AWS Network Firewall adds VisionHeight managed threat rules
AWS Network Firewall now integrates managed threat intelligence from VisionHeight, adding Zero-Day Threat Protection and Noisy Scanners/Tor Protection rule groups.
Editorial summary and commentary based on the original from AWS What's New. Read the original
What's new
- AWS Network Firewall now supports two new managed rule groups from VisionHeight: Zero-Day Threat Protection and Noisy Scanners and Tor Protection.
- These rule groups are available via AWS Marketplace.
- The rules are built on VisionHeight's Pulse telemetry and are refreshed daily.
Why it matters
This integration offers Network Firewall customers access to proprietary threat intelligence, potentially reducing exposure to zero-day exploits and cutting down on security alert noise. The Zero-Day Threat Protection group aims to block infrastructure before it's publicly listed, a proactive measure for environments under targeted attack. The Noisy Scanners and Tor Protection group promises to reduce Security Operations Center (SOC) alert volume and SIEM ingestion costs by filtering traffic from known scanners and Tor exit nodes at the first packet. The daily refresh cycle is key to maintaining currency against rapidly evolving threats. Evaluate these rules for workloads requiring enhanced threat detection and reduced operational overhead from false positives.
How to use it
Enable these managed rule groups through the AWS Network Firewall console or directly from AWS Marketplace. Consult the AWS Regional Services page for availability and the Network Firewall product page for detailed documentation.
Source (AWS What's New): AWS Network Firewall now supports managed threat intelligence rules from VisionHeight