[tasssko]

Using AWS WAF; https://aws.amazon.com/solutions/implementations/aws-waf-sec...

Some bespoke WAF automation setups. You can mix in ML in this to add anomaly detection.

https://aws.amazon.com/blogs/security/automatically-updating...

[ackbar03]

ok, so you were basically just referring to a 3rd party waf... thats cool...

[tasssko]

Sorry it was late past midnight and i did not find anything that could help with a opensource tool like nginx plus modsecurity. However I shared documentation that can help logically identify potential exploits and with nginx plus lua it’s possible this can easily be updated. The OWASP filters are similar. Yes we have done some automation like this many years ago but today we mainly use public cloud WAFs.