Front-End Security
Front-end security is accomplished through a four-pronged defense setup. Specifically, protections are in place (i) to protect against DDOS attack, (ii) enable DNS security, (iii) detect unwanted front-end changes and (iv) detect front-end intrusion.
Type | Details |
---|---|
DDOS | Prevent DDOS attack using AWS load shedding mechanisms by throttling users that attempt to access relevant IP address at a rate exceeding 500 hits in 5 minutes. |
DNS | Enable and implement AWS DNSSEC. |
Intrusion | Changes to web application assets are monitored using AWS Cloudwatch and Simple Notification Service (SNS). |
Intrusion | Changes to AWS account are monitored through AWS Cloudtrail. |
Unwanted Changes | Utilize third-party service provider to monitor changes to UI. |
Incidence Response
The Web 2.0 incidence response plan involves diagnosing and resolving alerts that have been escalated and triaged via an incident response workflow board.
Last updated