You can now configure AWS WAF to block, allow, or monitor (count) requests based on Cross-Site Scripting (XSS) match conditions. XSS attacks are those where the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts (like Javascript) into other legitimate user’s web browsers. This XSS match condition feature prevents these vulnerabilities in your web application by inspecting different elements of the incoming request.
from What's New http://ift.tt/22YX2va
No comments:
Post a Comment