Front-End Security
Front-end security is accomplished through a four-pronged defense setup. Specifically, protections are in place (i) to protect against DDOS attack, (ii) enable DNS security, (iii) detect unwanted front-end changes and (iv) detect front-end intrusion.
DDOS
Prevent DDOS attack using AWS load shedding mechanisms by throttling users that attempt to access relevant IP address at a rate exceeding 500 hits in 5 minutes.
DNS
Enable and implement AWS DNSSEC.
Intrusion
Changes to web application assets are monitored using AWS Cloudwatch and Simple Notification Service (SNS).
Intrusion
Changes to AWS account are monitored through AWS Cloudtrail.
Unwanted Changes
Utilize third-party service provider to monitor changes to UI.
Incidence Response
The Web 2.0 incidence response plan involves diagnosing and resolving alerts that have been escalated and triaged via an incident response workflow board.
Last updated