Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AWS WAF is a managed web application firewall that monitors network traffic to your AWS applications and resources. As a perimeter-based firewall, AWS WAF is designed to secure the boundaries between your applications and the public internet. This means that it’s capable of protecting all of the various elements of your AWS architecture, including Amazon API Gateways, load balancers, and Amazon CloudFront distributions.

In Part 1 of this series, we looked at how AWS WAF helps you monitor network traffic to AWS resources, as well as key metrics and logs for detecting WAF misconfigurations and malicious activity. In this post, we’ll walk through using AWS’s native tooling to query that data.

In Part 2 of this series, we looked at Amazon’s built-in monitoring services for AWS WAF activity and audit logs. In this post, we’ll demonstrate how Datadog complements your WAF’s existing protection and extends its capabilities to not only offer protection at the perimeter but also to the APIs and services within your network.

We recently released the State of DevSecOps study, in which we analyzed tens of thousands of applications and cloud environments to assess adoption of best practices that are at the core of DevSecOps today. In particular, we found that: In this post, we provide key recommendations based on these findings, and we explain how you can leverage Datadog Application Security Management (ASM) and Cloud Security Management (CSM) to improve your security posture.

As application architectures shift to the cloud and the velocity of software delivery accelerates, organizations are seeking more powerful capabilities to identify security vulnerabilities within their production applications. Traditional static application security testing (SAST) tools, by themselves, are insufficient.