Front-End Security

Front-end security is accomplished through a four-pronged defense setup. Specifically, protections are in place (i) to protect against DDOS attack, (ii) enable DNS security, (iii) detect unwanted front-end changes and (iv) detect front-end intrusion.

TypeDetails

DDOS

Prevent DDOS attack using AWS load shedding mechanisms by throttling users that attempt to access relevant IP address at a rate exceeding 500 hits in 5 minutes.

DNS

Enable and implement AWS DNSSEC.

Intrusion

Changes to web application assets are monitored using AWS Cloudwatch and Simple Notification Service (SNS).

Intrusion

Changes to AWS account are monitored through AWS Cloudtrail.

Unwanted Changes

Utilize third-party service provider to monitor changes to UI.

Incidence Response

The Web 2.0 incidence response plan involves diagnosing and resolving alerts that have been escalated and triaged via an incident response workflow board.

Last updated