SlideShare a Scribd company logo

AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky

Vladimir Simek
Vladimir Simek

This document discusses how to protect web applications from DDoS attacks on AWS. It covers the types and trends of DDoS threats, best practices for web architecture, and AWS security services like AWS Shield, AWS WAF, and Firewall Manager that provide built-in and customizable DDoS mitigation. It also includes a demo and discusses pricing models for AWS DDoS protection services.

Internet
1 of 30
Download to read offline
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Vladimír Šimek, Sr. Solutions Architect @ AWS May 2019 DDoS Mitigation on AWS How to protect your web applications
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda • Types of threats & trends in DDoS attacks • Web architecture – Best Practices • AWS Shield • AWS WAF and Firewall Manager • Pricing • Demo
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Threat landscape
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Types of threats Application Ping of Death | ICMP Flood | Teardrop | reflections | UDP floods SYN/ACK Flood | SSL Abuse Presentation Session Transport Network HTTP Flood | Malformed HTTP App exploits | CVE |s XSS | SQLi | RFI Bots | Scrapers | Crawlers Bad BotsDDoS Web Application Attacks
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Trends of DDoS attacks 0 200 400 600 800 1000 1200 1400 1600 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 Largest DDoS Attacks (Gbps) Largest DDoS Attacks Memcached Attacks Mirai Attacks
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DDoS Attack threats and Trends: Network / Transport Layer DDoS
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Evolution of WAF & DDoS mitigation On-Premise Cloud-Routed Cloud-Native
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cloud native protection
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pillars of perimeter protection MONITOR RESPOND PREPARE Build a DDoS resilient application on AWS Be aware of threat environment and application health Engage response team
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DDoS resilient architecture Route 53 ALB Security Group EC2 Instances Application Load Balancer CloudFront Public Subnet Web Application Security Group Private Subnet AWS WAF DDoS Attack Users Cloudwatch S3 API Gateway
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cloud native protection Built-in protection Protection tools Always-on Automatic Distributed Easy to use Customizable APIs AWS scale Experts support
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Layer 3/4 Protection for Everyone  Automatic defense against the most common network and transport layer DDoS attacks for any AWS resource, in any AWS Region  Comprehensive defense against all known network and transport layer attacks when using Amazon CloudFront and Amazon Route 53  SYN Floods, UDP Floods, Reflection Attacks, etc. Layer 7 Protection Available via AWS WAF  Self-service & pay-as-you-go  Flexible rule language  Fast rule propagation AWS Shield Standard AWS WAF AWS Shield Standard
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF Managed layer 7 inspection and mitigation tool, monitors HTTP/S requests and protects web applications from malicious activities Custom Rules Security AutomationManaged Rules
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF benefits AWS WAF Easy to deploy Fast incident response Affordable Full API support Managed service
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom rules 1. Define conditions: IP Match, Geo-IP, String Match, Regex Match, SQLi, XSS, Size Constraints 2. Define rules: Regular or rate based 3. Add to Web Access Control Lists: Order & action (Block, Allow, Count) 4. Attach to AWS Resource: CloudFront, ALB
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Seller managed rules Rules managed by experts Choice of 6 partners Pay as you go Easy to deploy automatic updates
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security automations Honeypot for bad bots CloudFront Log parsing Reputation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Firewall manager • Central management for Security profile • Automated policy enforcement across accounts & applications • WAF rule sets
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Additional detection & monitoring Advanced protection Visibility into attack detection & mitigation AWS WAF & FM at no additional cost 24X7 DDoS Response Team Cost protection (absorb scaling costs) Advanced Protection AWS Shield Advanced
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Classic Load Balancer Amazon Route 53 Application Load Balancer Amazon CloudFront EC2 Instances Network Load Balancer Elastic IP Address AWS Shield Advanced: Available for 6 AWS Services
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudWatch metrics for Shield Advanced Metrics: • DDoSDetected • DDoSAttackBitsPerSecond, DDoSAttackPacketsPerSecond, DDoSAttackRequestsPerSecond Dimensions: • UDPTraffic, DNSReflection, SYNFlood, RequestFlood…
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. attacks MONITOR RESPOND PREPARE AWS ShieldInternet Cloud native protection in a nutshell AWS services AWS WAF Customer infrastructure Application Presentation Session Transport Network Web Application Attacks DDoS Bad Bots x x x x MONITOR RESPOND PREPARE DDoS Cloudwatch CloudFront Access logs DDoS Response Team Security Automation
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pricing
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Shield Pricing Pricing AWS Shield Standard AWS Shield Advanced Subscription Commitment None 1 Year* Monthly Fee No additional cost $3,000 Data Transfer Out Usage Fees No additional cost See below Data Transfer Out Amazon CloudFront Elastic Load Balancing (ELB) AWS Elastic IP (EC2 and Network Load Balancer) AWS Global Accelerator First 100TB $0.025 $0.050 $0.050 $0.050 Next 400TB $0.020 $0.040 $0.040 $0.040 Next 500TB $0.015 $0.030 $0.030 $0.030 Next 4 PB $0.010 Contact Us Contact Us Contact Us Above 5 PB Contact Us Contact Us Contact Us Contact Us
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF Pricing WebACL Charges (in all available Regions) $5 per web ACL per month Rule Charges (in all available Regions) $1 per rule per web ACL per month Request Charges AWS WAF also charges for the amount of web request AWS WAF handles. This is based upon the number of web requests that are evaluated. Request Charge (in all available Regions) $0.60 per million web requests Managed Rules From AWS Marketplace Depends on the vendor – average $20-$30 per ACL per month + Request Charges
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. region private subnet b NAT Gateway Internet Gateway AMI public subnet a Application Load Balancer Demo Arch private subnet a AMI public subnet b Users Amazon CloudFront AWS WAF
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF Security Automations
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Resources Whitepaper: AWS Best Practices for DDoS Resiliency https://d1.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf Whitepaper: Use AWS WAF to Mitigate OWASP’s Top 10 Web Application Vulnerabilities https://d1.awsstatic.com/whitepapers/Security/aws-waf-owasp.pdf OWASP Top 10 (2017) – The Ten Most Critical Web Applications Security Risks https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf AWS WAF Security Automations https://aws.amazon.com/solutions/aws-waf-security-automations/ Managed Rules for AWS WAF Application Firewall (AWS Marketplace) https://aws.amazon.com/marketplace/solutions/security/waf-managed-rules
© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you vladsim@amazon.com

