Security is one of the important points while moving into the cloud or within your organization to protect yourself from external attacks. Security at each layer is a must and more important to secure your infrastructure, thus protecting confidential information. Security has the following broader design patterns that are also covered in AWS WAF:

• Identity and access management
• Detective control
• Infrastructure protection
• Data protection
• Incident response

Some detailed examples of the preceding points are as follows:

• Protecting identities using roles, for example, AWS IAM roles, implementing fine-grained authorization
• Blocking traffic using ports/IP ranges, such as AWS Security Groups and separating internal and external traffic using a CIDR range
• Latest trend using network flow log analysis to detect behavior such as AWS VPC flow log analysis using AWS GaurdDuty, Symantec Cloud Workload Protection
• Endpoint protection using anti malware/antivirus agents, such as Symantec Endpoint Point Protection, Symantec Cloud Workload Protection Agent, also known as a CAF agent
• Centralized log analysis around your IT infrastructure to detect anomalies or DDoS attacks by observing traffic trends or abnormal sources of traffic
• IDS/IPS approach by having all traffic forwarding through the gateway to such a system and then blocking/allowing traffic
• Security in transit and an at-REST approach such as using SSL implementation and encrypting your disk at storage
• You should have systematic process to handle any security incident, and you should have the available information to detect such incidents so that timely action can be taken on such incidents