AWS WAF

•

6 likes•6,930 views

This document discusses securing web applications with AWS WAF. It begins by explaining why a web application firewall (WAF) is needed to protect against bad users and application vulnerabilities while allowing good users. It then defines what AWS WAF is, noting that it allows users to block or allow web requests and monitor security events. AWS WAF provides APIs and a console for easy configuration of rules to protect websites and content while integrating with development workflows. The document outlines the steps to set up AWS WAF, including creating a web ACL, adding rules and match conditions, and assigning it to CloudFront. It notes the pay-as-you-go pricing model for AWS WAF.

Technology

© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Ronnen Slasky – AWS Solutions Architect
Ran Tessler – AWS Solutions Architect
November 18th 2015
Securing Web Applications
with AWS WAF

Why WAF?
Good Users
Bad Guys
Web Server Database

Why WAF?
Application Vulnerabilities
Good Users
Bad Guys
Web Server Database
Exploit
Code

Why WAF?
Abuse
Good Users
Bad Guys
Web Server Database

Why WAF?
Application DDoS
Good Users
Bad Guys
Web Server Database

What is WAF?
Application DDoS
Good Users
Bad Guys
Web Server Database
WAF

What is WAF?
Application DDoS
Good Users
Bad Guys
Web Server Database
WAF
WAF Rules:
1: BLOCK Request from Bad Guys
2: ALLOW Requests from Good Guys

Traditional WAF
Setup is complex and slow

Traditional WAF
Rules with too many false positives

Block or Allow Web Requests Monitor Security Events
AWS WAF

New API & Console Protect Websites & Content
AWS WAF
Amazon CloudFront

Benefits of AWS WAF
Practical Security
Made Easy
Customizable &
Flexible
Integrate with
Development

Setting Up AWS WAF
1. Create a
web ACL
2. Add a Rule 3. Add Match
Conditions
4. Assign to
CloudFront

Setting Up AWS WAF
1. Create a
web ACL
1. BLOCK requests
1. BLOCK requests
1. BLOCK requests
2. COUNT requests
DEFAULT: ALLOW
2. Add a Rule
originating from …
that have …
AND are …
that are
AND are NOT from …
that have
3. Add Match
Conditions
Blacklisted IPs
SQLi in query String
Login Requests
Admin Requests
IL Office IPs
SQLi in query String
4. Assign to
CloudFront
for any request to
d123.cloudfront.net

Pay for what you use
• $5 per WebACL $1 per Rule per month
• Reuse across with no additional charge
• Use more rules for more visibility
• $0.60 per million requests
• Typical Monthly Bill:
• Test Environment (1 Rule): $6 per month
• Small Site (6 rules 58M views): $46 per month
• Medium Site (6 rules, 260M views): $167 per month

What's hot

AWS 101

Amazon Web Services

AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry. Speaker: Brian Wagner, Security Consultant, Professional Services, AWS

DDoS Mitigation Techniques and AWS Shield

Amazon Web Services

Security Architectures on AWS

Amazon Web Services

AWS Security Best Practices

Amazon Web Services

Identity and Access Management (IAM) is first step towards AWS cloud adoption because in the cloud, first you grant access and only then can you provision infrastructure (the opposite approach of on-premises). In this session, you will learn how to define fine-grained access to AWS resources via users, roles, and groups; design privileged user and multi-factor authentication mechanisms; and operate IAM at scale. Level: 100 Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS

Identity and Access Management: The First Step in AWS Security

Amazon Web Services

Introduction to AWS WAF and AWS Firewall Manager

Akesh Patil

You may already know that you can use Amazon CloudWatch to view graphs of your AWS resources like Amazon Elastic Compute Cloud instances or Amazon Simple Storage Service. But, did you know that you can monitor your on-premises servers with Amazon CloudWatch Logs? Or, that you can integrate CloudWatch Logs with Elasticsearch for powerful visualization and analysis? This session will offer a tour of the latest monitoring and automation capabilities that we’ve added, how you can get even more done with Amazon CloudWatch.

