top of page

WAF.3

A WAF Regional rule group should have at least one rule

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon Web Application Firewall

AWS Foundational Best Practice, CDR, SOC2, NIST.800-53.r5,

This control checks whether a WAF Regional rule group has at least one rule. The control fails if no rules are present within a rule group.

bottom of page