Category: Security

For organizations operating multi-tenant environments, regulated environments, or multiple business units, maintaining strict network segmentation between SD-WAN and AWS is essential for meeting security, compliance, and operational requirements. This is Part 2 of the two-part series on extending SD-WAN segmentation into AWS Cloud WAN. In Part 1, the Generic Routing Encapsulation (GRE) based Connect attachment […]

For organizations operating multi-tenant environments, regulated environments, or multiple business units, maintaining strict network segmentation between SD-WAN and AWS is essential for meeting security, compliance, and operational requirements. Deploying SD-WAN virtual appliances and extending your segmentation through AWS Cloud WAN helps unify these segmented environments under a single, scalable global network. That said, segmentation is […]

Organizations securing access to internal applications face a common challenge: traditional VPNs grant broad network access once connected, leaving applications accessible beyond their intended scope and lacking granular traffic inspection. AWS Verified Access (AVA) and AWS Network Firewall (Network Firewall) provide a zero trust solution that addresses these challenges by combining identity-based access control with […]

Users wanting to protect themselves from Layer 7 (HTTP) DDoS threats can use the AWS WAF L7 Anti-DDoS managed rule group to detect and mitigate DDoS events in single digit seconds. The Anti-DDoS managed rule group has a default configuration that is appropriate for many applications and clients. However, there are clients that need special […]

PartyRock is an intuitive, hands-on generative AI app-building playground based on Amazon Bedrock. It allows users to experiment with generative AI technologies and build fun applications without coding, such as quiz generators or resume optimizers. Although providing a free generative AI playground online offers immense value to builders, it also presents significant security challenges. In […]

DNS is a key component of modern computing, a phone book for IP addresses. It is distinct from other protocols in the application stack. Because it is queried early in the request by a client, DNS is well suited to relay application-specific information back to a client as early as possible. This additional data can […]

AWS WAF Bot Control uses CAPTCHA and Challenge actions to undertake a browser interaction before permitting requests to protected resources. These actions can result in a poor user experience because of application errors or unexpected CAPTCHA completion when AWS WAF unexpectedly blocks requests. The AWS WAF JavaScript integrations give you the ability to control these […]

Protecting against bot threats requires insights into the client environment beyond what is available through network-level characteristics of a request, such as TCP or HTTP payload signatures. AWS WAF uses CAPTCHA and Challenge actions to undertake a client-side interaction, whether on a mobile device or browser, to understand this client environment before they can be […]

Today, on 30th August 2023, AWS launched a new enhancement to the Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing feature. With this enhancement, customers can now specify a Gateway Load Balancer Endpoint (GWLBE) as the next-hop in the virtual private gateway (VGW) route table. This allows customers to inspect their traffic coming into AWS […]

NetDevOps orchestrates and automates network changes to shorten the network delivery lifecycle, treats the network as code to allow for version control, and tests changes to make sure of quality and stability. This increased speed helps organizations better serve their customers and compete more effectively in the market. The post NetDevOps: A modern approach to AWS […]