Today, at AWS re:Invent 2017, Alert Logic is pleased to announce a new way to give you the coverage you need to protect your WordPress website in the critical time between when a patch is released, and when you can test and successfully apply a traditional patch. Alert Logic Managed Rule Groups for AWS WAF – Virtual Patches for WordPress is the industry’s first prepackaged rule set created by an AWS Partner Network (APN) partner and designed to help organizations that use AWS WAF protect their environment from the most recent exploitable WordPress vulnerabilities.
Alert Logic Managed Rules for AWS WAF – Virtual Patches for WordPress
Content management systems are susceptible to security vulnerabilities, and WordPress is certainly no exception. WordPress sites are attacked over 3 million times a day, and more than 70 percent of WordPress installations are vulnerable to hacker attacks. We all know that protecting your WordPress environment with the latest security patches is critical, but it takes time and testing before patches can be put into production.
If you’re like most organizations, you need to buy some time while you plan, test, and implement. However, you also don’t want to leave your WordPress environment vulnerable and exposed in the meantime. The rush to patch often leads to avoidable mistakes that either don’t fully address the vulnerability or have unforeseen consequences on the performance or availability of the site. Alert Logic Managed Rules for AWS WAF – Virtual Patches for WordPress buys you the time and peace of mind to make sure you do your due diligence before deploying a patch.
Critical Value for WordPress and AWS WAF Customers
Alert Logic Managed Rule Groups for AWS WAF – Virtual Patches for WordPress is built for—and within—your AWS environment. Within minutes of selecting the Alert Logic partner rule pack, your AWS WAF will be automatically updated with a set of targeted rules to protect your WordPress websites. Plus, it scales with your AWS WAF to protect your WordPress websites as they grow and change over time.
The rules used for Alert Logic Managed Rule Groups for AWS WAF – Virtual Patches for WordPress are carefully crafted by security experts. Alert Logic’sthreat researchers and application security experts have deep knowledge of cloud-relevant web application threats to CMS systems, garnered from 4000-plus customers and 20 million annual security events. We test CMS exploits, asses code vulnerabilities, and validate the risks associated. We go beyond simply building to the published exploit script to ensure that you have the best possible protection for the last 6 months of known WordPress exploits.
The best part, though, is that there is no complex configuration or tuning required by you. Alert Logic application security experts create and continually update 74-plus WordPress patch rules and 250-plus patterns so there is no tuning required by your team. Because the rules are built specifically for WordPress, the risk of interrupting application performance and availability are incredibly low.
If you have WordPress and use an AWS WAF, make sure to check out the partner generated content tab in your WAF console, or visit the AWS Marketplace.