The Channel logo


By | Team Register 7th October 2015 04:28

Now it's the security industry's turn to be burned by cloud

Amazon ignites Web Applications Firewall to char security chaff

Amazon has launched web application firewall to help customers guard against common web exploits.

The web attic touts the service as a means to ink custom rules to block attack patterns like SQL injection and cross-site scripting and offering the ability to quickly deploy application rules.

Rules can be set based on IP address, HTTP headers, URI strings, and configured through the API or management console. The more rules set the higher the cost.

Amazon Web Services man Jeff Barr offers a case study of how the WAF could work.

"[Attackers] could run through a list of common or default usernames and passwords, or they could attempt to exploit a known system, language, or application vulnerability perhaps powered by SQL injection or cross-site request forgery as the next step," Barr says

"Like it or not, these illegitimate requests are going to be flowing in 24 by 7.

"Even if you keep your servers well-patched and do what you can to keep the attack surface as small as possible, there’s always room to add an additional layer of protection."

Amazon has slapped chicken feed service pricing on the WAF, asking for 60 cents per million hits, US$1 a rule, and $5 for each access control list.

Web application firewalls are a tool in the security defence chest and are no panacea. Security bods say the technology can be often bypassed and some maintain some offerings even introduce the vulnerabilities the platform seeks to mitigate. ®

comment icon Read 4 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe