Integeration of Web Access Firewall (WAF) with API Gateway
AWS API Gateway allows for exposing direct, programmatic access to your application. A Web Application Firewall (WAF) is able to discern fraudulent interactions from legitimate traffic and take appropriate actions. The WAF stands between the public and the web application, it is able to decouple the traffic between the web server and the internet. This is why a WAF is considered an API security best practice and should be implemented whenever possible. By having a full inventory of all of your API endpoints in all regions as well as all accounts can help you stay compliant with the NIST framework.