AWS solutions documentation change
Summary
Changed formatting of bullet points by replacing en dashes with escaped hyphens
Security assessment
The changes are purely formatting-related, replacing en dashes with escaped hyphens in bullet points. No security content was added or modified.
Diff
diff --git a/solutions/latest/security-automations-for-aws-waf/security.md index ef36a672f..911531ae5 100644 --- a/solutions/latest/security-automations-for-aws-waf/security.md +++ b/solutions/latest/security-automations-for-aws-waf/security.md @@ -25 +25 @@ This solution uses CloudFormation to configure AWS WAF rules, including AWS Mana - * **AWS Managed Rules** – This managed service provides protection against common application vulnerabilities or other unwanted traffic. This solution includes [AWS Managed IP reputation rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-ip-rep.html), [AWS Managed baseline rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-baseline.html), and [AWS Managed use-case specific rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-use-case.html). You have the option of selecting one or more rules groups for your web ACL, up to the maximum web ACL capacity unit (WCU) quota. + * **AWS Managed Rules** \- This managed service provides protection against common application vulnerabilities or other unwanted traffic. This solution includes [AWS Managed IP reputation rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-ip-rep.html), [AWS Managed baseline rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-baseline.html), and [AWS Managed use-case specific rule groups](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-use-case.html). You have the option of selecting one or more rules groups for your web ACL, up to the maximum web ACL capacity unit (WCU) quota. @@ -27 +27 @@ This solution uses CloudFormation to configure AWS WAF rules, including AWS Mana - * **SQL injection** – Attackers insert malicious SQL code into web requests to extract data from your database. We designed this solution to block web requests that contain potentially malicious SQL code. + * **SQL injection** \- Attackers insert malicious SQL code into web requests to extract data from your database. We designed this solution to block web requests that contain potentially malicious SQL code. @@ -29 +29 @@ This solution uses CloudFormation to configure AWS WAF rules, including AWS Mana - * **XSS** – Attackers use vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into a legitimate user’s web browser. We designed this to inspect commonly explored elements of incoming requests to identify and block XSS attacks. + * **XSS** \- Attackers use vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into a legitimate user’s web browser. We designed this to inspect commonly explored elements of incoming requests to identify and block XSS attacks. @@ -31 +31 @@ This solution uses CloudFormation to configure AWS WAF rules, including AWS Mana - * **HTTP floods** – Web servers and other backend resources are at risk of DDoS attacks, such as HTTP floods. This solution automatically invokes a rate-based rule when web requests from a client exceed a configurable quota. Alternatively, you can enforce this quota by processing AWS WAF logs using a Lambda function or Athena query. + * **HTTP floods** \- Web servers and other backend resources are at risk of DDoS attacks, such as HTTP floods. This solution automatically invokes a rate-based rule when web requests from a client exceed a configurable quota. Alternatively, you can enforce this quota by processing AWS WAF logs using a Lambda function or Athena query. @@ -33 +33 @@ This solution uses CloudFormation to configure AWS WAF rules, including AWS Mana - * **Scanners and probes** – Malicious sources scan and probe internet-facing web applications for vulnerabilities, by sending a series of requests that generate HTTP 4xx error codes. You can use this history to help identify and block malicious source IP addresses. This solution creates a Lambda function or Athena query that automatically parses CloudFront or ALB access logs, counts the number of bad requests from unique source IP addresses per minute, and updates AWS WAF to block further scans from addresses that reached the defined error quota. + * **Scanners and probes** \- Malicious sources scan and probe internet-facing web applications for vulnerabilities, by sending a series of requests that generate HTTP 4xx error codes. You can use this history to help identify and block malicious source IP addresses. This solution creates a Lambda function or Athena query that automatically parses CloudFront or ALB access logs, counts the number of bad requests from unique source IP addresses per minute, and updates AWS WAF to block further scans from addresses that reached the defined error quota. @@ -35 +35 @@ This solution uses CloudFormation to configure AWS WAF rules, including AWS Mana - * **Known attacker origins (IP reputation lists)** – Many organizations maintain reputation lists of IP addresses operated by known attackers, such as spammers, malware distributors, and botnets. This solution leverages the information in these reputation lists to help you block requests from malicious IP addresses. In addition, this solution blocks attackers identified by IP reputation rule groups based on Amazon internal threat intelligence. + * **Known attacker origins (IP reputation lists)** \- Many organizations maintain reputation lists of IP addresses operated by known attackers, such as spammers, malware distributors, and botnets. This solution leverages the information in these reputation lists to help you block requests from malicious IP addresses. In addition, this solution blocks attackers identified by IP reputation rule groups based on Amazon internal threat intelligence. @@ -37 +37 @@ This solution uses CloudFormation to configure AWS WAF rules, including AWS Mana - * **Bots and scrapers** – Operators of publicly accessible web applications need to trust that the clients accessing their content identify themselves accurately, and that they use services as intended. However, some automated clients, such as content scrapers or bad bots, misrepresent themselves to bypass restrictions. This solution helps you identify and block bad bots and scrapers. + * **Bots and scrapers** \- Operators of publicly accessible web applications need to trust that the clients accessing their content identify themselves accurately, and that they use services as intended. However, some automated clients, such as content scrapers or bad bots, misrepresent themselves to bypass restrictions. This solution helps you identify and block bad bots and scrapers.