Includes AWS WAF managed rules where uses don’t have to create custom rules, provides protection against exploitation of a wide range of common application vulnerabilities or other unwanted traffic.

Creates two specific AWS WAF rules that allow you to manually insert IP addresses that you want to block or allow. You can also configure IP retention and remove expired IP addresses from these IP lists.

protect against common SQL injection or XSS patterns in the URI, query string, or body of a request. Helps protect against attacks that consist of a large number of requests from a particular IP address, such as a web-layer distributed denial-of-service (DDoS) attacks or a brute-force login attempt.

This component parses application access logs searching for suspicious behavior, such as an abnormal amount of errors generated by an origin. It then blocks those suspicious source IP addresses for a customer-defined period of time.

Automatically sets up a honeypot, which is a security mechanism intended to lure and deflect an attempted attack.