💼 [WAF.3] AWS WAF Classic Regional rule groups should have at least one rule
- ID:
/frameworks/aws-fsbp-v1.0.0/waf/03
Description
A WAF Regional rule group can contain multiple rules. The rule's conditions allow for traffic inspection and take a defined action (allow, block, or count). Without any rules, the traffic passes without inspection. A WAF Regional rule group with no rules, but with a name or tag suggesting allow, block, or count, could lead to the wrong assumption that one of those actions is occurring.
Similar
- AWS Security Hub
- Internal
- ID:
dec-c-a44cf82f
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows | 37 | 48 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7 Boundary Protection | 29 | 4 | 52 | no data | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(11) Boundary Protection _ Restrict Incoming Communications Traffic | 24 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(16) Boundary Protection _ Prevent Discovery of System Components | 25 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(21) Boundary Protection _ Isolation of System Components | 24 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS WAF Rule Group has no WAF Rules🟢 | 1 | 🟠 x1, 🟢 x5 | no data |