Recommended

Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
 
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Amazon Web Services
 
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Amazon Web Services
 
Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019
Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019 Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019
Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019 Amazon Web Services
 
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Amazon Web Services
 
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Amazon Web Services
 
Deep Dive on New AWS Networking Features - AWS Online Tech Talks
Deep Dive on New AWS Networking Features - AWS Online Tech TalksDeep Dive on New AWS Networking Features - AWS Online Tech Talks
Deep Dive on New AWS Networking Features - AWS Online Tech TalksAmazon Web Services
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Amazon Web Services
 

Recommended

Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
 
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019
Build anywhere; Secure everywhere - DEM01-R - AWS re:Inforce 2019 Amazon Web Services
 
Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Automating DDos and WAF responses - AWS Summit Cape Town 2018
Automating DDos and WAF responses - AWS Summit Cape Town 2018Amazon Web Services
 
Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019
Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019 Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019
Data encryption concepts in AWS - FND302 - AWS re:Inforce 2019 Amazon Web Services
 
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Amazon Web Services
 
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Amazon Web Services
 
Deep Dive on New AWS Networking Features - AWS Online Tech Talks
Deep Dive on New AWS Networking Features - AWS Online Tech TalksDeep Dive on New AWS Networking Features - AWS Online Tech Talks
Deep Dive on New AWS Networking Features - AWS Online Tech TalksAmazon Web Services
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Amazon Web Services
 
Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
 
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...Amazon Web Services
 
Multi-Account Strategy and Security with Centrica Hive
Multi-Account Strategy and Security with Centrica HiveMulti-Account Strategy and Security with Centrica Hive
Multi-Account Strategy and Security with Centrica HiveAmazon Web Services
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Amazon Web Services
 
