AWS managed rules

Includes AWS WAF managed rules where uses don’t have to create custom rules, provides protection against exploitation of a wide range of common application vulnerabilities or other unwanted traffic.

Manual IP lists

Creates two specific AWS WAF rules that allow you to manually insert IP addresses that you want to block or allow. You can also configure IP retention and remove expired IP addresses from these IP lists.

Protection Against Common Attacks

protect against common SQL injection or XSS patterns in the URI, query string, or body of a request. Helps protect against attacks that consist of a large number of requests from a particular IP address, such as a web-layer distributed denial-of-service (DDoS) attacks or a brute-force login attempt.

Active Scanning

This component parses application access logs searching for suspicious behavior, such as an abnormal amount of errors generated by an origin. It then blocks those suspicious source IP addresses for a customer-defined period of time.

Bad Bot Protection

Automatically sets up a honeypot, which is a security mechanism intended to lure and deflect an attempted attack.


  • Leveraging Existing Solution or Build Your Own WAF Rule Set

    Ultilize existing Security Automations for AWS WAF solution or build your own WAF rule set.

  • Cross-site Scripting (XSS) Attacks Identification and Blocking

    The solution configures two native AWS WAF rules that are designed to protect against common SQL injection or XSS patterns in the URI, query string, or body of a request.

  • Rapid WAF Rules Configuration

    The AWS CloudFormation template automatically launches and configures the AWS WAF settings and protective features that you choose to include during initial deployment.

  • Log Analysis

    When activated, AWS CloudFormation provisions an Amazon Athena query and a scheduled AWS Lambda function responsible for orchestrating Athena executing, processing result output, and updating AWS WAF.