Exhibitor Press Releases

Subpage Hero

  

01 Sep 2022

Barracuda launches new capabilities for Web Application and API Protection (WAAP)

Barracuda Networks Stand: B25
Barracuda launches new capabilities for Web Application and API Protection (WAAP)

Highlights:

  • New updates to Barracuda Cloud Application Protection platform provide powerful, easy-to-use web application, API, and bot protection capabilities to help defend against increasingly complex threats and include a new technology integration with the Venafi Trust Protection platform.
  • Barracuda Cloud Application Protection now enables continuous security compliance for web applications, including protection from advanced account takeover and client-side supply chain attacks.
  • As part of Barracuda Cloud Application Protection updates, Barracuda WAF-as-Service now includes new control and visualization capabilities, provides easier configuration management, and enables seamless integration with automation tools.

Barracuda Networks, Inc., a leading provider of cloud-first security solutions, today announced the expansion of Barracuda Cloud Application Protection, its platform for Web Application and API Protection (WAAP). This new release adds powerful new automated API Discovery and GraphQL security capabilities, augments Account Takeover Protection capabilities, and enhances the client-side protection feature set. Additionally, the integration of Barracuda Web Application Firewall and Venafi Trust Protection Platform adds the ability to continually automate machine identity management for TLS certificates to stop outages and make it easy to scale web application firewall usage.

According to Gartner®, “Web applications, mobile applications and APIs are subject to increasing volumes of complex attacks. Security and risk management technical professionals responsible for application security architecture must use an appropriate mix of mitigating technologies to secure applications.”1

With this new release, Barracuda Cloud Application Protection includes continuous, automatic API Discovery using machine learning to improve compliance and security. This capability greatly reduces the administrative overheads of importing API specs and configuring protections, while allowing development teams to build and deploy secure APIs quickly.

 

Additional highlights of this release include:

  • New GraphQL security capabilities that include native parsing of such requests and enforcement of security checks to protect against GraphQL-specific attacks.
  • New Privileged Account Protection, backed by a machine learning layer, identifies risky logins and performs preconfigured actions to prevent account takeover attacks.
  • Enhanced machine learning models in the Active Threat Intelligence (ATI) layer that powers Barracuda Advanced Bot Protection to identify and detect persistent bots. In addition, the configuration feedback loop from ATI has been improved, allowing admins to perform configuration actions from the cloud dashboard.
  • Improved controls for client-side protection over the configuration and visualization of Content-Security Policies and Sub-Resource Integrity settings. Client-side protection capabilities in Barracuda Cloud Application Protection closely track the protective requirements that are being set to block attacks like Magecart and other website supply chain attacks.
  • New capabilities for Barracuda WAF-as-a-Service make administration actions easier. The new snapshots feature allows the import and export of configuration as a JSON file to enable easier integration with automation tools. In addition, admins can perform comparisons between snapshots and setup automatic snapshots for easier configuration management. The improved CDN UI provides new control and visualization capabilities to customers using the CDN services.

 

The new technology integration of Barracuda Web Application Firewall and Venafi Trust Protection Platform offers a fully featured, unified solution that enables the secure, centralized, and automated management of certificates and keys across Barracuda Web Application Firewall. This integration adds security to the managed machine identities and eliminates the anxiety and risk associated with certificate-related downtime and risks. 


Quotes:

“With this release, Barracuda Cloud Application Protection adds powerful new API security, account takeover protection capabilities, and client-side protection for our customers, driven by machine learning and other advanced technologies, ” said Tim Jefferson, SVP, Engineering for Data, Network, and Application Security at Barracuda. “Every business needs this type of critical protection against API vulnerabilities and automated bot attacks.”


“Before Barracuda WAF-as-a-Service, it’s almost like we were blind. We had no visibility into just how frequently we were being probed and attacked. Now going through the logs, our eyes have been opened, and it seems a wonder that we never suffered a serious breach in the past,” said Kieron Prince, Cloud and Infrastructure Lead at L&Q in a Barracuda case study.


“Barracuda has earned a reputation for providing powerful, easy-to-use protection for web applications and APIs,” said Dave Sasson, Chief Strategy Officer at Hanu, an award-winning Microsoft Cloud services provider and Azure Expert MSP. “These new enhancements provide our mutual customers with a higher level of protection against API, bot, and client-side attacks.”

