In day-to-day security operations, I primarily focus on protecting web applications, APIs, and cloud workloads. From my experience, this product is the most stable option available. It significantly manages applications during cyber-attacks and addresses threats in AWS environments, including traffic patterns from malicious bots and SQL injections. The product is very helpful for managing these scenarios.
Cyber Security Cloud Managed Rules for AWS WAF -API Gateway/Serverless-
Cyber Security CloudExternal reviews
1 review
from
External reviews are not included in the AWS star rating for the product.
Automation has improved how I protect AWS APIs and web apps from evolving attacks
What is our primary use case?
What is most valuable?
The best feature of Cyber Security Cloud Managed Rules is the combination of two capabilities that I appreciate most. The first is automated threat intelligence and rule updates. This solution automatically updates the security signatures to protect against the latest cyber threats, including OWASP attacks, bots, and vulnerabilities without requiring any heavy manual interventions. Automated threat intelligence significantly reduces the operational workload for security teams and improves the overall response time against emerging threats. It also helps organizations maintain stronger security compliance.
The second feature I appreciate most is strong AWS, WAF, and API protection, which is a major strength of Cyber Security Cloud Managed Rules. The seamless integration with AWS and WAF in front of the ALB and API gateway environments provides strong protection against SQL injection or cross-site scripting. In cases of malicious bots and API-based attacks, this solution is highly beneficial for cloud-native and API-driven applications that require scalable and real-time protection.
What needs improvement?
This product requires skilled people because there is a lot of automation needed to understand all the features in the dashboard. Additionally, there is a need for increased automation in certain areas to improve the overall experience.
What do I think about the stability of the solution?
The product is stable and does not create major lagging or performance issues during day-to-day operations. This solution is designed to work efficiently with AWS cloud infrastructure, handling traffic interception with minimal latency. Performance is always good, although, in some cases, when multiple complex rules or deep inspection policies are required, there may be lagging when changing security policies. However, this is acceptable, and performance depends on the application architecture, traffic volume, and rule training configurations. Overall, the product performance is stable, and lagging issues are minimal when the rules are properly configured and maintained.
What do I think about the scalability of the solution?
I give a high rating for scalability. Compared to other products, especially for cloud-native AWS-based infrastructures, this solution easily handles increased application traffic, including API requests, and manages multiple workloads with greater performance. It supports scaling across multiple regions based on applications and internet-facing services through centralized management. Since it is a cloud-based infrastructure, the rules are automated, managed, and updates are handled efficiently, maintaining security consistency during business operations. Overall, the product is highly scalable and suitable for organizations with growing cloud workloads and dynamic traffic requirements.
How are customer service and support?
I engage with the technical support team regularly. The support team helps with rule tuning, false positive handling, deployment guidance, and troubleshooting during security incidents. Sometimes we are unable to handle incidents from a security perspective, and even though false alerts regularly occur, we engage with vendor support. For any issues, we need to raise a ticket via the vendor portal. Initially, we write an email, and after the ticket is created, they check the issue and arrange a call. For standard operational issues, the response time is acceptable, and the support documentation is useful. During critical incidents, for complex applications or specific issues, the response is faster, and troubleshooting support is required. Overall, the technical team is knowledgeable about this product and assists effectively in maintaining stable day-to-day operations.
How was the initial setup?
Initial deployment depends on the environment being used. In my case, we are using two cloud environments, and the initial deployment is not very difficult. My organization is a medium-scale organization already using AWS infrastructure. The setup process is simple because the rules can be directly subscribed and deployed with AWS Marketplace in AWS WAF. Its integration with CloudFront, application load balancer, and API gateways is straightforward and can be completed within a short time. The initial deployment is manageable, and this product also provides predefined management rules, reducing the need for writing custom security policies manually.
After deployment, some tuning and monitoring are required to handle false positives related to application-based traffic behavior, where most organizations initially deploy the rules in count mode before switching to blocking mode to avoid impacting genuine users. Overall, compared to traditional WAF deployments, Cyber Security Cloud Managed Rules is easier, faster, and requires less operational effort for implementation.
What's my experience with pricing, setup cost, and licensing?
