AWS WAF for DDoS Mitigation

Track:
When: Wed AM-1
Where: Portland
Organizers Giorgio Bonfiglio Giorgio Bonfiglio
Participants Andrew Johnstone Andrew Johnstone , Vladimir Voskresenskiy Vladimir Voskresenskiy , Jaimen Lathia Jaimen Lathia , Orid Ahmed Orid Ahmed , Felipe Zipitria Felipe Zipitria

WHY

Implementing a WAF can be tricky: we are used to pre-packaged solutions, which come with a lot of false positives. In this hands-on session we’ll use a different approach and work on some automations to dynamically create rules to protect your applications.

What

Based on the AWS Security Automations packaged solution, we’ll explore differet mechanisms and tricks to protect our services from some common, and many uncommon types of attacks.

Outcomes

You will hopefully learn the basics and some pro tips to go ahead and integrate WAF in your existing environment.

References

AWS WAF: https://aws.amazon.com/waf/ AWS Shield: https://aws.amazon.com/shield/

WAF Security Automations: https://aws.amazon.com/answers/security/aws-waf-security-automations/ Security Automations Implementation Guide: https://s3.amazonaws.com/solutions-reference/aws-waf-security-automations/latest/aws-waf-security-automations.pdf

AWS Summit Talk: http://london-summit-slides-2017.s3.amazonaws.com/Advanced%20Techniques%20for%20DDoS%20Mitigation%20and%20Web%20Application%20Defense.pdf