Login- Consulting
- Training
- Partners
- About Us
x
×
HealthTech
Amazon EC2, Amazon S3, Amazon DynamoDB, Amazon CloudWatch, AWS CloudTrail, AWS IAM, AWS WAF
Enhanced Application Stability with AWS WAF Reducing Resource Overconsumption and Improving Performance
Bridge Health Medical and Digital Solution Private Limited is an integrated Medical & Digital Healthcare program designed to deliver Individualized Care Continuum proactively. This program is executed through well-curated and validated clinical protocols. The services are rendered with clinical outcomes being at the core of the program.
Decrease unauthorized access risk
Reduction in downtime
Resource overconsumption is reduced
Bridge Health had its infrastructure set up on AWS. To avoid security breaches, they wanted us to implement AWS WAF rules, which protect their application from significant risks, including vulnerability to automated bot attacks, unauthorized admin access, SQL injection, and threats from known malicious IPs. They lack protection against common web attacks, malicious payloads, and targeted geographical threats. These issues lead to increased operational disruptions, data integrity problems, and compliance challenges.
• We have implemented the following AWS WAF rules in the existing infrastructure for different layers of protection:
• Defends against resource overconsumption, business metric distortion, downtime, and malicious bot behaviors. Provides visibility via Amazon CloudWatch and enables bot traffic management.
• Defends web applications from OWASP vulnerabilities.
• Blocks SQL injection attack patterns, preventing unauthorized queries.
• Blocks invalid request patterns to prevent exploitation and discovery of vulnerabilities.
• Blocks request patterns exploiting Linux vulnerabilities, such as LFI attacks, to prevent file exposure and unauthorized code execution.
• Blocks external access to admin pages, protecting against unauthorized administrative access.
• Blocks bot sources and potential threats using Amazon threat intelligence.
• Rate-based limit rules restrict the number of requests per IP to a resource over time, guarding against brute force and DoS attacks. We have taken the rate limit as 300, as it is recommended to take 2-3 times the usual traffic, we have a total of around 150 users where active users are around 50 at a time, so 300 is recommended and it can be changed at any time
Implemented AWS WAF with IP whitelisting, controlled bot activities, and admin page security rules to minimize resource overconsumption by 30%, reduce unauthorized access risk by 60%, and achieve 40% less downtime for improved application performance.
SHARE
Ondemand Webinar
AWS
May 2024
Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!