(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch

Amazon Web Services

Whether you are a traditional enterprise exploring migrating workloads to the cloud or are already “all-in” on AWS, performing common tasks of inventory collection, OS patch management, and image creation at scale is increasingly complicated in hybrid infrastructure environments. Amazon EC2 Systems Manager allows you to perform automated configuration and ongoing management of your hybrid environment systems at scale. This session provides an overview of key EC2 Systems Manager capabilities that help you define and track system configurations, prevent drift, and maintain software compliance of your EC2 and on-premises configurations. We will also discuss common use cases for EC2 Systems Manager and give you a demonstration of a hybrid-cloud management scenario.

Deep Dive on Amazon EC2 Systems Manager

Amazon Web Services

Introduction to AWS Organizations

Amazon Web Services

Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. It monitors for activity such as unusual API calls or potentially unauthorized deployments that indicate a possible account compromise. Enabled with a few clicks in the AWS Management Console, Amazon GuardDuty can immediately begin analyzing billions of events across your AWS accounts for signs of risk. It does not require you to deploy and maintain software or security infrastructure, meaning it can be enabled quickly with no risk of negatively impacting existing application workloads.

Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...

Amazon Web Services

The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that “Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?” That’s the level of granularity you can choose to implement if you wish. In this session, we’ll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.

Intro to AWS: Security

Amazon Web Services

AWS Application Migration Service-Hands-On Guide

Manas Mondal

AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard. AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.

Using AWS Control Tower to govern multi-account AWS environments at scale - G...

Amazon Web Services

AWS IAM and security

Erik Paulsson

Introduction to AWS Security

Amazon Web Services

In this session, AWS will present an overview of the AWS Landing Zone – an automated solution for setting up a robust and flexible AWS environment. Customers can expect to learn how AWS works with customers to accelerate their journey to AWS confidently and securely and how the AWS Landing Zone can be customized to meet each organization’s specific needs. Presenter: Sadegh Nadimi, Senior Consultant, Global Migrations, AWS

Setting Up a Landing Zone

Amazon Web Services

*****AWS Training: https://www.edureka.co/cloudcomputing ***** This Edureka Tutorial on "Amazon CloudWatch Tutorial” will help you understand how to monitor your AWS resources and applications using Amazon CloudWatch a versatile monitoring service offered by Amazon. Following are the list of topics covered in this session: 1. What is Amazon CloudWatch? 2. Why do we need Amazon CloudWatch Events? 3. What does Amazon CloudWatch Logs do? 4. Hands-on

Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...

Edureka!

Introduction to AWS Security

Amazon Web Services

Elastic Load Balancing Deep Dive - AWS Online Tech Talk

Amazon Web Services

Application Migrations

Amazon Web Services

What's hot (20)

AWS 101

DDoS Mitigation Techniques and AWS Shield

Security Architectures on AWS

AWS Security Best Practices

Identity and Access Management: The First Step in AWS Security

Introduction to AWS WAF and AWS Firewall Manager

(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatch

Deep Dive on Amazon EC2 Systems Manager

Introduction to AWS Organizations

Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...

Intro to AWS: Security

AWS Application Migration Service-Hands-On Guide

Using AWS Control Tower to govern multi-account AWS environments at scale - G...

AWS IAM and security

Introduction to AWS Security

Setting Up a Landing Zone

Amazon CloudWatch Tutorial | AWS Certification | Cloud Monitoring Tools | AWS...

Introduction to AWS Security

Elastic Load Balancing Deep Dive - AWS Online Tech Talk

Application Migrations

Viewers also liked

How to accelerate your online end user experience using Amazon CloudFront? Today end users expect to be able to view media content anytime, anywhere and on any device. Amazon CloudFront is a web service for content delivery used to distribute content to end users around the globe with low latency, high data transfer speeds in a cost effective manner. Amazon CloudFront can be used to deliver your entire website, including dynamic, static, streaming, and interactive content using a global network of edge locations. Requests for your content are automatically routed to the nearest edge location, so content is delivered with the best possible performance. Join this webinar to learn about Amazon CloudFront’s unique Content Delivery Network (CDN), how it works and the benefits it provides. We will walk you through common real life challenges our customers face and how AWS builds a solution that combines performance, pricing and a really simple set up. Attend this session to find out about: • Common business challenges and how Amazon CloudFront can resolve them • Workloads that can benefit from Amazon CloudFront such as software downloads (large files, gaming), video streaming (live and VOD) and whole site delivery (web acceleration) • Enhancing brand value, monetizing content and implementing security options e.g. DRM and DDOS • Other AWS services (transcode, storage, compute, DNS) to architect with Amazon CloudFront to effectively drive costs down and simplify workflows • Leveraging the AWS Partner Network to architect additional elements to your workflow like DRM and Reporting

