Barracuda has expanded its Cloud Application Protection platform with new features that allow organizations to more easily secure their web applications. These new services and features include client-side cybersecurity, the ability to deploy containerized WAF nodes and also an auto-configuration engine. In addition, Cloud Application Protection now uses machine learning, vulnerability scanning and remediation, and Advanced Threat Protection to deliver active threat intelligence.
Cloud Application Protection is Barracuda’s Web Application and API Protection (WAAP) platform. According to Gartner, ‘By 2023, more than 30% of public web applications and APIs will be protected by Web Application and API Protection (WAAP) services, which combine Distributed Denial of Service (DDoS) protection, bot mitigation, API protection and web application firewalls (WAFs). This is an increase from fewer than 15% currently.’
Highlights of Cloud Application Protection 2.0 include:
- Client-Side Protection – This new feature builds and deploys defenses against website skimming and supply chain attacks like MageCart automatically. Since these attacks are carried out by infecting a script that is directly loaded by the browser, WAFs are unable to detect them. Cloud Application Security 2.0 improves both protection and reporting against these types of attacks.
- Containerized WAF deployment – This new deployment alternative uses the same protection engine as Barracuda WAF and WAF-as-a-Service, but in the form of a container. Containerized systems will now be secured as more are deployed.
- Auto-Configuration Engine – The Auto-Configuration Engine uses machine learning models to check an organization’s traffic patterns and make suggestions for tightening security settings, lowering administrative overhead.
- Active Threat Intelligence – This machine learning-enhanced cloud-based service would offer near real-time active threat intelligence to identify and stop new threats as they emerge. Barracuda Active Threat Intelligence combines the cloud layers of Barracuda Vulnerability Manager, Barracuda Vulnerability Remediation Service, Barracuda Advanced Threat Protection, and Barracuda Advanced Bot Protection to provide a single service that spans the entire spectrum from identification to remediation.
“At Barracuda, we strive to continually make security easier for our customers, and Cloud Application Protection 2.0 provides enterprise-level application security with consumer-level ease of use,” said Tim Jefferson, Senior Vice President, Engineering for Data, Networks and Application Security at Barracuda. “The powerful new capabilities we’re introducing address the application security issues organizations are most concerned about right now and also provide protection for where applications are headed next.”
In addition to these features, Barracuda Cloud Application Protection 2.0 adds an Azure Sentinel integration that allows defenders to see the most critical details in the background at a glance, allowing for fast responses. Customers can also use the WAF API to perform configuration tasks on Azure Sentinel, closing the feedback loop when newer attacks are detected.
A workbook that sets up an Azure Sentinel workspace with a dashboard unique to Barracuda WAF or WAF-as-a-Service is now available in the Azure portal, making it simple for administrators to deploy this integration.
“Barracuda Cloud Application Protection brings together all the features and performance we need with the ease of use that we want,” said Zach Peer, director of technology and managed hosting at One North. “As longtime customers, we are confident that the solution is providing the best protection possible against all the latest threats.”