top of page
WAF.8
A WAF global web ACL should have at least one rule or rule group
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Amazon Web Application Firewall
AWS Foundational Best Practice, NIST.800-53.r5,
This control checks whether a WAF global web ACL contains any WAF rules or WAF rule groups. This control fails if a web ACL does not contain any WAF rules or WAF rule groups.
bottom of page