AWS WAF Services

Protect Vital Data and Functions with a Modern Web Application Firewall

Security tops the list when it comes to Web-facing applications and customer portals. Protecting the customer experience, client data, corporate compliance, and intellectual property are all paramount to ensuring business continuity and success. Known for building cloud security through Security with Agility, Flux7 develops agile cloud security without slowing down the engineering teams’ work.


AWS WAF is an important aspect of our Security with Agility practice. A web application firewall that helps shield web applications from common web exploits, AWS WAF helps protect against application downtime, security compromises, or threats that consume excessive resources.


According to the 2019 Verizon Data Breach Investigations Report, “attacks against e-commerce web applications continue their renaissance.” Retailers, financial services and software/ information services organizations bear the brunt of these incidents, especially as bad actors shift from attacking payment cards via ATM or Point of Sale systems and towards e-commerce applications.


Enterprises depend upon Flux7 for its deep AWS WAF expertise as part of its best practices for security, operations, and developer productivity. As a foundational cloud security technology, AWS WAF is part of Flux7 best practice architectures that are designed and built to achieve Development and Operational productivity, security, compliance and global availability.

Rent-A-Center WAF Implementation by Flux7

Protect data and services against OWASP top 10 vulnerabilities. Flux7’s services to configure AWS WAF:

Analyses logs and assesses architecture to determine what should be blocked

Writes and implements WAF Rules as code for versioning and reuse

AWS WAF Case Studies:

AWS WAF Case Study

AWS WAF Case Study:  TN Marketing Grows Security, Decreases Management with AWS WAF Managed Rules

In this Case Study, we discuss how the TN Marketing and Flux7 teams developed a three-step plan to help achieve the company’s goal of enhanced security with less management.

1. While TN Marketing already had an AMI creation process, it was manual. By automating AMI creation, the teams could reduce manual work and remove human error from the AMI creation process, thereby growing security in the process.

2. The teams would take advantage of the new AWS Client VPN service. Doing so allows TN Marketing to securely access resources (AWS and others) from any location using an OpenVPN-based VPN client.

3. Last, the teams would replace TN Marketing’s fixed WAF rules with managed rules, including OWASP vulnerabilities, to ensure the protection of its VidStore.

AWS WAF Case Study: Fortune 1000 Retailer Accelerates E-Commerce with AWS-Based SAP Hybris Solution

This Fortune 1000 retailer of home goods has more than 4,285 retail locations across 50 states, Washington, D.C., Canada, Mexico and Puerto Rico. The publicly traded brand also has a store within a store concept where customers can shop and purchase through the retailer. It sought to launch a new ecommerce portal to facilitate this process for its store-in-a-store partners, including everything from the shopping cart to the application and final purchase ticket.

The chief challenge before the team was to architect, deploy and manage an SAP Hybris ecommerce platform that could scale to 2 million users a month. In concert with Flux7 AWS consultants, this retailer agreed to an AWS-based approach that would help deliver the solution to market faster, in a secure, highly available, PCI-compliant fashion. With a deadline looming, the two teams quickly got to work.

After assessing business and technology needs, the AWS consulting experts at Flux7 recommended the retailer deploy Hybris to a Docker cluster on ECS in order to simplify scaling and automation.

Download the Case Study to read more.

Fortune 1000 Retailer Accelerates E-Commerce with AWS-Based SAP Hybris Solution