πΌ [WAF.2] AWS WAF Classic Regional rules should have at least one condition
-
Contextual name: πΌ [WAF.2] AWS WAF Classic Regional rules should have at least one condition
-
ID:
/frameworks/aws-fsbp-v1.0.0/waf/02 -
Located in: πΌ WAF
Descriptionβ
A WAF Regional rule can contain multiple conditions. The rule's conditions allow for traffic inspection and take a defined action (allow, block, or count). Without any conditions, the traffic passes without inspection. A WAF Regional rule with no conditions, but with a name or tag suggesting allow, block, or count, could lead to the wrong assumption that one of those actions is occurring.
Similarβ
- AWS Security Hub
- Internal
- ID:
dec-c-60e89005
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows | 35 | 39 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7 Boundary Protection | 29 | 5 | 33 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7(11) Boundary Protection _ Restrict Incoming Communications Traffic | 15 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7(16) Boundary Protection _ Prevent Discovery of System Components | 16 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7(21) Boundary Protection _ Isolation of System Components | 16 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|