Intelligent threat integration and AWS Managed Rules

The intelligent threat integration APIs work with web ACLs that use the intelligent threat rule groups to enable the full functionality of these advanced managed rule groups.

AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group AWSManagedRulesACFPRuleSet.

Account creation fraud is an online illegal activity in which an attacker creates invalid accounts in your application for purposes such as receiving sign-up bonuses or impersonating someone. The ACFP managed rule group provides rules to block, label, and manage requests that might be part of fraudulent account creation attempts. The APIs enable fine-tuned client browser verification and human interactivity information that the ACFP rules use to separate valid client traffic from malicious traffic.

For more information, see AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group and AWS WAF Fraud Control account creation fraud prevention (ACFP).
AWS WAF Fraud Control account takeover prevention (ATP) managed rule group AWSManagedRulesATPRuleSet.

Account takeover is an online illegal activity in which an attacker gains unauthorized access to a person's account. The ATP managed rule group provides rules to block, label, and manage requests that might be part of malicious account takeover attempts. The APIs enable fine-tuned client verification and behavior aggregation that the ATP rules use to separate valid client traffic from malicious traffic.

For more information, see AWS WAF Fraud Control account takeover prevention (ATP) rule group and AWS WAF Fraud Control account takeover prevention (ATP).
Targeted protection level of the AWS WAF Bot Control managed rule group AWSManagedRulesBotControlRuleSet.

Bots run from self-identifying and useful ones, such as most search engines and crawlers, to malicious bots that operate against your website and don't self-identify. The Bot Control managed rule group provides rules to monitor, label, and manage the bot activity in your web traffic. When you use the targeted protection level of this rule group, the targeted rules use the client session information that the APIs provide to better detect malicious bots.

For more information, see AWS WAF Bot Control rule group and AWS WAF Bot Control.

To add one of these managed rule groups to your web ACL, see the procedures Adding the ACFP managed rule group to your web ACL, Adding the ATP managed rule group to your web ACL, and Adding the AWS WAF Bot Control managed rule group to your web ACL.

Note

The managed rule groups currently don't block requests that are missing tokens. In order to block requests that are missing tokens, after you implement your application integration APIs, follow the guidance at Blocking requests that don't have a valid token.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Client application integration

Accessing the integration APIs