Strengthening Defenses Against Common Web Exploits and Malicious IPs with AWS Security Services for IRCTC

Solutions

• Leveraged AWS Organizations for centralized governance and compliance. 
• Implemented Multi-Factor Authentication (MFA) for enhanced security. 
• Utilized AWS Identity Center for seamless provisioning with AWS Single Sign-On (SSO) integration. 
• Employed AWS GuardDuty for continuous threat monitoring and detection. 
• Utilized AWS Shield for DDoS attack protection. 
• Encrypted data at rest using AWS Key Management Service (KMS). 
• Used AWS Security Groups and Network ACLs to control traffic to and from Amazon EKS clusters. 
• Implemented AWS WAF rules for targeted IP blocking, rate limiting, and core rule sets for OWASP Top 10 attacks. 
• Integrated AWS Security Hub for centralized security management and automated compliance checks, alongside Inspector for vulnerability assessment on Amazon EKS nodes. 
• Leveraged AWS CloudTrail for API activity logging and monitoring. 
• Utilized AWS Control Tower Landing Zone for rapid setup of a secure, compliant multi-account AWS environment, following best practices and security guardrails.