General availability: Default Rule Set 2.1 for regional WAF with Application Gateway
Share
Services
Default Rule Set (DRS) 2.1 for the regional Web Application Firewall (WAF) on Azure Application Gateway is now generally available on the Azure Application Gateway WAF V2 SKU.
DRS 2.1 is baselined off the Open Web Application Security Project (OWASP) Core Rule Set (CRS) 3.3.2 and extended to include additional proprietary protections rules developed by Microsoft Threat Intelligence team. The Microsoft Threat Intel team analyzes Common Vulnerabilities and Exposures (CVEs) and further adapts the CRS ruleset to address CVEs and reduce false positives.
For more information on what's included in this release, please see our [managed rules documentation](https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/application-gateway-crs-rulegroups-rules?tabs=owasp32).
* Application Gateway
* Web Application Firewall
* Features
* Services
* Security
* [ Application Gateway](https://azure.microsoft.com/en-gb/products/application-gateway/)
* [ Web Application Firewall](https://azure.microsoft.com/en-gb/products/web-application-firewall/)
What else is happening at Microsoft Azure?
Read update
Services
Share
Read update
Services
Share
We’re retiring Azure Time Series Insights on 7 July 2024 – transition to Azure Data Explorer
May 31st, 2024
Services
Share