Last November at F5’s booth at AWS re:Invent, we polled IT professionals on whether their biggest app challenge results from security, skills deficiency, or cloud migration complexity. Unsurprisingly, the leading concern by far was security – after all, web application attacks were the #1 source of data breaches in 2017, according to Verizon.
Now, not all applications are the same, and therefore the security requirements differ depending on a number of factors, including business purpose, deployment location, sensitivity or importance of user data, and regulatory requirements. And for certain applications, the advanced functionality and protection offered by enterprise-grade web application firewalls (such as F5’s BIG-IP ASM) may not be required, at least not initially, and a more basic firewall like a cloud provider’s native WAF will suffice.
For those builders who have, or are thinking about implementing, an AWS WAF to front their applications, we have some exciting news. AWS has just announced the availability of new F5 managed security rules products on AWS WAF. These products can be used in conjunction with the native AWS WAF to bolster the overall security posture of your applications. F5 has developed 3 separate rulesets – each providing unique protection against varying threat types. These are:
- Bot Protection – Prevents malicious bot activities such as vulnerability scanners, web scrapers, DDoS tools, and forum spam tools.
- CVE Vulnerabilities – Protects from common vulnerabilities and exposures (CVE) targeting systems such as Apache, Bash, Java, MySQL, Ruby On Rails, and WordPress.
- Web Exploits – Guards against attacks that are part of OWASP Top 10 threats, including cross-site scripting, SQL injection, path traversal, and predictable resource.
All rules are written, managed, and updated regularly by F5 security experts, so you never need worry about manually updating versions to protect against emerging vulnerabilities. In addition, you can add these advanced WAF capabilities to your native AWS WAF in a few clicks, apply them to specific applications, and only pay for what you use on a pay-as-you-go utility model without contracts or other commitments.
This integrated solution gives builders an easy way to take advantage of F5’s industry-leading WAF for their AWS applications.
Additional Resources
- Key Considerations In Choosing a WAF
- F5 BIG-IP Application Security Manager (ASM) Product Page
- Customer Case Study – F5 WAF on AWS
About the Author
Related Blog Posts
F5 ADSP Partner Program streamlines adoption of F5 platform
The new F5 ADSP Partner Program creates a dynamic ecosystem that drives growth and success for our partners and customers.
Accelerate Kubernetes and AI workloads with F5 BIG-IP and AWS EKS
The F5 BIG-IP Next for Kubernetes software will soon be available in AWS Marketplace to accelerate managed Kubernetes performance on AWS EKS.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.