Deep threat inspection for active threat defense managed rule groups

Amazon Network Firewall plans to augment the active threat defense managed rule group with an additional deep threat inspection capability. When this capability is released, we will analyze service logs of network traffic processed by these rule groups to identify threat indicators across customers.

We will (or will engage a Technical Provider located in or outside of China to) use these threat indicators to improve the active threat defense managed rule groups and protect the security of customers and services.

Note

Customers can opt-out of deep threat inspection at any time through the Amazon Network Firewall console or API. When customers opt out, Amazon Network Firewall will not use the network traffic processed by those customers' active threat defense rule groups for rule group improvement.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Working with indicators in Amazon GuardDuty

Domain and IP managed rule groups