SUPPORT

Contact Support

OPEN A TICKET

Generating Amazon Web Services WAF Rules From Netsparker

Amazon Web Services Web Application Firewall (AWS WAF) enables you to monitor the HTTP and HTTPS requests that are forwarded to an Amazon CloudFront, Application Load Balancer or API Gateway. With AWS WAF, you can create rules for traffic to allow or block requests. This function is only available in Netsparker Standard.

If you can't immediately fix all vulnerabilities that Netsparker has detected, you can cover them up and defer fixing them until another time. This is achieved by exporting Netsparker's findings as rules for the AWS WAF.

Since AWS WAF has limits for Regex patterns, be careful not to exceed them, otherwise Netsparker cannot create the rule.

For more information about AWS WAF, see AWS WAF, AWS Firewall Manager, and AWS Shield Advanced and AWS WAF Limits.

See the Web Application Firewalls before reading this document. It describes WAF rule creation process and how to configure Auto WAF Rule.

This topic explains how to configure Netsparker Standard to send a detected vulnerability to AWS WAF.

AWS WAF Fields

The table lists and describes the AWS WAF fields in the Web Application Firewall tab.

Field

Description

Display Name

This is the name of the configuration that will be shown on menus.

Mandatory

This section contains fields that must be completed.

Access Key

This is the access key of the user.

Secret Key

This is the secret key of the user.

Web ACL ID

This is the Web Access List Control identifier.

Optional

This section contains optional fields.

Region

This is the region name, where the Web ACL is located.

How to Configure AWS WAF Rules in Netsparker Standard

  1. Open Netsparker Standard.
  2. From the Home tab on the ribbon, click Options. The Options dialog is displayed.
  3. Click Web Application Firewall.

  1. From the Add dropdown, select AWS. The AWS fields are displayed.

  1. In the Mandatory section, complete the connection details:
    • Access Key
    • Secret Key
    • Web ACL ID
  1. In the Optional settings you can specify:
    • Region
See the link for AWS Regions https://docs.aws.amazon.com/general/latest/gr/rande.html#apigateway_region
  1. Click Test Settings to confirm that Netsparker Standard can connect to the configured system and validate the configuration details. The WAF Settings Test dialog is displayed to confirm that the settings have been validated.

How to Generate AWS WAF Rules from Netsparker Standard

  1. Open Netsparker Standard.
  2. From the ribbon, select the File tab. Local Scans are displayed. Doubleclick the relevant scan to display its results.

  1. In the Issues panel, right click the vulnerability you want to export and select AWS WAF Rules. (Alternatively, from the ribbon, click the Vulnerability tab, then AWS WAF Rules.) A confirmation message and link is displayed at the bottom of the screen.

  1. Click the AWS rule is created for the selected vulnerability. Click to open in the default browser. link to view the newly-created rule.
  2. The rule is automatically created in the AWS WAF. You can view it in AWS WAF’s Rules tab.

  1. Retest the vulnerability from the ribbon, click the Vulnerability tab, then Retest. If the WAF blocks the request, the status code of the response is 403-Forbidden and Netsparker displays a message: Vulnerability seems to be fixed and removed from the report.
Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO