In the previous chapter, we learned a lot about how to leverage Amazon Elastic Beanstalk as well as Amazon Elastic File System to build and deploy highly scalable and available applications with the utmost of ease! However, there is one critical aspect that we didn't talk too much about in the previous chapter, and that is, of course, security! "How do I safeguard my applications and workloads against malicious software and threats?" This is exactly the question we will try and answer through a combination of two simple, yet very powerful, AWS services, namely AWS Shield and AWS Web Application Firewall, or WAF.

Keeping this in mind, let's have a quick look at the various topics that we will be covering in this chapter:

• Introducing AWS WAF and how it works
• Securing our WordPress site by leveraging WAF and using web ACLs
• Learning about additional WAF conditions for protection against cross-site scripting and SQL injections
• Automated deployment and configuration of AWS WAF using CloudFormation templates
• Monitoring AWS WAF using Amazon CloudWatch
• A brief introduction to AWS Shield and how it works
• Understanding AWS Shield Advanced and how to leverage it

There is so much to do, so let's get started right away!