AWS WAFv2 IP Set
Security

AWS WAFv2 IP Set

This integration enables IP addresses from alerts to populate into an IP Set on an AWS WAF

Integrate 
AWS WAFv2 IP Set

The AWS WAFv2 IP Set Integration allows you to automate the management of IP addresses in your AWS Web Application Firewall (WAF). It automatically adds IPs to a WAF blocklist or allowlist based on specific alerts in FireTail, such as those triggered by suspicious activity or security threats (e.g., SQL injection attempts). This ensures real-time protection against malicious traffic by blocking harmful IPs or permitting trusted ones. By integrating FireTail with AWS WAFv2, you can automatically respond to potential threats and keep your environment secure without manual intervention.

Key benefits:

The integration adds IP addresses from alerts to an AWS WAF IP Set, simplifying the process of blocking or allowing IPs based on detected threats.

It provides immediate updates to your IP Set, ensuring that malicious IPs or trusted ones are handled promptly based on recent alerts

Integrate 
AWS WAFv2 IP Set

This integration connects FireTail’s alert system to AWS WAFv2, enabling it to update an IP Set whenever an alert is triggered. When a pre-configured alert (such as detecting malicious activity) goes off, the integration adds the triggering IP addresses to an AWS WAFv2 IP Set, either blocking or allowing access depending on the IP Set’s configuration.

The integration supports both IPv4 and IPv6, and works across regional WAFs and CloudFront.

Integrate 
AWS WAFv2 IP Set

To set up this integration, you'll need an AWS account with permissions to create CloudFormation stacks and manage AWS WAF resources.

FireTail will use CloudFormation to create the necessary IAM roles to interact with AWS WAFv2.

For more details, you can refer to the documentation or contact support for assistance.

Integrate 
AWS WAFv2 IP Set