AWS 201 - A Walk through the AWS Cloud: Introduction to Amazon CloudFront

Amazon Web Services

AWS WAF introduction and live demo - Pop-up Loft Tel Aviv

Amazon Web Services

Riga dev day: Lambda architecture at AWS

Antons Kranga

Introduction to Amazon CloudFront - Pop-up Loft Tel Aviv

Amazon Web Services

Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale

Amazon Web Services

Security must be at the forefront for any online business. At AWS, security is priority number one. Stephen Schmidt, Vice President and Chief Information Security Officer, shares his insights into cloud security and how AWS meets customers' demanding security and compliance requirements—and in many cases helps them improve their security posture. Stephen, with his background with the FBI and his work with AWS customers in the government, space exploration, research, and financial services organizations, shares an industry perspective that's unique and invaluable for today's IT decision makers.

(SEC201) How Should We All Think About Security?

Amazon Web Services

End users expect to be able to view media content anytime, anywhere, and on any device. Amazon CloudFront is a web service for content delivery used to distribute content to end users around the globe with low latency, high data transfer speeds, and no commitments. In this session, learn what a content delivery network (CDN) such as Amazon CloudFront is and how it works, the benefits it provides, common challenges and needs, performance, pricing, and examples of how customers are using CloudFront.

AWS Webinar - Intro to Amazon Cloudfront 13-09-17

Amazon Web Services

In this workshop, we help you understand how you can help protect your web applications from threats cost effectively by using AWS WAF and Amazon CloudFront. As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated and automated, having an effective web request filtering solution becomes key to keeping your users' data safe. We will cover common attack vectors and what you can do to mitigate them. You will learn how to leverage AWS WAF in conjunction with Amazon CloudFront to detect unwanted traffic and block it using simple configurations and automations. Prerequisites: Participants should have an AWS account established and available for use during the workshop. Please bring your own laptop.

AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...

Amazon Web Services

Microservices are an architectural approach to decompose complex applications into smaller, independent services. AWS customers benefit from increased agility, simplified scalability, resiliency, and faster deployments by migrating from monoliths to microservices based architecture. In this session, we will provide an overview of the benefits and challenges of microservices, and share best practices for architecting and deploying microservices on AWS. We will dive into different approaches you can take to run microservices applications at scale and explore how services like Amazon ECS, AWS Lambda, and AWS X-Ray make it simpler to design and maintain these applications. Learning Objectives: 1. Understand the fundamentals of the microservices architectural approach 2. Learn best practices for designing microservices on AWS 3. Learn the basics of Amazon EC2 Container Service, AWS Lambda, and AWS X-Ray

An Overview of Designing Microservices Based Applications on AWS - March 2017...

Amazon Web Services

Viewers also liked (9)

AWS 201 - A Walk through the AWS Cloud: Introduction to Amazon CloudFront

AWS WAF introduction and live demo - Pop-up Loft Tel Aviv

Riga dev day: Lambda architecture at AWS

Introduction to Amazon CloudFront - Pop-up Loft Tel Aviv

Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale

(SEC201) How Should We All Think About Security?

AWS Webinar - Intro to Amazon Cloudfront 13-09-17

AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...

An Overview of Designing Microservices Based Applications on AWS - March 2017...

Similar to AWS WAF

Today’s web applications are becoming increasingly difficult to secure. AWS WAF helps to protect web applications from attack by blocking common web exploits like SQL injection and cross-site scripting. This session will introduce AWS WAF, how it integrates with other AWS services and how to use it to help protect your web applications. We will also demo how to deploy preconfigured rules and security automation on AWS WAF. Learning Objectives: • Understand the basics of AWS WAF • Learn about AWS WAF’s ease of use and fast incident response • Learn how to deploy preconfigured rules and security automation

Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series

Amazon Web Services

As attackers become more sophisticated, web application developers need to constantly update their security configurations. Static firewall rules are no longer good enough. Developers need a way to deploy automated security that can learn from the application behavior and identify bad traffic patterns to detect bad bots or bad actors on the Internet. This session showcases some of the real-world customer use cases that use machine learning and AWS WAF (a web application firewall) with automated incident response and machine learning to automatically identify bad actors. We also present tutorials and code samples that show how customers can analyze traffic patterns and deploy new AWS WAF rules on the fly.

