💼 [WAF.12] AWS WAF rules should have CloudWatch metrics enabled

ID: /frameworks/aws-fsbp-v1.0.0/waf/12

Description

Configuring CloudWatch metrics on AWS WAF rules and rule groups provides visibility into traffic flow. You can see which ACL rules are triggered and which requests are accepted and blocked. This visibility can help you identify malicious activity on your associated resources.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/waf-controls.html#waf-12
Internal
- ID: dec-c-5ffc2611

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			14	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		23	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	34	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			13	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			13	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		12	no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	47	70	no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		22	no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			29	no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(10) Boundary Protection _ Prevent Exfiltration			16	no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			13	no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections