AWS Security ChangesHomeSearch

AWS waf documentation change

Service: waf · 2025-12-10 · Documentation low

File: waf/latest/developerguide/doc-history.md

Summary

Updated documentation links and added changelog entries for managed rule group updates including Bot Control enhancements and Web Bot Authentication

Security assessment

Adds documentation for new security features (Web Bot Authentication, expanded bot detection) but doesn't fix vulnerabilities. Security documentation is enhanced through new authentication methods and rule group capabilities.

Diff

diff --git a/waf/latest/developerguide/doc-history.md b/waf/latest/developerguide/doc-history.md
index e20cb8b1b..4d4551f3b 100644
--- a//waf/latest/developerguide/doc-history.md
+++ b//waf/latest/developerguide/doc-history.md
@@ -7 +7 @@
-You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the updated console experience](./working-with-console.html). 
+You can now use the updated experience to access AWS WAF functionality anywhere in the console. For more details, see [Working with the console](https://docs.aws.amazon.com/waf/latest/developerguide/working-with-console.html). 
@@ -17 +17,4 @@ Change| Description| Date
-[Updated AWS Managed Rules for AWS WAF](./aws-managed-rule-groups-changelog.html)| Updated the Known bad inputs rule group. | December 4, 2025  
+[Updated AWS Managed Rules for AWS WAF](./aws-managed-rule-groups-changelog.html)| Released static version 1.25 of the Known bad inputs rule group. | December 8, 2025  
+[Updated AWS Managed Rules for AWS WAF](./aws-managed-rule-groups-changelog.html)| Released static version of 3.1 of the POSIX operating system rule group. | December 8, 2025  
+[Updated AWS Managed Rules for AWS WAF](./aws-managed-rule-groups-changelog.html)| Released static version 1.24 of the Known bad inputs rule group. | December 4, 2025  
+[Updated AWS Managed Rules for AWS WAF](./aws-managed-rule-groups-changelog.html)| Updated Bot Control rule group with support for expanded bot detection across multiple categores like Advertising, AI, Content Fetcher, and Social Media.| November 20, 2025  
@@ -19,0 +23 @@ Change| Description| Date
+[Updated AWS Managed Rules for AWS WAF](./aws-managed-rule-groups-changelog.html)| Added support for Web Bot Authentication for AI Agents to the Bot Control rule group.| November 17, 2025  
@@ -108,0 +113 @@ Change| Description| Date
+[New web authentication labels for AI agents Bot Control managed rule group.](./aws-managed-rule-groups-bot.html)| The Bot Control managed rule group now supports Web Bot Authentication (WBA) as a cryptographic verification method for bots and AI agents accessing your CloudFront distributions. This feature enables legitimate AI crawlers and agents to prove their identity without requiring traditional challenge-response mechanisms. | November 20, 2023  
@@ -319 +324 @@ Change| Description| Date
-[AWS Firewall Manager integrated with AWS Security Hub](https://docs.aws.amazon.com/waf/latest/developerguide/fms-findings.html)| AWS Firewall Manager now creates findings for resources that are out of compliance and for attacks and sends them to AWS Security Hub. | December 18, 2019  
+[AWS Firewall Manager integrated with AWS Security Hub CSPM](https://docs.aws.amazon.com/waf/latest/developerguide/fms-findings.html)| AWS Firewall Manager now creates findings for resources that are out of compliance and for attacks and sends them to AWS Security Hub CSPM. | December 18, 2019