This document discusses using Amazon CloudFront, AWS WAF, and AWS Lambda to protect web applications. AWS WAF provides firewall protection at CloudFront edge locations and can block exploits, abuse, and application DDoS attacks. CloudFront works with AWS WAF to filter legitimate traffic from attacks like SQL injection, cross-site scripting, and others. AWS Lambda can be used to automate security by integrating IP reputation lists and detecting HTTP floods and scans/probes. Resources are provided for webinars and tutorials on configuring AWS WAF and AWS Lambda for automatic protection of web applications.