Console
|
WAAP
Public Cloud Security
ZTNA
Security Apps
CTI
Cloudbric Managed Rules
Cloudbric Managed Rules for AWS WAF, high-performance security rules validated by AWS.
Protect your web application with managed rules selected as part of the AWS WAF Ready Program and validated by AWS through a comprehensive technical evaluation.
Cloudbric Managed Rules
Penta Security is not only one of the seven Independent Software Vendors (ISV) worldwide, offering managed rules for AWS WAF, but also the only ISV to enable the Web Application and API Protection (WAAP) model by integrating managed rules with AWS WAF.
What is AWS Managed Rules for AWS WAF?
Managed Rules for AWS Web Application Firewall (WAF) are a set of rules written, curated, and managed by AWS Marketplace Sellers, available for subscription on the AWS Marketplace to provide immediate security for web applications or APIs against web threats.
Cloudbric Managed Rules
Why choose Cloudbric Managed Rules?
Expertise in Security
· Developed based on the core technologies of Penta Security’s Security experts with over 20 years of experience in the field.
· Latest threat intelligence collected and analyzed by Penta Security’s own Cyber Threat Intelligence (CTI), Cloudbric Labs.
Continuous Security Management
· Continuous updates and management provided by the security experts to respond to the latest security threats and maintain a stable security level.
· Minimized burden for the users.
OFFICIAL PARTNER OF AWS
· Official launch partner for AWS WAF Ready, Provider partner of AWS Activate, and AWS Public Sector Partner.
· All Cloudbric products provided in AWS Marketplace have been validated by AWS through the Foundational Technical Review.
Cloudbric Managed Rules
Cloudbric Managed Rules Products
OWASP Top 10 Protection
Provides security against threats from OWASP Top 10 Web Application Security Risks, such as SQL Injection and Cross-Site Scripting (XSS) utilizing the logic-based detection engine recognized by world-renowned research organizations such as Gartner and Frost & Sullivan.
Malicious IP Protection
Provides security against malicious IP traffic based on the Malicious IP Reputation list created using ThreatDB, which is collected and analyzed from 750,000 websites worldwide by Cloudbric Labs, Penta Security’s own Cyber Threat Intelligence (CTI).
API Protection
Provides security against the OWASP API Security Top 10 Risk by establishing a defense system against known API attacks and providing validation and protection for XML, JSON, and YAML data.
Bot Protection
Provides security against malicious bots, such as scrapers, scanners, and crawlers, which negatively impact and damage websites and web applications through repetitive behavior, based on the malicious bot patterns collected and analyzed by Penta Security.
Tor IP Protection
Provides security against Anonymous IP traffic, specifically originating from the Tor network, which can be difficult to detect using an ordinary IP Risk Index, utilizing the Tor IP list managed and updated by Cloudbric Labs.
Anonymous IP Protection
Provides integrated security against Anonymous IPs originating from various sources including VPNs, Data Centers, DNS Proxies, Tor Networks, Relays, and P2P Networks, responding to threats such as geo-location frauds, DDoS, and license and copyright infringement.
Protocol Validity Protection
Provides security against web requests that break HTTP standards. It checks the action being asked for, the labels that describe the request, and how the data is packaged. Anything out of place is stopped before reaching your site.
Want to learn more about Cloudbric Managed Rules for AWS WAF?
Stay up-to-date with our Release Note
Cloudbric Managed Rules
Quick and Easy Implementation
Subscribing to Cloudbric Managed Rules from AWS Marketplace enables you to easily and quickly enhance the security of web applications and APIs without the need to define complex AWS WAF security rules yourself.
Go to AWS Marketplace
Search and Subscribe to ‘Cloudbric Managed Rules’
Associate ‘Cloudbric Managed Rules’ with AWS WAF Web ACL
Cloudbric Managed Rules
FAQs
Frequently Asked Questions
How can I start using Cloudbric Managed Rules for AWS WAF?
You can easily adopt it through AWS Marketplace. Search for ‘Cloudbric Managed Rules’ on AWS Marketplace and subscribe.
Then, when creating or modifying security policies in the AWS WAF console, select ‘AWS Marketplace Rule Group’ to apply it immediately.
Can I see the detailed contents of Cloudbric Managed Rules for AWS WAF?
Rule groups provided through AWS Marketplace are classified as ISV (Independent Software Vendor) intellectual property under AWS policy, so detailed rule contents like regex patterns and IP lists are not disclosed. If rule modifications are needed due to false positives or false negatives, we recommend adopting Cloudbric WMS (WAF Managed Service) for AWS WAF.
What criteria are used to create the IP-based rules in Cloudbric Managed Rules for AWS WAF?
They are continuously updated based on malicious IP data collected and analyzed by Penta Security’s proprietary CTI platform Cloudbric Labs and our own scoring system. The X-Forwarded-For (XFF) header inspection feature checks not only Source IP but also Origin IP.