AWS Web Application Firewall (AWS WAF)

AWS Solution Architect Professional
AWS Solution Architect Associate badge
 AWS BigData Specialty badge

Protect your web applications or APIs from common web exploits

StormIT helps organizations protect their websites and applications against all commonly known application-layer attacks and exploits by leveraging comprehensive protection of AWS Web Application Firewall(WAF). AWS WAF protection is tightly integrated with AWS services that AWS customers use to deliver content such as Amazon CloudFront, the Application Load Balancer (ALB), Amazon API Gateway. 

Secure your web application and deliver your data, videos, or APIs to your customers globally with low latency and higher transfer speeds with AWS WAF and AWS Edge Services Bundles.


AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits that may affect availability, compromise security, or consume excessive resources.


AWS WAF gives you control over how traffic reaches your applications by enabling you to create security rules that block common attack patterns.


You can get started quickly using Managed Rules for AWS WAF, a pre-configured set of rules managed by AWS or AWS Marketplace Sellers. These rules are regularly updated as new issues emerge. 


How AWS WAF Works?

Use AWS WAF to control how an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, or an AWS AppSync GraphQL API responds to web requests.


Create a policy

Build your own rules using the visual rule builder, code in JSON, or simply deploy managed rules maintained by AWS and/or sellers from AWS Marketplace.


Block & Filter

Protect against exploits and vulnerabilities such as SQL injection attacks or Cross-Site Scripting (XSS) attacks. Filter out unwanted traffic by defining specific patterns or by IP address.


Monitor traffic

Use Amazon  CloudWatch for incoming traffic metrics & Amazon Kinesis Firehose for request details, then tune rules based on metrics & log data.

AWS WAF Protection

AWS WAF can help you mitigate the OWASP Top 10 and other web application security vulnerabilities because attempts to exploit them often have common detectable patterns in the HTTP requests.

Layer 7 DDoS attacks

HTTP Floods & malformed HTTP


You can use AWS WAF rate limiting rules to block clients from specific IP addresses that are sending an abusive amount of requests to your application. AWS WAF also provides the ability to block known malicious IP addresses using the Amazon IP reputation list or by subscribing to AWS partner IP reputation lists from the AWS Marketplace.

Bad bots

Bots, Scrapers & Crawlers

To stop traffic generated by bad bots, you can use the IP reputation lists within AWS Managed Rules to cover some of the scanner-type bots. In addition, you can use the AWS WAF Security Automations Solution to defend against bots by implementing honeypots and behavioral detections with WAF logs.

Web application attacks

App Exploits, CVE, XSS, SQLi & RFI

You can select and add some of AWS managed rule groups to protect your application from various threats. In addition to AWS Managed Rules, you can also write custom rules specific to your application to block undesired patterns in parts of the HTTP request.

Benefits of AWS WAF

Intelligent Protection

AWS WAF rule propagation and updates take under a minute. WAF  rules can inspect any part of the web request with minimal latency.


You can filter any part of the web request, such as IP addresses, HTTP headers, HTTP body, or URI strings. This allows you to block common attack patterns, such as SQL injection or cross-site scripting. 

Managed Rules

With Managed Rules for AWS WAF, you can quickly get started and protect your web application or APIs against common threats.


Managed rules are written by security experts who have extensive and up-to-date knowledge of threats and vulnerabilities. Managed rules are automatically updated as new issues emerge.

Traffic Monitoring

AWS WAF gives near real-time visibility into your web traffic, which you can use to create new rules or alerts in Amazon CloudWatch.


In addition, AWS WAF offers comprehensive logging by capturing each inspected web request’s full header data for use in security automation, analytics, or auditing purposes. 

Cost Effective

You pay only for what you use. AWS WAF provides a customizable, self-service offering, and pricing is based on how many rules you deploy and how many web requests your web application receives. There are no minimum fees and no upfront commitments. 

What Customers Say About Us

Sefira logo

„Extremely helpful and friendly approach from the StormIT guys. They helped us optimize the setup for the cloud version of our digital trust OBELISK products. I would recommend the cooperation to everybody:)“

  Martin Jurík, Channel Partner Manager

SEFIRA spol. s.r.o.

Have a question? Please get in touch.