Managed Rules

WAF managed rule groups are pre-configured sets of rules maintained by cloud providers or security vendors that protect against common web threats without requiring customers to write and maintain individual rules. AWS WAF Managed Rules include rule groups for OWASP Top 10 threats, known bad inputs, SQL injection, and vendor-specific protections.

Managed rules are continuously updated as new attack patterns emerge, reducing the operational burden of maintaining custom WAF rules.