20Nis
WAF really Needed?
I'm running a company web application in AWS. This web app is behind a cognito+External Identity provider with SAML for only allowing company employees to reach the app (then they log in with local credentials to the app, as it is not possible to use SAML).
In this context, does it make sense to put a WAF? A potential attacker could not launch attacks if he is not authenticated (unless also valid credentials were stolen).
Note aside: When I say WAF, I'm talking about AWS standard WAF (not shield). I'm concerned about DDoS attacks mostly, because AWS standard WAF only covers layer 3/4 attacks not layer 7 (unless you pay Shield, which is above the budget.)