Web Security Automation: Spend Less Time Securing your Applications

Amazon Web Services

隨著攻擊者日趨複雜精密化，網路應用開發者必須常態性更新其安全配置。靜態防火牆規則早已不敷需求。開發者需要能部署自動化安全性的方法，以從應用程式行為學習並辨別有害流量模式，進而偵測出網際網路上的有害機器人程式或有害動作者。本專題演講將以真實世界的客戶使用案例為例，示範如何運用機器學習和 AWS WAF（網路應用防火牆）搭配自動化事件回應和機器學習，來自動辨別出有害動作者。另外也將介紹主題教學和程式碼範例，示範客戶可以如何在執行作業期間分析流量模式並部署新的 AWS WAF 規則。

網路安全自動化 - 縮短應用維安的作業時間

Amazon Web Services

Advanced Techniques for Securing Web Applications

Amazon Web Services

AWS - Advanced Techniques for securing web applications

Amazon Web Services

AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...

Amazon Web Services

Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. This session will show you how to use Lambda functions to automate event response and integrate with your security operations tools. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as Amazon Virtual Private Cloud, Amazon Web Application Firewall, Amazon Shield, and more. You will also learn how to monitor and gain deep visibility into your AWS environment by using highly-scaled solutions such as AWS CloudTrail and AWS CloudWatch.

SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense

Amazon Web Services

"In this workshop, you learn how to deploy AWS WAF in front of your application, how to set up AWS WAF full logging for compliance and monitoring purposes, and how to increase your security posture by creating custom rules using Amazon Elasticsearch Service with Kibana. You also learn how to protect your application against bad bots, web scrapers, and scanners by configuring bad and benign bot signatures and then automating your AWS WAF rules by parsing AWS WAF full logs using an AWS Lambda function. All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."

Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...

Amazon Web Services

by Cameron Worrell, Sr. Solutions Architect, AWS In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.

Introduction to Threat Detection and Remediation on AWS

Amazon Web Services

by Cameron Worrell, Solutions Architect, AWS In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.

Introduction to Threat Detection and Remediation

Amazon Web Services

AWS DDoS防範: Shield Advanced & WAF

Amazon Web Services

Protect your applications from DDoS/BOT & Advanced Attacks

Amazon Web Services

The Open Web Application Security Project (OWASP) Top 10 identifies the most critical risks that web developers must address in their applications. AWS WAF, a web application firewall, helps you address the vulnerabilities identified by the OWASP Top 10. In this webinar, you will learn how to use AWS WAF to write rules to match common patterns of exploitation and block malicious requests from reaching your web servers.

How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks

Amazon Web Services

How to Use Positive and Negative Security Models and Virtual Patching Techniq...

Amazon Web Services

DDoS a další webové útoky (XSS, SQL injection) vedené na vaši infrastrukturu mohou negativně ovlivnit dostupnost vašich aplikací, ohrozit jejich bezpečnost a zvyšovat vaše náklady. Jestli se zajímáte o ochranu webových aplikací, sledujte další díl našeho Česko-Slovenského AWS webináře a dozvíte se víc o doporučených postupech i tom, jak používat služby Amazon CloudFront, AWS WAF, AWS Firewall Manager a AWS Shield.

AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky

Vladimir Simek

SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense

Amazon Web Services

SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense

Amazon Web Services

淺談WAF在AWS的架構

4ndersonLin

Aws meetup aws_waf

Adam Book

Don’t Sacrifice Performance for Security: Best Practices for Content Delivery

Amazon Web Services

Similar to AWS WAF (20)

Setup Preconfigured Protections on AWS WAF - November 2016 Webinar Series

Web Security Automation: Spend Less Time Securing your Applications

網路安全自動化 - 縮短應用維安的作業時間

Advanced Techniques for Securing Web Applications

AWS - Advanced Techniques for securing web applications

AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...

SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense

Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...

Introduction to Threat Detection and Remediation on AWS

Introduction to Threat Detection and Remediation

AWS DDoS防範: Shield Advanced & WAF

Protect your applications from DDoS/BOT & Advanced Attacks

How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks

How to Use Positive and Negative Security Models and Virtual Patching Techniq...

AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky

SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense

淺談WAF在AWS的架構

Aws meetup aws_waf

Don’t Sacrifice Performance for Security: Best Practices for Content Delivery

More from Amazon Web Services

Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS. In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Amazon Web Services

La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup. Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti. Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Amazon Web Services

Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi

Esegui pod serverless con Amazon EKS e AWS Fargate

Amazon Web Services

Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.

Costruire Applicazioni Moderne con AWS

Amazon Web Services

L’utilizzo dei container è in continua crescita. Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili. I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!

Come spendere fino al 90% in meno con i container e le istanze spot

Amazon Web Services

In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th. Event Agenda : Open banking so far (short recap) • PSD2, OB UK, OB Australia, OB LATAM, OB Israel Intro to Open Finance marketplace • Scope • Features • Tech overview and Demo The role of the Cloud The Future of APIs • Complying with regulation • Monetizing data / APIs • Business models • Time to market One platform for all: a Strategic approach Q&A

Open banking as a service

Amazon Web Services

Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc. AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta. Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

Amazon Web Services

Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity. AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet. Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Amazon Web Services

Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Amazon Web Services

Computer Vision con AWS

Amazon Web Services

Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti. Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.

Database Oracle e VMware Cloud on AWS i miti da sfatare

Amazon Web Services

Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti. Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire. Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito. In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

Amazon Web Services

Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline. Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.

API moderne real-time per applicazioni mobili e web

Amazon Web Services

Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali. In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Amazon Web Services

Tools for building your MVP on AWS

Amazon Web Services

How to Build a Winning Pitch Deck

Amazon Web Services

Building a web application without servers

Amazon Web Services

Fundraising Essentials

Amazon Web Services

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Amazon Web Services

Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.

Introduzione a Amazon Elastic Container Service

Amazon Web Services

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Esegui pod serverless con Amazon EKS e AWS Fargate

Costruire Applicazioni Moderne con AWS

Come spendere fino al 90% in meno con i container e le istanze spot

Open banking as a service

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Computer Vision con AWS

Database Oracle e VMware Cloud on AWS i miti da sfatare

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

API moderne real-time per applicazioni mobili e web

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Tools for building your MVP on AWS

How to Build a Winning Pitch Deck

Building a web application without servers

Fundraising Essentials

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Introduzione a Amazon Elastic Container Service

Recently uploaded

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Civil Lines Women Seeking Men

Delhi Call girls

CNv6 Instructor Chapter 6 Quality of Service

giselly40

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

As privacy and data protection regulations evolve rapidly, organizations operating in multiple jurisdictions face mounting challenges to ensure compliance and safeguard customer data. With state-specific privacy laws coming up in multiple states this year, it is essential to understand what their unique data protection regulations will require clearly. How will data privacy evolve in the US in 2024? How to stay compliant? Our panellists will guide you through the intricacies of these states' specific data privacy laws, clarifying complex legal frameworks and compliance requirements. This webinar will review: - The essential aspects of each state's privacy landscape and the latest updates - Common compliance challenges faced by organizations operating in multiple states and best practices to achieve regulatory adherence - Valuable insights into potential changes to existing regulations and prepare your organization for the evolving landscape

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

TrustArc

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

How to convert PDF to text with Nanonets

naman860154

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

With more memory available, system performance of three Dell devices increased, which can translate to a better user experience Conclusion When your system has plenty of RAM to meet your needs, you can efficiently access the applications and data you need to finish projects and to-do lists without sacrificing time and focus. Our test results show that with more memory available, three Dell PCs delivered better performance and took less time to complete the Procyon Office Productivity benchmark. These advantages translate to users being able to complete workflows more quickly and multitask more easily. Whether you need the mobility of the Latitude 5440, the creative capabilities of the Precision 3470, or the high performance of the OptiPlex Tower Plus 7010, configuring your system with more RAM can help keep processes running smoothly, enabling you to do more without compromising performance.

