Your checklists (
0
)
AI Checklist Generator
From the makers of
Manifestly Checklists
Sign in
Email address
Email me a magic link
Home
> checklist for AWS WAF audit
checklist for AWS WAF audit
1. Configuration Review
Verify that AWS WAF is enabled on the desired resources.
Check the Web ACLs (Access Control Lists) for proper configuration.
Ensure the correct rules are associated with each Web ACL.
Confirm that default action (Allow/Block) is appropriately set.
2. Rule Set Evaluation
Review the custom rules for correctness and effectiveness.
Ensure that managed rule groups are up to date and configured properly.
Check for any rule conflicts that may affect traffic handling.
3. Logging and Monitoring
Verify that AWS WAF logging is enabled for the Web ACLs.
Ensure logs are being sent to the appropriate storage (e.g., Amazon S3, CloudWatch).
Check for the configuration of alarms and notifications for unusual activity.
Review logs for any suspicious activity or trends.
4. Performance Assessment
Assess the impact of WAF rules on application performance.
Review the rate-based rules for potential overblocking.
Analyze traffic patterns to ensure legitimate traffic is not being blocked.
5. Security Best Practices
Ensure that IP sets are regularly updated and maintained.
Verify that CAPTCHA or challenge actions are configured for suspicious traffic.
Check for the implementation of geo-blocking if required by policy.
Review the use of AWS Shield in conjunction with WAF for enhanced protection.
6. Compliance Checks
Confirm that the WAF configuration aligns with organizational security policies.
Ensure compliance with relevant regulations (e.g., GDPR, PCI-DSS).
Document the audit findings and actions taken for compliance records.
7. Review and Update Procedures
Schedule regular audits of the AWS WAF configuration.
Update the WAF rules and settings based on application changes or threat landscape.
Ensure proper documentation of the WAF configuration and changes made.
8. Incident Response Readiness
Verify that an incident response plan includes AWS WAF-related incidents.
Ensure team members are trained on the use of AWS WAF for incident response.
Review past incidents and the effectiveness of the WAF in mitigating threats.
Download CSV
Download JSON
Download Markdown
Use in Manifestly
Use in Manifestly