked (20)

Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar SeriesSetup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF
 
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...
 
AWS WAF introduction and live demo - Pop-up Loft Tel Aviv
AWS WAF introduction and live demo - Pop-up Loft Tel AvivAWS WAF introduction and live demo - Pop-up Loft Tel Aviv
AWS WAF introduction and live demo - Pop-up Loft Tel Aviv
 
AWS WAF - A Web App Firewall
AWS WAF - A Web App FirewallAWS WAF - A Web App Firewall
AWS WAF - A Web App Firewall
 
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
 
Adicionando segurança web: AWS WAF
Adicionando segurança web: AWS WAFAdicionando segurança web: AWS WAF
Adicionando segurança web: AWS WAF
 
Sqs and loose coupling
Sqs and loose couplingSqs and loose coupling
Sqs and loose coupling
 
Security automation
Security automationSecurity automation
Security automation
 
Securing the Automation of Application Deployment with UrbanCode Deploy
Securing the Automation of Application Deployment with UrbanCode DeploySecuring the Automation of Application Deployment with UrbanCode Deploy
Securing the Automation of Application Deployment with UrbanCode Deploy
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
 
Protecting Your Data in AWS
Protecting Your Data in AWS Protecting Your Data in AWS
Protecting Your Data in AWS
 
2012: Putting your robots to work: security automation at Twitter
2012: Putting your robots to work: security automation at Twitter2012: Putting your robots to work: security automation at Twitter
2012: Putting your robots to work: security automation at Twitter
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
 
Achieving Continuous Monitoring with Security Automation
Achieving Continuous Monitoring with Security AutomationAchieving Continuous Monitoring with Security Automation
Achieving Continuous Monitoring with Security Automation
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
 
Deep-Dive: Secure API Management
Deep-Dive: Secure API ManagementDeep-Dive: Secure API Management
Deep-Dive: Secure API Management
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
 

Similar to Using AWS WAF and Lambda for Automatic Protection

Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
TriNimbus
 
Meetup callback
Meetup callbackMeetup callback
Meetup callback
Wayne Scarano
 
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
Amazon Web Services
 
Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...
Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...
Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...
Amazon Web Services
 
Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416
Jarrett Plante
 
Building Modern Digital Services on Scalable Private Government Infrastructur...
Building Modern Digital Services on Scalable Private Government Infrastructur...Building Modern Digital Services on Scalable Private Government Infrastructur...
Building Modern Digital Services on Scalable Private Government Infrastructur...
Andrés Colón Pérez
 
A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat Detection
Amazon Web Services
 
Do you lose sleep at night?
Do you lose sleep at night?Do you lose sleep at night?
Do you lose sleep at night?
Nathan Van Gheem
 
Using AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics ServiceUsing AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics Service
Christian Beedgen
 
Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017 Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017
Amazon Web Services
 
A non-technical introduction to Cloud Computing
A non-technical introduction to Cloud ComputingA non-technical introduction to Cloud Computing
A non-technical introduction to Cloud Computing
William Pourmajidi
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Denim Group
 
AWS Meetup - Nordstrom Data Lab and the AWS Cloud
AWS Meetup - Nordstrom Data Lab and the AWS CloudAWS Meetup - Nordstrom Data Lab and the AWS Cloud
AWS Meetup - Nordstrom Data Lab and the AWS Cloud
NordstromDataLab
 
Managing WorkSpaces at Scale | AWS Public Sector Summit 2016
Managing WorkSpaces at Scale | AWS Public Sector Summit 2016Managing WorkSpaces at Scale | AWS Public Sector Summit 2016
Managing WorkSpaces at Scale | AWS Public Sector Summit 2016
Amazon Web Services
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60
PolarSeven Pty Ltd
 
Mini-Training: Netflix Simian Army
Mini-Training: Netflix Simian ArmyMini-Training: Netflix Simian Army
Mini-Training: Netflix Simian Army
Betclic Everest Group Tech Team
 
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
Amazon Web Services
 
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay BhargavOWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
Abhay Bhargav
 
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery Don’t Sacrifice Performance for Security: Best Practices for Content Delivery
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery
Amazon Web Services
 
Gluecon 2013 - NetflixOSS Cloud Native Tutorial Introduction
Gluecon 2013 - NetflixOSS Cloud Native Tutorial IntroductionGluecon 2013 - NetflixOSS Cloud Native Tutorial Introduction
Gluecon 2013 - NetflixOSS Cloud Native Tutorial Introduction
Adrian Cockcroft
 

Similar to Using AWS WAF and Lambda for Automatic Protection (20)

Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Meetup callback
Meetup callbackMeetup callback
Meetup callback
 
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...
 
Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...
Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...
Scaling to millions of users with Amazon CloudFront - April 2017 AWS Online T...
 
Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416Hack proof your aws cloud cloudcheckr_040416
Hack proof your aws cloud cloudcheckr_040416
 
Building Modern Digital Services on Scalable Private Government Infrastructur...
Building Modern Digital Services on Scalable Private Government Infrastructur...Building Modern Digital Services on Scalable Private Government Infrastructur...
Building Modern Digital Services on Scalable Private Government Infrastructur...
 
A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat Detection
 
Do you lose sleep at night?
Do you lose sleep at night?Do you lose sleep at night?
Do you lose sleep at night?
 
Using AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics ServiceUsing AWS To Build A Scalable Machine Data Analytics Service
Using AWS To Build A Scalable Machine Data Analytics Service
 
Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017 Migration Recipes for Success - AWS Summit Cape Town 2017
Migration Recipes for Success - AWS Summit Cape Town 2017
 
A non-technical introduction to Cloud Computing
A non-technical introduction to Cloud ComputingA non-technical introduction to Cloud Computing
A non-technical introduction to Cloud Computing
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
AWS Meetup - Nordstrom Data Lab and the AWS Cloud
AWS Meetup - Nordstrom Data Lab and the AWS CloudAWS Meetup - Nordstrom Data Lab and the AWS Cloud
AWS Meetup - Nordstrom Data Lab and the AWS Cloud
 
Managing WorkSpaces at Scale | AWS Public Sector Summit 2016
Managing WorkSpaces at Scale | AWS Public Sector Summit 2016Managing WorkSpaces at Scale | AWS Public Sector Summit 2016
Managing WorkSpaces at Scale | AWS Public Sector Summit 2016
 
AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60AWS User Group Sydney - Meetup #60
AWS User Group Sydney - Meetup #60
 
Mini-Training: Netflix Simian Army
Mini-Training: Netflix Simian ArmyMini-Training: Netflix Simian Army
Mini-Training: Netflix Simian Army
 
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
 
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay BhargavOWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
OWASP AppSec EU - SecDevOps, a view from the trenches - Abhay Bhargav
 
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery Don’t Sacrifice Performance for Security: Best Practices for Content Delivery
Don’t Sacrifice Performance for Security: Best Practices for Content Delivery
 
Gluecon 2013 - NetflixOSS Cloud Native Tutorial Introduction
Gluecon 2013 - NetflixOSS Cloud Native Tutorial IntroductionGluecon 2013 - NetflixOSS Cloud Native Tutorial Introduction
Gluecon 2013 - NetflixOSS Cloud Native Tutorial Introduction
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
sonjaschweigert1
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 

Recently uploaded (20)

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 

Using AWS WAF and Lambda for Automatic Protection

  • 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Nathan Dye AWS WAF Software Development Manager Gleicon Moraes, Magazine Luiza Infrastructure Manager March 2, 2016 Using AWS WAF & Lambda for Automatic Protection
  • 2. Agenda WAF & Lambda Intro Security Automation Scripts & Templates Customer story
  • 3. Web site without AWS WAF Good users Attackers Web site Exploit
  • 4. Web site with AWS WAF Good users Web site Exploit Attackers
  • 5. What is AWS WAF? Web application firewall (WAF) that gives you control over who (or what) can access your web applications. • Full-feature API • Customizable security • Integrated with Amazon CloudFront - protection at the edge • Use cases: protection against exploits, abuse, and application DDoS
  • 6. What is AWS Lambda? Lambda automatically runs your code without requiring you to provision servers. • “Server-less” scripting; event driven actions • Integrated with other AWS services • Use cases: scheduled events, provisioning services, and customer analysis
  • 7. • Bad guys are adaptive and persistent • Better protection • Integrate application specific or open-source data sources • Sophisticated out of band analysis Why build automated security?
  • 8. Automated security Good users Logs Threat analysis Rule updater Web siteRules Exploit Attackers
  • 9. Automated security – traditional data center Good users Logs Threat analysis Rule updater Web site Exploit Attackers Rules
  • 10. Automated security – AWS makes it easier Good users Logs Threat analysis Rule updater Web site Exploit Attackers Rules
  • 11. Other AWS Services we’ll use Amazon CloudFront Amazon CloudWatch AWS CloudFormation Amazon S3 Amazon API Gateway
  • 12. Types of attacks that need automation HTTP floods Scans & probesIP reputation lists Bots & scrapers Attackers
  • 13. IP reputation lists Collection of IP addresses with a bad reputation based on sending history • Open proxies or known hosts that send spam/trojans/viruses • Constantly changing/updating • Solution: import open source lists (i.e., Emerging Threats, Spamhause, Tor Node list) and update lists using CloudWatch events
  • 14. IP reputation lists (cont’d)
  • 15. IP reputation lists (cont’d) <Example Demo>
  • 16. HTTP floods Legitimate requests at a level that excessively consume web server resources • Requests targeted at expensive components, i.e., login, product search, etc. • Different than other types of flood attacks because requests follow protocol. • Creates the problem of identifying attack from flash crowd. • Solution: count number of requests in CloudFront access logs and block offenders Attackers
  • 19. Scans & probes Program that communicates with web application front end to identify potential vulnerabilities • Initiated by you – good; initiated by someone else – bad • Someone (something) with bad intentions • Consume resources by requesting URLs that don’t exist • Solution: count 40x error in access logs and block offenders
  • 20. Scans & probes (cont’d) <Example Demo>
  • 21. Bots & scrapers Software application that run automated tasks over the internet. • Good bots (search engines, weather, price comparison) vs bad bots (scrape content, steal data, malware) • Aggressive vs conservative days • Constantly changing/updating • Solution: use robots.txt and “honeypot” file to identify & block offenders
  • 22. Bots & scrapers (cont’d)
  • 23. Bots & scrapers (cont’d) <Example Demo>
  • 24. Customer story Magazine Luiza • One of the largest retail chains in Brazil • More than 700 stores, 24K staff, & 8 distribution centers • e-commerce platform customers use for purchases • Moving “all in” to AWS over the past 2-3 years • Breaking up monolithic app
  • 25. Customer story (cont’d) Challenges • Balance security with performance & cost • Traditional WAFs didn’t work: 1. Inflated models – lots of rules & based on vm or hardware 2. Couldn’t scale - constrained by bandwidth & CPU 3. Automation meant more hardware • Need to block bad bots (based on IP) without affecting search & shopping experience • Have solution in place by Black Friday
  • 28. Customer story (cont’d) Milestones Before Black Friday • September – October: confirmed new architecture and started building. • October – new architecture ready to go • November – started countdown and moved over all production traffic
  • 29. Customer Story (cont’d) Black Friday • November 26: jumped from 4 – 28.9 million views/day • November 26: all hands on deck for the last infrastructure scale. • 12am: everyone went home, 5 people decided to sleep in our leisure room, I kept following monitoring. • November 27: Traffic started to ramp up around 6AM and stayed high during the entire weekend.
  • 30. Customer Story (cont’d) Advice to Others • Do analysis in house & start small • Use the right library for the job • Identify what needs protection • Think about the time it takes to process logs • Defense in Depth: simple security rules at perimeter, complex security rules closer to app
  • 31. Resources Security Blogs • Rate-Based Blacklisting Heitor Vital <heitorc@amazon.com> • IPs Generating Errors Ben Potter <benpo@amazon.com> • Blocking Bots (this month) Vlad Vlasceanu <vladv@amazon.com> • Importing IP Reputation Lists (this month) Lee Atkinson <leeatk@amazon.co.uk> Tutorials Page • aws.amazon.com/waf/preconfiguredrules/