Continuously audit your WAF Web ACL configurations and enforce security compliance as code with Panther.

A web access control list (web ACL) gives you fine-grained control over the web requests that your Amazon API Gateway API, Amazon CloudFront distribution, or Application Load Balancer responds to. Use Panther to track real-time changes to your web ACL to ensure configurations meet your business requirements for security and compliance.

Monitor web ACL to identify incoming threats through WAF and help detect, investigate, and remediate a web ACL failure. Use Panther’s built in policies for continuous monitoring of web ACL resources, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for Web ACL with Panther include:

• Build alerts to communicate about suspicious activity

• Detect and remediate failed web ACLs

• Identify unusual traffic patterns and find root causes

How it Works

The integration is simple and fast:

• Connect your AWS account to Panther

• A baseline scan is performed to identify all existing Web ACLs in your account(s)

• Built-in detections identify security issues related to failed web ACLs

• Alerts will be sent if non-compliant web ACLs exist

Use Panther to search all Web ACL in an AWS account by name, view their compliance status, associated policies, and configured remediations. Learn more about using Panther to analyze your AWS logs for security insights.