The main function of the AWS WAF service is to provide protection for your web applications from malicious attacks from a wide variety of attack patterns, many of which correspond to the OWASP top 10. AWS WAF is used in conjunction with Amazon CloudFront and its distributions, Application Load Balancer, or API Gateway to analyze requests over HTTP or HTTPS to help distinguish between harmful and legitimate requests to your applications and site. AWS WAF will then block and restrict access that is detected as forbidden.
I just mentioned OWASP in the previous paragraph, and for those who are unfamiliar with what or who that is, let me briefly explain.
As we know, there are a huge amount of security vulnerabilities embedded in applications of all sorts, and it’s important that we identify and assess the risks of potential exposure to allow us to resolve these weak points as soon as they are identified. The Open Web Applications Security Project (OWASP...