In this lab, participants will design and implement advanced security controls for a public web application using AWS WAF, AWS Shield, and Amazon CloudFront. Learners will configure AWS WAF rules to mitigate common web vulnerabilities identified by the OWASP Top 10. Additionally, they'll leverage AWS Shield for DDoS protection, configuring response measures through the AWS Management Console. This lab will also explore the integration of AWS WAF with CloudFront to apply geo-blocking and rate-based rules, enhancing edge security. Participants will use Amazon CloudWatch and AWS Lambda to automate the monitoring and remediation of threats, ensuring optimal application performance and security resilience. This lab will guide learners through configuring real-time alerts and dashboards in CloudWatch for ongoing threat detection and analysis. By the end of this lab, learners will have hands-on experience configuring, managing, and optimizing security controls suitable for production environments.
A global ecommerce company needs to secure its online shopping platform from increasing cyber threats such as SQL injection and DDoS attacks. They want to ensure that their services remain available during peak shopping seasons without compromising customer data security. The company has deployed its infrastructure in AWS and desires to enhance its edge security by leveraging AWS security services like WAF and Shield.
