top of page
WAF.10
A WAFV2 web ACL should have at least one rule or rule group
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Amazon Web Application Firewall
AWS Foundational Best Practice, NIST.800-53.r5,
This control checks whether a WAFV2 web ACL contains at least one WAF rule or WAF rule group. The control fails if a web ACL does not contain any WAF rule or rule group.
bottom of page