Case Study

Effective Threat Protection with AWS WAF Configuration Resulting in 3.01% of Requests Blocked in 24 Hours for a PSU

Download the Case Study

Government and PSU


AWS IAM, AWS CloudTrail, Amazon S3, Amazon EC2, AWS Security Hub, AWS WAF, AWS KMS, AWS Config, Amazon DynamoDB, AWS GuardDuty, AWS Sheild


Enhanced AWS WAF configuration, including custom rules, rate-based enforcement, and AWS-managed rules, alongside AWS Shield integration, AWS CloudFront configuration.

About the Client

The customer is a Public Sector Oil and Gas company under the ownership of the Ministry of Petroleum and Natural Gas, Government of India. Based in New Delhi, it operates as a public sector undertaking under the ministry’s supervision. 



Custom Rules Configuration

100,000 requests within a 5-minute

Rate-Based and IP-Based Rules Implementation

3.01% of requests blocked in 24 hours

Effective Protection Against Potential Threats

The Challenge

The customer wanted to migrate their infrastructure to AWS, requiring enhanced Linux servers and AWS WAF integration to defend against diverse web attacks, including OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, and more. 


  • Configured AWS WAF and created Custom WAF rules targeting OWASP Top 10 attacks, API security threats, SQL injection, XSS, and more for enhanced application resilience. 
  • Implemented AWS WAF protection against common web-based threats like SQL injection, XSS, and CSRF, with regular rule updates to adapt to evolving risks. 
  • Employed mitigation strategies such as JSON validation, output encoding, and secure session management to prevent vulnerability exploitation. 
  • Utilized AWS WAF IP Reputation Lists to block traffic from known malicious IP addresses and botnets. 
  • Managed access with AWS IAM policies and integrated AWS Shield for DDoS protection with load balancers to safeguard against potential attacks. 

The Results

Implemented comprehensive AWS WAF configuration, including custom and managed rules, rate-based enforcement, AWS Shield integration, and AWS CloudFront setup to defend against a wide range of web-based attacks, resulting in a 3.01% reduction in blocked requests within 24 hours. 

Download the Case Study

AWS Partner - Migration Services Competency

Pioneering Migration space by being an AWS Partner - Migration Services Competency.

Learn more

An authorized partner for all major cloud providers

A cloud agnostic organization with the rare distinction of being an authorized partner for AWS, Microsoft, Google and VMware.

Learn more

A house of strong pool of certified consulting experts

150+ cloud certified experts in AWS, Azure, GCP, VMware, etc.; delivered 200+ projects for top 100 fortune 500 companies.

Learn more

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!