Cloudbric Managed Rules for AWS WAF Release Notes

Cloudbric Managed Rule Set update information for AWS WAF sold in AWS Marketplace.
To learn more about or subscribe to the Cloudbric Managed Rule Set, click each of the product buttons below.

Update 2022-07-07

Products: OWASP TOP 10 Rule Set
Rule Name: Cloudbric_Log4j, Cloudbric_Unix_ShellScript, Cloudbric_StealthCommanding_Execute, Cloudbric_Invalid_URL
Note:

labal-FEATUREAdd new rules for ‘Log4 vulnerabilities’ (CVE-2021-44228, CVE-2021-45046, CVE-202145105, CVE-2021-4104) and ‘Cloubric_Log4j’,’Cloudbric_Unix_ShellScript’ to prevent attacks through shell script commands.

labal-CHANCEDModify ‘Cloudbric_StealthCommanding_Execute’ Rule to improve false positives

labal-DEPRECATEDDelete the existing ‘Cloudbric_Invalid_URL’ Rule to improve false positives

labal-WARNING‘Cloudbric_Unix_ShellScript’ and Cloudbric_Log4j’ Rule can affect  WAF operation depending on the user environment. It is recommended to apply after testing with Count Action.

Update 2022-06-10

Products: Malicious IP Reputation Rule Set
Rule Name: Cloudbric_MaliciousIP_List
Note:

labal-CHANCEDIP Reputation List improvement through Threat DB advancement

Update 2022-04-28

Products: OWASP Top 10 Rule Set, Malicious IP Reputation Rule Set
Rule Name: ALL
Note: Due to the launch of new AWS Regions on April 28, 2022, expanding the scope of service provision.

labal-FEATURECreate Rule Set in Jakarta, AWS New Region ‘CGK(ap-southeast-3)’

Update 2021-11-12

Products: OWASP Top 10 Rule Set, Malicious IP Reputation Rule Set
Rule Name: ALL
Note: Initial Product Release

Release Notes Content List

Update: Updated Date
Products: Updated Product Name
Rule Name: Updated Rule Name
Note: Updated Content

labal-FEATURE Add new rule and expand region

labal-CHANCEDModify existing rules

labal-FIXEDErrors and bug fixes

labal-DEPRECATEDDelete the provided Rule

labal-WARNINGPrecautions

Learn more about Cloudbric WMS