Starting today, you can add multiple RuleGroups to your AWS Firewall Manager policy. This allows you to use AWS WAF managed rules in conjunction with custom WAF rules consistently across all your AWS accounts. For instance, you can now deploy the OWASP Top 10 managed rule group from AWS Marketplace, with a set of your own custom WAF rules that meets your specific security needs such as blacklisting of IP addresses.