Coursera aws fundamentals
Coursera aws fundamentalsCoursera aws fundamentals
Coursera aws fundamentalsGuillaume Fillebeen
 
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
 
AWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAmazon Web Services
 
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019 Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019 Amazon Web Services
 
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Amazon Web Services
 
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...Amazon Web Services
 
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...Amazon Web Services
 
Security Framework Shakedown
Security Framework ShakedownSecurity Framework Shakedown
Security Framework ShakedownAmazon Web Services
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019 Cloud auditing workshop - GRC323 - AWS re:Inforce 2019
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019 Amazon Web Services
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSAmazon Web Services
 
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019 Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019 Amazon Web Services
 
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
 
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018Amazon Web Services
 
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Amazon Web Services
 
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...Bhavin Desai, CCIE Security
 
Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...RoiElbaz1
 
Automating DDoS and WAF Response
Automating DDoS and WAF ResponseAutomating DDoS and WAF Response
Automating DDoS and WAF ResponseAmazon Web Services
 

More Related Content

What's hot

Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
 
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...Amazon Web Services
 
Multi-Account Strategy and Security with Centrica Hive
Multi-Account Strategy and Security with Centrica HiveMulti-Account Strategy and Security with Centrica Hive
Multi-Account Strategy and Security with Centrica HiveAmazon Web Services
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Amazon Web Services
 
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
 
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019 Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019 Amazon Web Services
 
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Amazon Web Services
 
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...Amazon Web Services
 
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...Amazon Web Services
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019 Cloud auditing workshop - GRC323 - AWS re:Inforce 2019
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019 Amazon Web Services
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSAmazon Web Services
 
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019 Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019 Amazon Web Services
 
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
 
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018Amazon Web Services
 
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Amazon Web Services
 
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...Bhavin Desai, CCIE Security
 

What's hot (20)

Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...
 
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...
How GoDaddy protects ecommerce and domains with AWS KMS and encryption - SDD4...
 
Multi-Account Strategy and Security with Centrica Hive
Multi-Account Strategy and Security with Centrica HiveMulti-Account Strategy and Security with Centrica Hive
Multi-Account Strategy and Security with Centrica Hive
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
 
Coursera aws fundamentals
Coursera aws fundamentalsCoursera aws fundamentals
Coursera aws fundamentals
 
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
 
AWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAWS Cloud Security Fundamentals
AWS Cloud Security Fundamentals
 
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019 Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019
 
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
 
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
 
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...
Compliance automation: Set it up fast, then code it your way - GRC330-R - AWS...
 
Security Framework Shakedown
Security Framework ShakedownSecurity Framework Shakedown
Security Framework Shakedown
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics Webinar
 
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019 Cloud auditing workshop - GRC323 - AWS re:Inforce 2019
Cloud auditing workshop - GRC323 - AWS re:Inforce 2019
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWS
 
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019 Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019
Security benefits of the Nitro architecture - SEP401-R - AWS re:Inforce 2019
 
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
 
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
 
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...
 
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...
AWS re:Inforce 2019 Builders session: Simplify and secure your network archit...
 

Similar to AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky

Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...RoiElbaz1
 
Automating DDoS and WAF Response
Automating DDoS and WAF ResponseAutomating DDoS and WAF Response
Automating DDoS and WAF ResponseAmazon Web Services
 
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...Amazon Web Services
 
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Amazon Web Services
 
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksProtect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksAmazon Web Services
 
Building a Secured Network environment on AWS
Building a Secured Network environment on AWSBuilding a Secured Network environment on AWS
Building a Secured Network environment on AWSAmazon Web Services
 
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet ThreatsAWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet ThreatsAmazon Web Services
 
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...Amazon Web Services
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)Amazon Web Services
 
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAmazon Web Services
 
Advanced Techniques for Securing Web Applications
Advanced Techniques for Securing Web ApplicationsAdvanced Techniques for Securing Web Applications
Advanced Techniques for Securing Web ApplicationsAmazon Web Services
 
