AWS WAF announces the launch of AWS WAF Fraud Control Account Takeover Prevention to protect your application’s login page against credential stuffing attacks, brute force attempts, and other anomalous login activities.
Account Takeover Prevention enables you to proactively stop account takeover attempts at the network edge. With Account Takeover Prevention, you can prevent unauthorized access that may lead to fraudulent activities, or you can inform affected users so that they can take preventive action.
Account Takeover Prevention is offered through AWS Managed Rules. Once added to your AWS WAF web ACL, it compares usernames and passwords submitted to your application to credentials that have been compromised elsewhere on the web. It also monitors for anomalous login attempts coming from bad actors by correlating requests seen over time to detect and mitigate attacks like irregular login patterns, brute force attempts, and credential stuffing.
To get started, simply navigate to the AWS WAF console and create a new web ACL, or select an existing web ACL. Follow the wizard to choose an AWS resource to protect. Choose Account Takeover Prevention from the list of managed rule groups. Enter the URL of your application’s login page and indicate where the username and password form fields are located within the body of HTTP requests to log in.
AWS WAF Fraud Control – Account Takeover Prevention is available today in the US East (N. Virginia), US West (Oregon), Europe (Ireland), Europe (London), Asia Pacific (Singapore) AWS Regions.