AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-08-22 · Documentation low

File: waf/latest/developerguide/waf-application-integration.md

Summary

Updated terminology to clarify 'protection pack' is equivalent to 'web ACL' protections in two instances

Security assessment

The changes are purely terminological clarifications (changing 'protection pack or web ACL' to 'protection pack (web ACL)'). There is no evidence of addressing a specific security vulnerability or weakness. The documentation continues to describe existing security features without introducing new security-related content.

Diff

diff --git a/waf/latest/developerguide/waf-application-integration.md b/waf/latest/developerguide/waf-application-integration.md
index e33d82c62..2a4c81923 100644
--- a//waf/latest/developerguide/waf-application-integration.md
+++ b//waf/latest/developerguide/waf-application-integration.md
@@ -13 +13 @@ This section explains how to use the intelligent threat integration APIs and Jav
-Use AWS WAF client application integration APIs to couple client-side protections with your AWS server-side protection pack or web ACL protections, to help verify that the client applications that send web requests to your protected resources are the intended clients and that your end users are human beings. 
+Use AWS WAF client application integration APIs to couple client-side protections with your AWS server-side protection pack (web ACL) protections, to help verify that the client applications that send web requests to your protected resources are the intended clients and that your end users are human beings. 
@@ -17 +17 @@ Use the client integrations to manage silent browser challenges and CAPTCHA puzz
-Combine your client integrations with protection pack or web ACL protections that require valid tokens for access to your resources. You can use rule groups that check and monitor challenge tokens, like the ones listed in the next section, at [Intelligent threat integration and AWS Managed Rules](./waf-application-integration-with-AMRs.html), and you can use the CAPTCHA and Challenge rule actions to check, as described in [CAPTCHA and Challenge in AWS WAF](./waf-captcha-and-challenge.html). 
+Combine your client integrations with protection pack (web ACL) protections that require valid tokens for access to your resources. You can use rule groups that check and monitor challenge tokens, like the ones listed in the next section, at [Intelligent threat integration and AWS Managed Rules](./waf-application-integration-with-AMRs.html), and you can use the CAPTCHA and Challenge rule actions to check, as described in [CAPTCHA and Challenge in AWS WAF](./waf-captcha-and-challenge.html).