AWS - Advanced Techniques for securing web applications
AWS - Advanced Techniques for securing web applicationsAWS - Advanced Techniques for securing web applications
AWS - Advanced Techniques for securing web applicationsAmazon Web Services
 
Lock it Down: How to Secure your AWS Account and your Organization's Accounts
Lock it Down: How to Secure your AWS Account and your Organization's AccountsLock it Down: How to Secure your AWS Account and your Organization's Accounts
Lock it Down: How to Secure your AWS Account and your Organization's AccountsAmazon Web Services
 
Compliance and Security Mitigation Techniques
Compliance and Security Mitigation TechniquesCompliance and Security Mitigation Techniques
Compliance and Security Mitigation TechniquesAmazon Web Services
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 
Virtual AWSome Day October 2018 - Amazon Web Services
Virtual AWSome Day October 2018 - Amazon Web ServicesVirtual AWSome Day October 2018 - Amazon Web Services
Virtual AWSome Day October 2018 - Amazon Web ServicesAmazon Web Services
 
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksProtect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksAmazon Web Services
 

Similar to AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky (20)

Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...Edge immersion days module 2 - protect your application at the edge using a...
Edge immersion days module 2 - protect your application at the edge using a...
 
Automating DDoS and WAF Response
Automating DDoS and WAF ResponseAutomating DDoS and WAF Response
Automating DDoS and WAF Response
 
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...
 
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...
 
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksProtect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced Attacks
 
Building a Secured Network environment on AWS
Building a Secured Network environment on AWSBuilding a Secured Network environment on AWS
Building a Secured Network environment on AWS
 
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet ThreatsAWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
AWS Edge Security - Cloud-Native Defense Against Diverse Internet Threats
 
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
 
194325_EdgeatScale_NoNotes.pptx
194325_EdgeatScale_NoNotes.pptx194325_EdgeatScale_NoNotes.pptx
194325_EdgeatScale_NoNotes.pptx
 
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & RemediationAWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & Remediation
 
Advanced Techniques for Securing Web Applications
Advanced Techniques for Securing Web ApplicationsAdvanced Techniques for Securing Web Applications
Advanced Techniques for Securing Web Applications
 
AWS - Advanced Techniques for securing web applications
AWS - Advanced Techniques for securing web applicationsAWS - Advanced Techniques for securing web applications
AWS - Advanced Techniques for securing web applications
 
Mitigating techniques
Mitigating techniquesMitigating techniques
Mitigating techniques
 
Lock it Down: How to Secure your AWS Account and your Organization's Accounts
Lock it Down: How to Secure your AWS Account and your Organization's AccountsLock it Down: How to Secure your AWS Account and your Organization's Accounts
Lock it Down: How to Secure your AWS Account and your Organization's Accounts
 
Compliance and Security Mitigation Techniques
Compliance and Security Mitigation TechniquesCompliance and Security Mitigation Techniques
Compliance and Security Mitigation Techniques
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security Baseline
 
Virtual AWSome Day October 2018 - Amazon Web Services
Virtual AWSome Day October 2018 - Amazon Web ServicesVirtual AWSome Day October 2018 - Amazon Web Services
Virtual AWSome Day October 2018 - Amazon Web Services
 
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksProtect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
 

More from Vladimir Simek

Machine Learning with Amazon SageMaker
Machine Learning with Amazon SageMakerMachine Learning with Amazon SageMaker
Machine Learning with Amazon SageMakerVladimir Simek
 
AWS CZSK Webinář 2020.03: AWS Outposts
AWS CZSK Webinář 2020.03: AWS OutpostsAWS CZSK Webinář 2020.03: AWS Outposts
AWS CZSK Webinář 2020.03: AWS OutpostsVladimir Simek
 
AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...
AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...
AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...Vladimir Simek
 
News from re:Invent 2019
News from re:Invent 2019News from re:Invent 2019
News from re:Invent 2019Vladimir Simek
 
