top of page
AWS Foundational Security Best Practice
WAF.4
A WAF Regional web ACL should have at least one rule or rule group
Severity
Cloud Platforms
Resources
MEDIUM
AWS
Amazon Web Application Firewall
This control checks whether a WAF Regional web ACL contains any WAF rules or WAF rule groups. This control fails if a web ACL does not contain any WAF rules or rule groups.
bottom of page