real world experience with WAF WebACL anomaly detection


Looking for personal experiences for anomaly detection for WAF WebACLs using either CloudWatch Anomalies or CloudWatch with Lookout for Metrics. e.g. blocked requests.

Has anyone had profound insights using either? What I mean is, has anyone received any actionable intelligence from either of these approaches that was able to result in a measurable operational improvement or risk mitigation? How were the costs in using these approaches?

Thank you in advance.

1 Answer

I personally haven't seen that much adoption of using CW Anomaly Detection along with WAF WebACLs.

answered 2 years ago
  • Thanks for the feedback!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions