Cloudbric Rule Set for AWS WAF Release Notes

Cloudbric Managed Rule Groups update information for AWS WAF that you can subscribe through AWS Marketplace.
To learn more about or subscribe to the Cloudbric Rule Set, click each of the product buttons below.

Update 2023-06-02

Products: Tor IP Detection Rule Set
Rule Name: ALL
Note: New Rule Set ‘Tor IP Detection Rule Set’ release

labal-FEATURE

Launching a Rule Set based on Tor IP addresses, which can detect and block users accessing through the Tor Browser

label-INFORMATION

Tor Browser is a web browser that provides anonymous network services. While it offers strong anonymity to evade censorship and surveillance, it can also be misused for illegal activities.

Update 2023-05-09

Products: OWASP Top 10 Rule Set
Rule Name: ALL
Note: Modified to automatically grant attribute value ‘Label’ to HTTP Request that matches rules in the OWASP Top 10 Rule Set

label-CHANCED

Assign a Label to each Rule in the OWASP Top 10 Rule Set
– Label name structure : awswaf:managed:cloudbric:owasp:[Rule Name]
– Label name example : ‘awswaf:managed:cloudbric:owasp:XSS_1
(When matched to ‘Cloudbric_XXS_1‘ Rule of OWASP Top 10 Rule Set)

label-INFORMATION

In the event of a false positive, it is possible to create a label-based custom override rule to narrow the range of the override.

Update 2023-03-09

Products: OWASP Top 10 Rule Set, Malicious IP Reputation Rule Set
Rule Name: ALL
Note: Due to the launch of new AWS Regions on March 09, 2023, expanding the scope of service provision.

labal-FEATURE

Create Rule Set in AWS New Regions Zurich(eu-central-2), Hyderabad(ap-south-2), Spain(eu-south-2),  and Melbourne(ap-southeast-4)

Update 2022-12-23

Products: OWASP Top 10 Rule Set, Malicious IP Reputation Rule Set
Rule Name: ALL
Note: Due to the launch of new AWS Regions on December 15, 2022, expanding the scope of service provision.

labal-FEATURE

Create Rule Set in UAE (United Arab Emirates), AWS New Region ‘UAE(me-central-1)’

Update 2022-11-11

Products: OWASP Top 10 Rule Set
Rule Name: Cloudbric_RequestMethodFiltering
Note:

labal-CHANCED

Modify ‘Cloudbric_RequestMethodFiltering’ Rule for use of Rest(ful) API (PUT, DELETE method allowed)

labal-WARNING

Does not affect WAF operation, PUT/DELETE/HTTP methods will not be blocked by WAF as of Nov 11th, 2022.

Update 2022-07-07

Products: OWASP TOP 10 Rule Set
Rule Name: Cloudbric_Log4j, Cloudbric_Unix_ShellScript, Cloudbric_StealthCommanding_Execute, Cloudbric_Invalid_URL
Note:

labal-FEATURE

Add new rules for ‘Log4 vulnerabilities’ (CVE-2021-44228, CVE-2021-45046, CVE-202145105, CVE-2021-4104) and ‘Cloubric_Log4j’,’Cloudbric_Unix_ShellScript’ to prevent attacks through shell script commands.

labal-CHANCED

Modify ‘Cloudbric_StealthCommanding_Execute’ Rule to improve false positives

labal-DEPRECATED

Delete the existing ‘Cloudbric_Invalid_URL’ Rule to improve false positives.

labal-WARNING

‘Cloudbric_Unix_ShellScript’ and Cloudbric_Log4j’ Rule can affect WAF operation depending on the user environment. It is recommended to apply after testing with Count Action.

Update 2022-06-10

Products: Malicious IP Reputation Rule Set
Rule Name: Cloudbric_MaliciousIP_List
Note:

labal-CHANCED

IP Reputation List improvement through Threat DB advancement

Update 2022-04-28

Products: OWASP Top 10 Rule Set, Malicious IP Reputation Rule Set
Rule Name: ALL
Note: Due to the launch of new AWS Regions on April 28, 2022, expanding the scope of service provision.

labal-FEATURE

Create Rule Set in Jakarta, AWS New Region ‘CGK(ap-southeast-3)’

Update 2021-11-12

Products: OWASP Top 10 Rule Set, Malicious IP Reputation Rule Set
Rule Name: ALL
Note: Initial Product Release

Release Notes Content List

Update: Updated Date
Products: Updated Product Name
Rule Name: Updated Rule Name
Note: Updated Content

labal-FEATURE

Add new rule and expand region

labal-CHANCED

Modify existing rules

labal-FIXED

Errors and bug fixes

labal-DEPRECATED

Delete the provided Rule

labal-WARNING

Precautions

Additional information

Learn more about Cloudbric WMS