The pricing is reasonable in terms of value for the features provided. It is not too high, actually, because the features are very stable and scalable. The pricing for Cyber Security Cloud Managed Rules is generally moderate and slightly expensive, depending on the application traffic and AWS usage, mainly based on the monthly subscription cost for processing changes. For small and medium environments, the pricing is reasonable as it reduces the manual operational effort from the security management perspective. However, for larger enterprise environments with very high traffic applications and heavy workloads, the overall cost increases significantly based on the environmental and infrastructure levels. Although operational automation and threat injections reduce manual work, the pricing can be a little high.
What other advice do I have?
Maintaining rules is relatively low compared to traditional WAF because most security rules and threat signatures are automatically updated by the vendor. The day-to-day activities mainly include monitoring alerts, checking the server's behavior, checking disk alerts, and reviewing blocked requests while handling false positives. Regular log analysis and policy reviews are still required to ensure smooth operations based on performance and security compliance. Maintenance efforts related to rules are low compared to traditional WAF. This solution also reduces the dependency on manual patching, which usually requires logging into the server for Windows updates. The process is simple, and the product is straightforward to maintain, helping significantly reduce the operational workload through automation and centralized management where everything can be managed from one dashboard. I would rate this solution a nine out of ten overall.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Automated security rules have protected our web apps and freed team resources for other work
What is our primary use case?
My main use case for Cyber Security Cloud Managed Rules is to protect from malware like DDoS incidents, against cross-site scripting, against SQL injections, and against geofencing. These are the areas which we majorly use cloud security and our cybersecurity managed rules.
A recent scenario of how I use Cyber Security Cloud Managed Rules to protect against one of those threats is that we have a specific application where only Italy is in-market, which means only Italian people can access that site because our sales are only in the Italian market. However, when we get human traffic from countries like Nigeria, Iran, and Pakistan, where we do not have any sales, the traffic still comes from such countries as DDoS requests. Cyber Security Cloud Managed Rules automatically blocks those countries where we do not have sales.
What is most valuable?
The best features Cyber Security Cloud Managed Rules offers is that we do not need any manual validation. When it comes to managed rules, it is always tested in my organization and always trusted and authorized in my current infrastructure.
Automatic validation occurs in my organization because we do not need any manual review in my infrastructure. Whenever there is an issue or a particular application we onboard on our web application firewall, we do not need any manual testing when these managed rules are placed as a major role. Whatever rules we apply, the monitoring is always in good health status with good user agents, and we are always getting traffic from reliable sources. We do not need any manual validation on each and every traffic.
Cyber Security Cloud Managed Rules has positively impacted my organization as we have been using it for two years. It has saved us considerable time. We do not need people at that particular time to validate those things. It has been a time-saving solution and we do not need any manual deployment anymore.
Since implementing these managed rules, we have saved time and resources. We have three members working on that, and after implementing Cyber Security Cloud Managed Rules, we have already freed up one more resource from my team. We are now working with two members.
What needs improvement?
Cyber Security Cloud Managed Rules needs improvement in such a way that whenever the application team or development team is doing any kind of deployments, they need to regularly enable or disable their maintenance page or holding page, as well as internal whitelisting will be required. Cyber Security Cloud Managed Rules should provide or adjust these features for developers or the application team to fulfill those needs.
Currently, it is already performing very well in our infrastructure, and we do not have any additional needs for improvements at this time.
For how long have I used the solution?
I have been working in cybersecurity and network security for almost five years.
What do I think about the stability of the solution?
Cyber Security Cloud Managed Rules is fully stable.
What do I think about the scalability of the solution?
Cyber Security Cloud Managed Rules's scalability is good as we always have an active-passive setup from the cloud vendor, making it much more scalable and reliable.
How are customer service and support?
The customer support for Cyber Security Cloud Managed Rules is excellent. Whenever we raise a request, whether it is high critical or small to medium critical cases, the customer support responds quickly. Within just a few minutes, we receive a response from them.
Which solution did I use previously and why did I switch?
Before choosing Cyber Security Cloud Managed Rules, we did not evaluate other options, though we had some plans to move to Akamai. However, we are satisfied with our current application.
How was the initial setup?
Cyber Security Cloud Managed Rules was acquired as part of Imperva Web Application Firewall.
What about the implementation team?
We use two types of rules. One is manual rules which we use in our day-to-day operations, and Cyber Security Cloud Managed Rules is the other major component.
What was our ROI?
I have seen a return on investment as we have experienced significant time-saving, which is very good for us. Regarding money saved or return, we have a separate team for that and I am not involved in those calculations.
What's my experience with pricing, setup cost, and licensing?
Regarding my experience with pricing, setup costs, and licensing, this was not handled by my team because we have a separate team for cost factors, setup costs, and licensing. I am not involved in that.
Which other solutions did I evaluate?
We are only using Cyber Security Cloud Managed Rules for almost two years since I joined this organization.
What other advice do I have?
I would rate Cyber Security Cloud Managed Rules around nine out of ten. I chose nine out of ten because even if it is perfect, I would not give a ten because there is no world called perfection in this world. We are humans, and maximum nine is sufficient for each and every field. I would not rate anything ten out of ten. I would advise others looking into using Cyber Security Cloud Managed Rules to go for this because the world is changing in technology, and for security, there should be no compromise. I always recommend them and advise them to go for Cyber Security Cloud Managed Rules. My overall review rating for this product is nine out of ten.
Managed rules have protected our ecommerce site and have reduced botnet and sql injection attacks
What is our primary use case?
My main use case for Cyber Security Cloud Managed Rules is to protect against malicious attacks like SQL injection attacks and cyber attacks.
Recently, I discovered malicious IPs which I believed were operating as a botnet and attacking my e-commerce website. Because WAF is for web application security, I used WAF managed rules related to IP and IP injection attacks. There are additional rules available for IP rate limiting based attacks, which allow me to implement a maximum number of attempts from a particular IP within a specific time period. This rate-limiting rule helps prevent unknown IPs from accessing my website.
The general security vulnerabilities provided by AWS WAF through managed rules or custom rules that I can implement will protect my application and enhance the security of my application through these security rules. This is the main use case of implementing WAF rules.
What is most valuable?
The best features of Cyber Security Cloud Managed Rules are that there are managed rules available for free that I can implement. I can stop SQL injection attacks, which is one significant vulnerable attack that can be stopped by WAF. Bitcoin mining attacks can also be stopped by implementing WAF. Additionally, there are specific rules related to bot control, which are especially helpful when a bot attacks my website. I implemented a framework known as OWASP Top 10, so these ten security critical vulnerabilities can be mitigated by implementing them.
I implemented free managed rules by AWS, which include Cyber Security Cloud Managed Rules. These managed rules control SQL injection attacks and other attacks that are managed by WAF to prevent them from affecting my systems.
Cyber Security Cloud Managed Rules have impacted my organization very positively because my company is security-focused. We are focusing mainly on security-based setups and implementing everything that can enhance security. This is one of the key applications or services I can implement in my company to stop mitigation attacks, which is why I implemented WAF and attached it to CloudFront, API Gateway, and sometimes to a load balancer to stop and mitigate these attacks.
I noticed specific outcomes or metrics from Cyber Security Cloud Managed Rules in the form of reduced attacks. I discovered that there was no system through which I could conclusively determine what happened, but I noticed some IPs in the logs that were attacking my website and trying to exploit Bitcoin through our platform. This activity was reduced by implementing WAF, and this is what I verified from the logs, which were very helpful.
What needs improvement?
I believe that Cyber Security Cloud Managed Rules can be improved by reducing false positives with traffic-aware tuning. Out-of-the-box managed rules are generic, and sometimes they block legitimate traffic. Improvements can be achieved by running rules in count monitor mode first, reviewing blocked requests using logs, adding custom rules on top of managed rules, and enabling request inspection depth layer seven hardening. These are techniques I can use to improve these rules.
For how long have I used the solution?
I have been using Cyber Security Cloud Managed Rules for the past one year.
What do I think about the stability of the solution?
Cyber Security Cloud Managed Rules are stable in the sense that I do not experience issues with availability or performance.
What do I think about the scalability of the solution?
Regarding scalability, I can easily implement them.
Which solution did I use previously and why did I switch?
I have not previously used a different solution because we are AWS native and implemented this solution only.
How was the initial setup?
Regarding pricing, setup cost, and licensing, I find it a bit more expensive.
What about the implementation team?
Regarding scalability, I can easily implement them.
What was our ROI?
I have seen a return on investment.
What's my experience with pricing, setup cost, and licensing?
Regarding pricing, setup cost, and licensing, I find it a bit more expensive.
Which other solutions did I evaluate?
Before deciding on Cyber Security Cloud Managed Rules, we went straight to using these rules. Everything is deployed on AWS, and we want to use AWS. This is the only sole provider for our company, so we are bound to use it.
