AWS WAF for DDoS Mitigation

When: Wed AM-1
Where: Portland
Organizers Giorgio Bonfiglio Giorgio Bonfiglio
Participants Andrew Johnstone Andrew Johnstone , Vladimir Voskresenskiy Vladimir Voskresenskiy , Jaimen Lathia Jaimen Lathia , Orid Ahmed Orid Ahmed , Felipe Zipitria Felipe Zipitria


Implementing a WAF can be tricky: we are used to pre-packaged solutions, which come with a lot of false positives. In this hands-on session we’ll use a different approach and work on some automations to dynamically create rules to protect your applications.


Based on the AWS Security Automations packaged solution, we’ll explore differet mechanisms and tricks to protect our services from some common, and many uncommon types of attacks.


You will hopefully learn the basics and some pro tips to go ahead and integrate WAF in your existing environment.


AWS WAF: AWS Shield:

WAF Security Automations: Security Automations Implementation Guide:

AWS Summit Talk: