Prof Wool #4

Protect Outbound Traffic in an AWS Hybrid Environment

Best Practices for Amazon Web Services (AWS) Security: Lesson 2

Outbound traffic rules in AWS Security Groups are, by default, very wide and insecure. In addition, during the set-up process for AWS Security Groups the user is not intuitively guided through a set up process for outbound rules – the user must do this manually. In this lesson, Professor Wool, highlights the limitations and consequences of leaving the default rules in place, and provides recommendations on how to define outbound rules in AWS Security Groups in order to securely control and filter outbound traffic and protect against data leaks.

Learn more about AlgoSec at and read Professor Wool's blog posts at