- Newest
- Most votes
- Most comments
The managed rules provided by AWS WAF are created and maintained by AWS security experts and researchers based on their analysis of various attack patterns, threat intelligence, and best practices. However, AWS employs ML and AI techniques to detect anomalies in traffic patterns and behaviors, which can indicate potential attacks or malicious activities. These anomalies can trigger further investigation and potential rule updates in AWS WAF.
For example, the AWS WAF Bot Control managed rule group uses machine learning to detect anoumalous behavior of bot activity. Specifically, the rules that use machine learning have names starting with “TGT_ML_” and analyze webtraffic statistics such as timestamps, browser characteristics, and previous URLs visited to improve the Bot Control machine learning model.
The combination of expert human analysis and the application of ML and AI technologies in the broader AWS security ecosystem contributes to the continuous improvement and effectiveness of AWS WAF’s managed rules and overall security capabilities.
[1] https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control-rg-using.html
[2] https://docs.aws.amazon.com/waf/latest/developerguide/waf-managed-rule-groups.html
[3] https://docs.aws.amazon.com/prescriptive-guidance/latest/security-reference-architecture/ai-ml.html
Hello.
AWS WAF managed rules are rule groups created and managed by AWS and AWS Marketplace sellers.
I don't think they use machine learning or artificial intelligence to create the rules.
https://docs.aws.amazon.com/waf/latest/developerguide/waf-managed-rule-groups.html
Relevant content
- asked 3 years ago
- asked 2 years ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 4 months ago