Case Study

Effective Threat Protection with AWS WAF Configuration Resulting in 3.01% of Requests Blocked in 24 Hours for a PSU

Download the Case Study
Industry

Government and PSU

Expertise

AWS IAM, AWS CloudTrail, Amazon S3, Amazon EC2, AWS Security Hub, AWS WAF, AWS KMS, AWS Config, Amazon DynamoDB, AWS GuardDuty, AWS Sheild

Offerings/Solutions

Enhanced AWS WAF configuration, including custom rules, rate-based enforcement, and AWS-managed rules, alongside AWS Shield integration, AWS CloudFront configuration.

About the Client

The customer is a Public Sector Oil and Gas company under the ownership of the Ministry of Petroleum and Natural Gas, Government of India. Based in New Delhi, it operates as a public sector undertaking under the ministry’s supervision. 

Highlights

AWS WAF

Custom Rules Configuration

100,000 requests within a 5-minute

Rate-Based and IP-Based Rules Implementation

3.01% of requests blocked in 24 hours

Effective Protection Against Potential Threats

The Challenge

The customer wanted to migrate their infrastructure to AWS, requiring enhanced Linux servers and AWS WAF integration to defend against diverse web attacks, including OWASP Top 10 vulnerabilities, SQL injection, XSS, CSRF, and more. 

Solutions

  • Configured AWS WAF and created Custom WAF rules targeting OWASP Top 10 attacks, API security threats, SQL injection, XSS, and more for enhanced application resilience. 
  • Implemented AWS WAF protection against common web-based threats like SQL injection, XSS, and CSRF, with regular rule updates to adapt to evolving risks. 
  • Employed mitigation strategies such as JSON validation, output encoding, and secure session management to prevent vulnerability exploitation. 
  • Utilized AWS WAF IP Reputation Lists to block traffic from known malicious IP addresses and botnets. 
  • Managed access with AWS IAM policies and integrated AWS Shield for DDoS protection with load balancers to safeguard against potential attacks. 

The Results

Implemented comprehensive AWS WAF configuration, including custom and managed rules, rate-based enforcement, AWS Shield integration, and AWS CloudFront setup to defend against a wide range of web-based attacks, resulting in a 3.01% reduction in blocked requests within 24 hours. 

Download the Case Study

AWS Partner - Migration Services Competency

Pioneering Migration space by being an AWS Partner - Migration Services Competency.

Learn more

An authorized partner for all major cloud providers

A cloud agnostic organization with the rare distinction of being an authorized partner for AWS, Microsoft, Google and VMware.

Learn more

A house of strong pool of certified consulting experts

150+ cloud certified experts in AWS, Azure, GCP, VMware, etc.; delivered 200+ projects for top 100 fortune 500 companies.

Learn more

Related Resources

News and Events

How Was the Cloud Market Primed for Growth? |...

Read More

Sep 2024

News and Events

AI for MSMEs: Bridging the Gap Between Technology and...

Read More

Sep 2024

Upcoming Webinar

Free Training - Getting Started with Google Kubernetes Engine

Read More

GCP

Aug 2024

Upcoming Webinar

Free Training - Getting Started with Terraform for Google...

Read More

Google Cloud

Aug 2024

News and Events

Will US Recession Fears Have an Effect on the...

Read More

Aug 2024

Upcoming Webinar

Free Training: Google Cloud Big Data and Machine Learning...

Read More

GCP

Aug 2024

Ondemand Webinar

AWS Discovery Day - Machine Learning Basics

Read More

Aug 2024

Upcoming Webinar

Free Training - Google Cloud Big Data and Machine...

Read More

GCP

Aug 2024

Ondemand Webinar

Free Training - Gen-AI for Business Users: Transformative Insights...

Read More

Jul 2024

Ondemand Webinar

Empowering Decision-Making: How GenAI Streamlines BI Workflows in Amazon...

Read More

AWS

May 2024

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!