![]() AWS WAF must be configured along with Application Load Balancer, CloudFront or API Gateway. In this article we will explore how to use and configure AWS WAF to protect against common web attacks like SQL Injection, XSS (Cross Site Scripting) etc. So, to stress it again it’s not just enough to architect and design an application, but it’s equally important to secure an application.Ĭapital One used AWS WAF (Web Application Firewall) to protect the Web Application, but it was not configured properly because of which the hacker was able to get the access to the data in S3 and download it. We can learn in detail about this in the AWS Course. Later it was found that the data from 30 other organizations was also downloaded from AWS. An ex-AWS employee was able to exploit this vulnerability and download reams of customer data from S3. If not properly secured, the application data might get into the wrong hands as in the case of the recent Capital One incident.Ĭapital One hosted a Web Application on EC2 and it was not secured properly. While creating these applications, it’s equally important to secure the application and protect the data. ![]() Moving on with this article on ‘How To Secure Web Application With AWS WAF?’ Getting Started With Some FundamentalsĪWS provides services like EC2, ELB (Elastic Load Balancer), S3 (Simple Storage Service), EBS (Elastic Block Storage) to create useful and fancy applications quickly and with less CAPEX (CAPital EXpenditure).
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |