💼 [WAF.8] AWS WAF Classic global web ACLs should have at least one rule or rule group
-
Contextual name: 💼 [WAF.8] AWS WAF Classic global web ACLs should have at least one rule or rule group
-
ID:
/frameworks/aws-fsbp-v1.0.0/waf/08 -
Located in: 💼 WAF
Description​
A WAF global web ACL can contain a collection of rules and rule groups that inspect and control web requests. If a web ACL is empty, the web traffic can pass without being detected or acted upon by WAF depending on the default action.
Similar​
- AWS Security Hub
- Internal
- ID:
dec-c-0c868fe0
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-4(21) Information Flow Enforcement _ Physical or Logical Separation of Information Flows | 37 | 46 | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7 Boundary Protection | 29 | 4 | 50 | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(11) Boundary Protection _ Restrict Incoming Communications Traffic | 22 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(16) Boundary Protection _ Prevent Discovery of System Components | 23 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(21) Boundary Protection _ Isolation of System Components | 22 |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|