Serverless on AWS: Architectural Patterns and Best Practices
Serverless on AWS: Architectural Patterns and Best PracticesServerless on AWS: Architectural Patterns and Best Practices
Serverless on AWS: Architectural Patterns and Best PracticesVladimir Simek
 
AWS CZSK Webinar 2019.07: Databazy na AWS
AWS CZSK Webinar 2019.07: Databazy na AWSAWS CZSK Webinar 2019.07: Databazy na AWS
AWS CZSK Webinar 2019.07: Databazy na AWSVladimir Simek
 
Česko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWS
Česko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWSČesko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWS
Česko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWSVladimir Simek
 
AWS Česko-Slovenský Webinár 03: Vývoj v AWS
AWS Česko-Slovenský Webinár 03: Vývoj v AWSAWS Česko-Slovenský Webinár 03: Vývoj v AWS
AWS Česko-Slovenský Webinár 03: Vývoj v AWSVladimir Simek
 
Artificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to StartArtificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to StartVladimir Simek
 
Artificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to StartArtificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to StartVladimir Simek
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduAWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduVladimir Simek
 
AWS Webinar CZSK Uvod do cloud computingu
AWS Webinar CZSK Uvod do cloud computinguAWS Webinar CZSK Uvod do cloud computingu
AWS Webinar CZSK Uvod do cloud computinguVladimir Simek
 
Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Vladimir Simek
 
Running Docker Containers on AWS
Running Docker Containers on AWSRunning Docker Containers on AWS
Running Docker Containers on AWSVladimir Simek
 
How to run your Hadoop Cluster in 10 minutes
How to run your Hadoop Cluster in 10 minutesHow to run your Hadoop Cluster in 10 minutes
How to run your Hadoop Cluster in 10 minutesVladimir Simek
 
CI&CD with AWS - AWS Prague User Group - May 2015
CI&CD with AWS - AWS Prague User Group - May 2015CI&CD with AWS - AWS Prague User Group - May 2015
CI&CD with AWS - AWS Prague User Group - May 2015Vladimir Simek
 

More from Vladimir Simek (18)

Machine Learning with Amazon SageMaker
Machine Learning with Amazon SageMakerMachine Learning with Amazon SageMaker
Machine Learning with Amazon SageMaker
 
AWS CZSK Webinář 2020.03: AWS Outposts
AWS CZSK Webinář 2020.03: AWS OutpostsAWS CZSK Webinář 2020.03: AWS Outposts
AWS CZSK Webinář 2020.03: AWS Outposts
 
AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...
AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...
AWS CZSK Webinar - Migrácia desktopov a aplikácií do AWS cloudu s Amazon Work...
 
News from re:Invent 2019
News from re:Invent 2019News from re:Invent 2019
News from re:Invent 2019
 
Serverless on AWS: Architectural Patterns and Best Practices
Serverless on AWS: Architectural Patterns and Best PracticesServerless on AWS: Architectural Patterns and Best Practices
Serverless on AWS: Architectural Patterns and Best Practices
 
AWS CZSK Webinar 2019.07: Databazy na AWS
AWS CZSK Webinar 2019.07: Databazy na AWSAWS CZSK Webinar 2019.07: Databazy na AWS
AWS CZSK Webinar 2019.07: Databazy na AWS
 
Česko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWS
Česko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWSČesko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWS
Česko-Slovenský AWS Webinář 07 - Optimalizace nákladů v AWS
 
AWS Česko-Slovenský Webinár 03: Vývoj v AWS
AWS Česko-Slovenský Webinár 03: Vývoj v AWSAWS Česko-Slovenský Webinár 03: Vývoj v AWS
AWS Česko-Slovenský Webinár 03: Vývoj v AWS
 
Gaming with AWS
Gaming with AWSGaming with AWS
Gaming with AWS
 
Artificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to StartArtificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to Start
 
Artificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to StartArtificial Intelligence (Machine Learning) on AWS: How to Start
Artificial Intelligence (Machine Learning) on AWS: How to Start
 
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS clouduAWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
 
