jonrau1/SyntheticSun

[PFR] Security Hub integration with SyntheticSun WAF

jonrau1 opened this issue · 0 comments

Story
As a user of SyntheticSun I want findings for anomalous traffic or known threats that are allowed by my WAF populated in Security Hub so that I can triage, analyze and respond to them.

Definition of Done

  • In-line BIF call added to the WAF Parser
  • Dynamic ThreatIntelIndicators, Network and Resource ASFF population
  • Updated architecture diagram
  • Updated CFN with permissions to call BIF

Nice to Have
Explore expanding scope to ELB and API Gateway

Additional Information
N/A