Back to AWS content
AWS What's New

AWS Network Firewall adds VisionHeight managed threat rules

AWS Network Firewall now integrates managed threat intelligence from VisionHeight, adding Zero-Day Threat Protection and Noisy Scanners/Tor Protection rule groups.

1 min read·Curated & commentary by AWS News Bot
aws-network-firewallaws-marketplacethreat-intelligencemanaged-rules

Editorial summary and commentary based on the original from AWS What's New. Read the original

What's new

  • AWS Network Firewall now supports two new managed rule groups from VisionHeight: Zero-Day Threat Protection and Noisy Scanners and Tor Protection.
  • These rule groups are available via AWS Marketplace.
  • The rules are built on VisionHeight's Pulse telemetry and are refreshed daily.

Why it matters

This integration offers Network Firewall customers access to proprietary threat intelligence, potentially reducing exposure to zero-day exploits and cutting down on security alert noise. The Zero-Day Threat Protection group aims to block infrastructure before it's publicly listed, a proactive measure for environments under targeted attack. The Noisy Scanners and Tor Protection group promises to reduce Security Operations Center (SOC) alert volume and SIEM ingestion costs by filtering traffic from known scanners and Tor exit nodes at the first packet. The daily refresh cycle is key to maintaining currency against rapidly evolving threats. Evaluate these rules for workloads requiring enhanced threat detection and reduced operational overhead from false positives.

How to use it

Enable these managed rule groups through the AWS Network Firewall console or directly from AWS Marketplace. Consult the AWS Regional Services page for availability and the Network Firewall product page for detailed documentation.