Benefits of WAF

 Increased protection against web attacks: You get protection for your web
applications through AWS WAF. It will filter the web traffic based on the access
control lists and rules that you can configure for most common web exploits, such as
blocking specific IP addresses or blocking matching query strings containing
malicious web traffic, and so on.

 Ease of deployment and maintenance: AWS WAF is integrated with Amazon

CloudFront and the Application Load Balancer. This makes it easy for you to deploy
web applications by making them part of your Content Delivery Network (CDN) or
by using the Application Load Balancer that is used to front all your web servers.
You do not need to install any additional software on any servers or anywhere in
your AWS environment. Moreover, you can write rules in one place and deploy them
across all your web applications hosted across various resources in your AWS
environment.

 Improved web traffic visibility: You can set up metrics and dashboards for all your
web application requests that are evaluated against your WAF rules in Amazon
Cloudwatch. You can monitor these metrics in near real-time and gauge the health
of your web traffic. You can also use this metrics information to modify the existing
WAF rules or create new ones.

 Cost effective web application development: AWS WAF prevents you from creating,
managing, and deploying your own custom web monitoring and firewall solution. It
allows you to save development costs for your custom web application firewall
solution. AWS WAF, like other AWS services, allows you to pay only for what you
use without any upfront commitment or a minimum fee. It has a flexible pricing
model depending on the number of rules deployed and traffic received by your web
application in terms of HTTP and HTTPS requests.
Benefits of GuardDuty

With no upfront cost and no need to install software or security infrastructure, Amazon
GuardDuty provides the following benefits:

 Near real-time, intelligent threat monitoring, based on the analysis of two input
streams:
o Billions of events from AWS CloudTrail (AWS user and API activity), Amazon
VPC Flow logs (network traffic data), and DNS Logs (name query patterns).
o Threat intelligence, such as lists of known malicious IP addresses from AWS
Security and third-party threat intelligence partners such as CrowdStrike and
ProofPoint.

 Centralized threat detection and management across all AWS accounts, giving
your security team the single-pane visibility necessary to better manage, prioritize
and respond to anomalous account and network activities. The two examples that
AWS gives of anomalous activities are remote API calls from a known malicious IP
address, and an Amazon EC2 instance sending encoded data within DNS queries.

 Automated threat response via remediation scripts or AWS Lambda functions that
are triggered based on GuardDuty security findings, which include details about the
affected resource(s) (such as tags, security groups, credentials) as well as
information on the attacker (such as IP address and geo-location). In the example
provided by AWS, GuardDuty will alert you if an instance is suspected of having data
stolen, in response to which you can automatically restrict outbound access for that
instance.
Benefits of AutoScaling

 Fault-alignment: When an instance is not healthy, then Auto-Scaling can detect it

immediately. The instance could be terminated or another instance could be
launched to substitute on it. Many availability zones can be used after configuring
Auto-Scaling.

 Cost management: Auto-Scaling supplies the amount of capacity required by the

application. Since you are only paying for the EC2 instances that you are using, you
will cut down expenses by not launching unrequired instances.

 Availability: Auto-Scaling keeps track of the demands of your application and

makes sure that the application has correct amount of capacity to answer to the
traffic needs.