The feature lets customers personalize application access using this context, eliminating the need to re-authenticate the user for personalization. “Verified Access now passes signed identity context, including things like email, username, and other attributes from the identity provider to the applications,” AWS stated. Passing signed identity context to customers’ application endpoints is the other new feature. Customers can filter out common exploits, such as SQL injection and cross-site scripting (XSS) using AWS WAF, while enabling AWS Zero Trust-based fine-grained access for applications using user-identity and device security status, AWS stated. In addition, observability partners-including Datadog, IBM, New Relic, Rapid7, Sumo Logic, and Trellix-can ingest Verified Access logs and provide actionable data from users trying to access customer applications, AWS stated.Īs for the new features, integration with a WAF protects web applications (HTTP/S) from application-layer threats, AWS stated. To broaden its reach, Verified Access integrates with AWS identity and device security partners including: Beyond Identity, CrowdStrike, CyberArk, Cisco Duo, Jamf, JumpCloud, Okta, and Ping Identity. ![]() AWS Managed Rules and AWS Marketplace sellers can provide managed rule groups or organizations can define their own rule, according to AWS. ![]() Customers can define rules inside a web ACL or in reusable rule groups. ![]() Customers can configure rules to block requests, let them through, count them, or run bot controls against them that use CAPTCHA puzzles or other client browser challenges.
0 Comments
Leave a Reply. |