AWS Webinar CZSK Uvod do cloud computingu
AWS Webinar CZSK Uvod do cloud computinguAWS Webinar CZSK Uvod do cloud computingu
AWS Webinar CZSK Uvod do cloud computingu
 
Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)Introduction to EKS (AWS User Group Slovakia)
Introduction to EKS (AWS User Group Slovakia)
 
Running Docker Containers on AWS
Running Docker Containers on AWSRunning Docker Containers on AWS
Running Docker Containers on AWS
 
Travel hackathon
Travel hackathonTravel hackathon
Travel hackathon
 
How to run your Hadoop Cluster in 10 minutes
How to run your Hadoop Cluster in 10 minutesHow to run your Hadoop Cluster in 10 minutes
How to run your Hadoop Cluster in 10 minutes
 
CI&CD with AWS - AWS Prague User Group - May 2015
CI&CD with AWS - AWS Prague User Group - May 2015CI&CD with AWS - AWS Prague User Group - May 2015
CI&CD with AWS - AWS Prague User Group - May 2015
 

Recently uploaded

Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirtrahman018755
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.soniya singh
 
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Datingkojalkojal131
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...tanu pandey
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 

Recently uploaded (20)

Trump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts SweatshirtTrump Diapers Over Dems t shirts Sweatshirt
Trump Diapers Over Dems t shirts Sweatshirt
 
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Sarai Rohilla Escort Service Delhi N.C.R.
 
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft DatingDubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
Dubai Call Girls Milky O525547819 Call Girls Dubai Soft Dating
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
Katraj ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready For S...
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Himatnagar 7001035870 Whatsapp Number, 24/07 Booking
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Daund ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 

AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útoky

  • 1. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Vladimír Šimek, Sr. Solutions Architect @ AWS May 2019 DDoS Mitigation on AWS How to protect your web applications
  • 2. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda • Types of threats & trends in DDoS attacks • Web architecture – Best Practices • AWS Shield • AWS WAF and Firewall Manager • Pricing • Demo
  • 3. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Threat landscape
  • 4. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Types of threats Application Ping of Death | ICMP Flood | Teardrop | reflections | UDP floods SYN/ACK Flood | SSL Abuse Presentation Session Transport Network HTTP Flood | Malformed HTTP App exploits | CVE |s XSS | SQLi | RFI Bots | Scrapers | Crawlers Bad BotsDDoS Web Application Attacks
  • 5. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Trends of DDoS attacks 0 200 400 600 800 1000 1200 1400 1600 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 Largest DDoS Attacks (Gbps) Largest DDoS Attacks Memcached Attacks Mirai Attacks
  • 6. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DDoS Attack threats and Trends: Network / Transport Layer DDoS
  • 7. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Evolution of WAF & DDoS mitigation On-Premise Cloud-Routed Cloud-Native
  • 8. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cloud native protection
  • 9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pillars of perimeter protection MONITOR RESPOND PREPARE Build a DDoS resilient application on AWS Be aware of threat environment and application health Engage response team
  • 10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DDoS resilient architecture Route 53 ALB Security Group EC2 Instances Application Load Balancer CloudFront Public Subnet Web Application Security Group Private Subnet AWS WAF DDoS Attack Users Cloudwatch S3 API Gateway
  • 11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cloud native protection Built-in protection Protection tools Always-on Automatic Distributed Easy to use Customizable APIs AWS scale Experts support
  • 12. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Layer 3/4 Protection for Everyone  Automatic defense against the most common network and transport layer DDoS attacks for any AWS resource, in any AWS Region  Comprehensive defense against all known network and transport layer attacks when using Amazon CloudFront and Amazon Route 53  SYN Floods, UDP Floods, Reflection Attacks, etc. Layer 7 Protection Available via AWS WAF  Self-service & pay-as-you-go  Flexible rule language  Fast rule propagation AWS Shield Standard AWS WAF AWS Shield Standard
  • 13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF Managed layer 7 inspection and mitigation tool, monitors HTTP/S requests and protects web applications from malicious activities Custom Rules Security AutomationManaged Rules
  • 14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF benefits AWS WAF Easy to deploy Fast incident response Affordable Full API support Managed service
  • 15. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom rules 1. Define conditions: IP Match, Geo-IP, String Match, Regex Match, SQLi, XSS, Size Constraints 2. Define rules: Regular or rate based 3. Add to Web Access Control Lists: Order & action (Block, Allow, Count) 4. Attach to AWS Resource: CloudFront, ALB
  • 16. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Seller managed rules Rules managed by experts Choice of 6 partners Pay as you go Easy to deploy automatic updates
  • 17. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security automations Honeypot for bad bots CloudFront Log parsing Reputation
  • 18. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Firewall manager • Central management for Security profile • Automated policy enforcement across accounts & applications • WAF rule sets
  • 19. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Additional detection & monitoring Advanced protection Visibility into attack detection & mitigation AWS WAF & FM at no additional cost 24X7 DDoS Response Team Cost protection (absorb scaling costs) Advanced Protection AWS Shield Advanced
  • 20. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Classic Load Balancer Amazon Route 53 Application Load Balancer Amazon CloudFront EC2 Instances Network Load Balancer Elastic IP Address AWS Shield Advanced: Available for 6 AWS Services
  • 21. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CloudWatch metrics for Shield Advanced Metrics: • DDoSDetected • DDoSAttackBitsPerSecond, DDoSAttackPacketsPerSecond, DDoSAttackRequestsPerSecond Dimensions: • UDPTraffic, DNSReflection, SYNFlood, RequestFlood…
  • 22. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. attacks MONITOR RESPOND PREPARE AWS ShieldInternet Cloud native protection in a nutshell AWS services AWS WAF Customer infrastructure Application Presentation Session Transport Network Web Application Attacks DDoS Bad Bots x x x x MONITOR RESPOND PREPARE DDoS Cloudwatch CloudFront Access logs DDoS Response Team Security Automation
  • 23. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pricing
  • 24. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Shield Pricing Pricing AWS Shield Standard AWS Shield Advanced Subscription Commitment None 1 Year* Monthly Fee No additional cost $3,000 Data Transfer Out Usage Fees No additional cost See below Data Transfer Out Amazon CloudFront Elastic Load Balancing (ELB) AWS Elastic IP (EC2 and Network Load Balancer) AWS Global Accelerator First 100TB $0.025 $0.050 $0.050 $0.050 Next 400TB $0.020 $0.040 $0.040 $0.040 Next 500TB $0.015 $0.030 $0.030 $0.030 Next 4 PB $0.010 Contact Us Contact Us Contact Us Above 5 PB Contact Us Contact Us Contact Us Contact Us
  • 25. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF Pricing WebACL Charges (in all available Regions) $5 per web ACL per month Rule Charges (in all available Regions) $1 per rule per web ACL per month Request Charges AWS WAF also charges for the amount of web request AWS WAF handles. This is based upon the number of web requests that are evaluated. Request Charge (in all available Regions) $0.60 per million web requests Managed Rules From AWS Marketplace Depends on the vendor – average $20-$30 per ACL per month + Request Charges
  • 26. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
  • 27. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. region private subnet b NAT Gateway Internet Gateway AMI public subnet a Application Load Balancer Demo Arch private subnet a AMI public subnet b Users Amazon CloudFront AWS WAF
  • 28. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS WAF Security Automations
  • 29. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Resources Whitepaper: AWS Best Practices for DDoS Resiliency https://d1.awsstatic.com/whitepapers/Security/DDoS_White_Paper.pdf Whitepaper: Use AWS WAF to Mitigate OWASP’s Top 10 Web Application Vulnerabilities https://d1.awsstatic.com/whitepapers/Security/aws-waf-owasp.pdf OWASP Top 10 (2017) – The Ten Most Critical Web Applications Security Risks https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf AWS WAF Security Automations https://aws.amazon.com/solutions/aws-waf-security-automations/ Managed Rules for AWS WAF Application Firewall (AWS Marketplace) https://aws.amazon.com/marketplace/solutions/security/waf-managed-rules
  • 30. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you vladsim@amazon.com