Countermeasures using a native WAF that does not compromise the benefits of AWS
The advantage of building a web application on AWS is the stability and scalability of the services it provides, so it is essential to implement security measures using AWS' native WAF.
We protect your web applications from cybersecurity threats with rules optimized for AWS WAF and 24/7/365 AI-based operational monitoring.
A cloud service specialized in AWS WAF, cultivated through MSSP and SOC know-how
We provide rules for each customer's AWS WAF and provide a consistent service through our cloud services, from operations such as rule changes, to event monitoring and response when fraudulent events are detected.
To monitor events, the role of a SOC is important: training analysts with knowledge of web attacks and monitoring 24 hours a day, 365 days a year. By using AI that has learned that know-how to fulfill the role of an analyst, it will be possible to analyze each individual event in real time, detect advanced attacks, and respond in real time, something that would be difficult for humans to do.
Features
To protect our customers' websites, we can implement efficient and effective security measures by utilizing a stable cloud and AI that has been trained specifically for web security.
Smooth implementation support
The environment required for implementation can be set up with just a few clicks on the CyberNEO console.
No complicated settings are required after deploying the WAF. Even if you need to adjust the rules, leave it to our engineers.
The effect is immediately noticeable
After implementation, the WAF detection status can be visualized on the dashboard and in logs, allowing you to immediately see the effects of implementing the WAF.
Custom rules also supported
Many websites can be completed with rules that can be set from the CyberNEO console, but if there are rules that do not meet your requirements, our engineers will listen to your requirements and create custom rules free of charge.
Provided by engineers and AI
24 hours a day, 365 days a year, AI is used to analyze and monitor web requests for suspicious sources. Engineer knowledge is incorporated into the cloud, all requests are monitored on the cloud, and access from unauthorized sources is blocked.
Installation process
1
Creating an IAM role
Please create an IAM role for CyberNEO in your AWS account using the cloud formation provided by our company.
2
Creating WebACLs
Create a WebACL from the CyberNEO console. Simply enter the AWS region, WebACL name, and the IAM role created in step 1, and click the Create button to automatically create the WebACL and related environment.
3
Applying WAF
Assign the WebACL you created to the ALB, CloudFront, or Application Gateway to which you want to apply the WAF. When you access the web, all requests will pass through the WAF, events will be output, and monitoring will start in CyberNEO.
customer's voice
I understood the importance of security measures, but I didn't know what to do. CyberNEO took care of everything from WAF installation to operation, so I was able to operate my site with peace of mind even after installation.
If we only provided implementation, we would not be able to solve any problems that arise after implementation by ourselves, so it is helpful to be able to receive services at a low cost using an operation-centered cloud service.
A reservation site operator
Our company's security policy required that we apply a WAF to our website, but we didn't have the knowledge to operate a WAF on AWS, so we chose CyberNEO.
While the security policy requires the minimum necessary settings, we were able to operate the WAF with the role permissions required for operational monitoring, and the security check passed without any problems.
A manufacturing company listed on the Tokyo Stock Exchange Prime
We develop systems for our customers.
Security measures are an essential requirement, so when building on AWS we use AWS's WAF.
Since applications are constantly being developed and changed, it is important to distinguish between the impact of WAF and application problems. Detection events can be checked on the CyberNEO console, making it easy to distinguish between problems.
A certain system development company
Key Features
WAF導入機能
WAF運用に必要なログ出力設定やWAFルールの設定を行います。
ダイナミックレスポンス機能
AIで攻撃を検知し、リスクが高いと判定した送信元の通信をブロックします。
脅威インテリジェンス配信機能
攻撃の発生源となっているリスクの高い送信元を収集しブラックリストとして配信します。
リスクアラート機能
AIで攻撃を検知し、ダイナミックレスポンス機能が動作するとアラートを送信します。
攻撃イベント表示機能
攻撃検知したイベントをリアルタイムにポータルに出力します。
攻撃分析レポート
検知した攻撃情報(送信元、傾向、宛先、攻撃内容など)を日次・月次レポートとして表示します。
マルチテナント機能
各テナントでWAFやユーザー管理を個別に行うことができ、複数のテナントを一元管理することができます。
マルチユーザーアクセス機能
各テナントで複数のユーザーが登録でき、権限管理や監査ログ機能を提供します。
ユーザー・ロール(役割)管理機能
管理者・読み取り専用権限をユーザー単位で付与することができます。
ワンタイム・パスワード機能
管理コンソールへのアクセスでワンタイム・パスワード認証をサポートします。
多言語対応
日本語・英語のポータル表示をサポートします。
監査ログ機能
各ユーザー操作した内容と時間を監査ログとして出力します。
Copyright © Cyber Matrix Co., Ltd. All Rights Reserved.