What other advice do I have?
I would advise others looking into Cyber Security Cloud Managed Rules to use WAF if they want to eliminate security attacks, especially if they are using AWS. I would rate this product 8 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Managed web rules have protected our apps and have reduced common cyber attacks and downtime
What is our primary use case?
My main use case for Cyber Security Cloud Managed Rules is to prevent basic cyber attacks that happen most commonly using a Web Application Firewall.
Regarding my main use case and experience, the Web Application Firewall handles basic attacks. There is also a dashboard where I can check how these rules are blocking requests. I can check from which countries are sending more vulnerable requests towards us, which is very useful.
I can give a specific example of a situation where I used the managed rules to block or prevent an attack. In my recent project, the Web Application Firewall prevented attacks such as SQL injection, cross-site scripting, and brute force attempts. I was getting many requests from different servers, which may have been a DDoS attack. I had already written a managed rule for this situation. I created a custom rule in which if many requests come from a specific source, they will be blocked.
How has it helped my organization?
The number of incidents and downtime have decreased significantly since implementing Cyber Security Cloud Managed Rules. My team saves considerable time as a result of using this solution.
What is most valuable?
The best features Cyber Security Cloud Managed Rules offers include tracking the IPs or bots sending requests that try to attack our servers. I can also block them using these WAF rules, Web Application Firewall rules, which is a good feature.
It is very easy for me to track those IPs and bots using the managed rules, and it integrates well with my dashboards and logs.
Regarding valuable features, the ability to see the IP and the country where the request comes from is very useful when I want to find which countries are getting the most malicious requests and which bots are sending malicious requests. This allows me to block them or add them into my blocked IP list.
Cyber Security Cloud Managed Rules has positively impacted my organization; the impact was great. Since I can track all these malicious requests, I was able to block those, and we do not get attacked much lately since I have been using a Web Application Firewall. I also use their bot rules, where it automatically blocks specific bots which are flagged or blacklisted, which really helps.
I did notice changes in the number of incidents, downtime, and time saved for my team since I started using Cyber Security Cloud Managed Rules. We do not get downtimes now since we have been using this, and the impact is quite positive. Everyone should at least use the basic common rule set of these WAF rules.
What needs improvement?
Cyber Security Cloud Managed Rules can be improved through more research on malicious attack patterns and threats.
For how long have I used the solution?
I have been using Cyber Security Cloud Managed Rules for approximately 1.5 years.
What do I think about the stability of the solution?
Cyber Security Cloud Managed Rules is stable.
What do I think about the scalability of the solution?
The scalability of Cyber Security Cloud Managed Rules depends on the rules and what type of rules are being used.
How are customer service and support?
I would describe the customer support for Cyber Security Cloud Managed Rules as pretty average. They provide a link and then disappear, so I have to do my own research. My experience with support was not good.
Which solution did I use previously and why did I switch?
I have not previously used a different solution; AWS Web Application Firewall was my first.
How was the initial setup?
I can purchase Cyber Security Cloud Managed Rules from the AWS console. I do not have to go to the AWS Marketplace.
What about the implementation team?
My advice for others looking into using Cyber Security Cloud Managed Rules is to definitely consider it.
What was our ROI?
I have seen a return on investment with Cyber Security Cloud Managed Rules. It really saved my time debugging attacks by showing me where the attack came from, whether it was detected, and how to prevent it. Since I have been using WAF, these incidents are very less frequent than before. It is really helpful for the person in charge of security for the cloud infrastructure.
What's my experience with pricing, setup cost, and licensing?
Amazon provides around five to six rules which are literally free of cost, saving me from many basic attacks such as SQL injection, SSH scripts, or any vulnerable common attacks. I can use these rules free of cost. Some of the rules AWS provides cost some money, around $10. For example, there is a rule which blocks suspicious bots automatically.
Which other solutions did I evaluate?
I have not evaluated other options before choosing Cyber Security Cloud Managed Rules because I first tried AWS Web Application Firewall since my whole project infrastructure was on AWS, which is why I chose AWS Web Application Firewall.
What other advice do I have?
Everyone should use these rules for better security for their applications and implement them. Additionally, they should learn from the mistakes they make when implementing rules for the future. I give Cyber Security Cloud Managed Rules an overall rating of eight out of ten.
showing 1 - 4