Cerberus uses the Amazon WAF to provide edge security. This is automatically setup with the command-line API.
The WAF automatically drops requests with incorrect request body size, SQL injection, and Cross Site Scripting (XSS).
Application Load Balancer (ALB) logs are parsed using a rate limiting lambda that automatically blacklists IP addresses exceeding a configurable request rate limit. The access logs are stored in S3 and every time a new log chunk is written to S3, the Lambda is triggered (every 10 minutes or so).
For more background information, please see:
The Cerberus Management Service is the main micro-service that makes up a Cerberus environment. It includes features for:
Amazon Aurora is used as the data store.
S3 is used for storing configuration such as CMS settings and TLS certificates.