Case Study

Effective Threat Protection with AWS WAF Configuration Resulting in 3.01% of Requests Blocked in 24 Hours for a PSU

Download the Case Study
Industry

Government and PSU

Expertise

AWS IAM, AWS CloudTrail, Amazon S3, Amazon EC2, AWS Security Hub, AWS WAF, AWS KMS, AWS Config, Amazon DynamoDB, AWS GuardDuty, AWS Sheild

Offerings/Solutions

Enhanced AWS WAF configuration, including custom rules, rate-based enforcement, and AWS-managed rules, alongside AWS Shield integration, AWS CloudFront configuration.

About the Client

The customer is a Public Sector Oil and Gas company under the ownership of the Ministry of Petroleum and Natural Gas, Government of India. Based in New Delhi, it operates as a public sector undertaking under the ministry’s supervision. 

Highlights

AWS WAF

Custom Rules Configuration

100,000 requests within a 5-minute

Rate-Based and IP-Based Rules Implementation

3.01% of requests blocked in 24 hours

Effective Protection Against Potential Threats

The Challenge

The customer wanted to migrate their infrastructure to AWS, requiring enhanced Linux servers and AWS WAF integration to defend against diverse web attacks, including OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, and more. 

Solutions

  • Configured AWS WAF and created Custom WAF rules targeting OWASP Top 10 attacks, API security threats, SQL injection, XSS, and more for enhanced application resilience. 
  • Implemented AWS WAF protection against common web-based threats like SQL injection, XSS, and CSRF, with regular rule updates to adapt to evolving risks. 
  • Employed mitigation strategies such as JSON validation, output encoding, and secure session management to prevent vulnerability exploitation. 
  • Utilized AWS WAF IP Reputation Lists to block traffic from known malicious IP addresses and botnets. 
  • Managed access with AWS IAM policies and integrated AWS Shield for DDoS protection with load balancers to safeguard against potential attacks. 

The Results

Implemented comprehensive AWS WAF configuration, including custom and managed rules, rate-based enforcement, AWS Shield integration, and AWS CloudFront setup to defend against a wide range of web-based attacks, resulting in a 3.01% reduction in blocked requests within 24 hours. 

Download the Case Study

AWS Partner - Migration Services Competency

Pioneering Migration space by being an AWS Partner - Migration Services Competency.

Learn more

An authorized partner for all major cloud providers

A cloud agnostic organization with the rare distinction of being an authorized partner for AWS, Microsoft, Google and VMware.

Learn more

A house of strong pool of certified consulting experts

150+ cloud certified experts in AWS, Azure, GCP, VMware, etc.; delivered 200+ projects for top 100 fortune 500 companies.

Learn more

Related Resources

Upcoming Webinar

Demystifying Generative BI: A Deep Dive with Amazon QuickSight

Read More

AWS

Apr 2024

News and Events

AI's Energy Quagmire: Today's Pressing Issues, Tomorrow's Crisis

Read More

Mar 2024

News and Events

Demand for cloud skills on the rise as leaders...

Read More

Feb 2024

News and Events

How to use AI to make your e-learning easier...

Read More

Feb 2024

Ondemand Webinar

Webinar - Getting Started on AWS

Read More

AWS

Feb 2024

News and Events

Upskilling for generative AI is inevitable, but companies too...

Read More

Feb 2024

News and Events

Career path fork: Individual leadership or people leadership?

Read More

Feb 2024

News and Events

Companies see training as best way to fill demand...

Read More

Feb 2024

News and Events

Why corporate training is essential for Industry 4.0

Read More

Feb 2024

News and Events

Post-Budget Perspectives: Voices That Define the Financial Landscape

Read More

Feb 2024

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!