Boost PC performance: How more available memory can improve productivity

Principled Technologies

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Tech Trends Report 2024 Future Today Institute.pdf

hans926745

Heather Hedden, Senior Consultant at Enterprise Knowledge, presented “The Role of Taxonomy and Ontology in Semantic Layers” at a webinar hosted by Progress Semaphore on April 16, 2024. Taxonomies at their core enable effective tagging and retrieval of content, and combined with ontologies they extend to the management and understanding of related data. There are even greater benefits of taxonomies and ontologies to enhance your enterprise information architecture when applying them to a semantic layer. A survey by DBP-Institute found that enterprises using a semantic layer see their business outcomes improve by four times, while reducing their data and analytics costs. Extending taxonomies to a semantic layer can be a game-changing solution, allowing you to connect information silos, alleviate knowledge gaps, and derive new insights. Hedden, who specializes in taxonomy design and implementation, presented how the value of taxonomies shouldn’t reside in silos but be integrated with ontologies into a semantic layer. Learn about: - The essence and purpose of taxonomies and ontologies in information and knowledge management; - Advantages of semantic layers leveraging organizational taxonomies; and - Components and approaches to creating a semantic layer, including the integration of taxonomies and ontologies

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Enterprise Knowledge

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Delhi Call girls

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

[2024]Digital Global Overview Report 2024 Meltwater.pdf

hans926745

Recently uploaded (20)

08448380779 Call Girls In Civil Lines Women Seeking Men

CNv6 Instructor Chapter 6 Quality of Service

GenAI Risks & Security Meetup 01052024.pdf

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Partners Life - Insurer Innovation Award 2024

Finology Group – Insurtech Innovation Award 2024

How to convert PDF to text with Nanonets

Strategies for Landing an Oracle DBA Job as a Fresher

Boost PC performance: How more available memory can improve productivity

presentation ICT roal in 21st century education

Tech Trends Report 2024 Future Today Institute.pdf

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf

Data Cloud, More than a CDP by Matt Robison

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Scaling API-first – The story of a global engineering organization

Driving Behavioral Change for Information Management through Data-Driven Gree...

[2024]Digital Global Overview Report 2024 Meltwater.pdf

AWS WAF

1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Ronnen Slasky – AWS Solutions Architect Ran Tessler – AWS Solutions Architect November 18th 2015 Securing Web Applications with AWS WAF

2. Why WAF? Good Users Web Server Database

3. Why WAF? Good Users Bad Guys Web Server Database

4. Why WAF? Application Vulnerabilities Good Users Bad Guys Web Server Database Exploit Code

5. Why WAF? Abuse Good Users Bad Guys Web Server Database

6. Why WAF? Application DDoS Good Users Bad Guys Web Server Database

7. What is WAF? Application DDoS Good Users Bad Guys Web Server Database WAF

8. What is WAF? Application DDoS Good Users Bad Guys Web Server Database WAF WAF Rules: 1: BLOCK Request from Bad Guys 2: ALLOW Requests from Good Guys

9. What is WAF? Application DDoS Good Users Bad Guys Web Server Database WAF

10. Traditional WAF Setup is complex and slow

11. Traditional WAF Rules with too many false positives

12. Traditional WAF No APIs for automation

13. AWS WAF

14. Block or Allow Web Requests Monitor Security Events AWS WAF

15. New API & Console Protect Websites & Content AWS WAF Amazon CloudFront

16. Benefits of AWS WAF Practical Security Made Easy Customizable & Flexible Integrate with Development

17. Setting Up AWS WAF 1. Create a web ACL 2. Add a Rule 3. Add Match Conditions 4. Assign to CloudFront

18. Setting Up AWS WAF 1. Create a web ACL 1. BLOCK requests 1. BLOCK requests 1. BLOCK requests 2. COUNT requests DEFAULT: ALLOW 2. Add a Rule originating from … that have … AND are … that are AND are NOT from … that have 3. Add Match Conditions Blacklisted IPs SQLi in query String Login Requests Admin Requests IL Office IPs SQLi in query String 4. Assign to CloudFront for any request to d123.cloudfront.net

19. Pay for what you use • $5 per WebACL $1 per Rule per month • Reuse across with no additional charge • Use more rules for more visibility • $0.60 per million requests • Typical Monthly Bill: • Test Environment (1 Rule): $6 per month • Small Site (6 rules 58M views): $46 per month • Medium Site (6 rules, 260M views): $167 per month

20. Thank you!

AWS WAF

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (9)

Similar to AWS WAF

Similar to AWS WAF (20)

More from Amazon Web Services

More from Amazon Web Services (20)

Recently uploaded

Recently uploaded (20)

AWS WAF