 

Resources:

See the Barracuda Cloud Application Protection page: https://www.barracuda.com/cap

New: Threat Spotlight: Attempts to exploit new VMware vulnerabilities http://cuda.co/50889

Get the 2021 Gartner® Magic Quadrant™ for Web Application and API protection: https://www.barracuda.com/waapmq-2021

Get the Forrester Wave for Web Application Firewalls, Q1 2020: https://www.barracuda.com/wafwave2020

Get the e-book: The new ABCs of application security: https://www.barracuda.com/abc-appsec-ebook

 

Citations: 

1 Gartner, “Protecting Web Applications and APIs from Exploits and Abuse,” by William Dupre, published 9 March 2022.

Loading

Sponsors

Diamond Sponsor

  • Threatlocker

 

Platinum Sponsors

  • PacificTech
  • Sophos

Zero Trust VIP Lounge Sponsor

  • beyondtrust

 

Keynote Theatre Sponsor

  • Crowdstrike

 

Theatre Sponsor

  • Microsoft

 

Gold Sponsors

  • Fortinet
  • Barracuda
  • Cloudbric
  • Darktrace
  • Devo

Gold Sponsors

  • Halodata
  • i-sprint
  • Microsoft
  • Qualys
  • Keysight

Silver Sponsors

  • Blackberry
  • Comforte
  • CDNetworks
  • Hackuity
  • Hillstone
  • Horangi
  • logon

Silver Sponsors

  • Flexxon
  • Internet & Idee
  • Illumio
  • Intel741
  • Imperva
  • Thales
  • wiz

Silver Sponsors

  • Carbonite
  • CDNetworks
  • MyRepublic
  • Sangfor
  • Seculetter

Silver Sponsors

  • Ivanti
  • Panorays
  • Mimecast
  • PulseSecure
  • Radware
  • Privasec

 

Silver Sponsors

  • SonicWall
  • Tenable
  • Waterfall Security
  • XM Cyber

 

Silver Sponsors

  • Cysclae
  • Titanium

 

Bronze Sponsors

  • Scantist
  • Toffs Technologies
  • appView
  • Delinia
  • DT Asia
  • Firemon
  • Fortanix

Bronze Sponsors

  • Gatewatcher
  • Cloudnosys
  • Indeed ID
  • PowerDMARC
  • Utimaco
  • Wizlynx

 

Bronze Sponsors

  • Intigriti
  • Thomas Murray
  • Knit Technologies
  • Riskrecon
  • Securosys
  • Telescience
  • UCware

 

Bronze Sponsors

  • nexus
  • socly
  • techfindr
  • atakama

 

Bronze Sponsors

  • Endpoint Cososys
  • Prevalent
  • uSecure
  • Gigamon

 

Bronze Sponsors

  • Apricorn
  • Kanguru

 

Partners

Knowledge Partner

  • BICSI

News Distribution Partner

  • ACN Newswire

Associate Content Partner

  • Uptime Institute

Strategic SEO Partner

  • AdVantage

Strategic Event Partner

  • ISC2
  • Frost & Sullivan

Event Partners

  • AiSP
  • ARC Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Fintech Association of Hong Kong
  • Accelerating Asia

Event Partners

  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • ISACA
  • CSCIS
  • La French Tech
  • ASME

Event Partners

  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Forrester
  • Singapore Chamber of E-Commerce
  • Plug And Play
  • Co Creation Lab

Event Partners

  • IASA
  • IPI Singapore
  • itSMF
  • IFMA
  • European Data Centre Association
  • GS1

Event Partners

  • KinerjaBisa
  • Logistics & Supply Chain Management Society
  • Michael Page
  • NexChange
  • SG Tech
  • CHIME

Event Partners

  • Singapore Cyber Security Consortium (SGCSC)
  • Structure Research
  • General Assembly
  • Open Connectivity Foundation
  • Smart Asia India
  • Crest

Media Partners

  • ACN Newswire
  • APAC CIO
  • APSM
  • Asia Blockchain Review
  • Asia Research News

Media Partners

  • Australian Cybersecurity Magazine
  • Australian Security Magazine
  • BizClik Media
  • European Data Centre Association

Media Partners

  • Chief IT
  • CIO Advisor APAC
  • Cross Border Magazine
  • AI Time Journal

Media Partners

  • CryptoNewsZ
  • ComputerWeekly.com
  • Cyber Security ASEAN
  • Asia Content News
  • Enterprise Security Magazine

Media Partners

  • Data Storage ASEAN
  • e27
  • Fintech Finance
  • CMO Asia
  • GovTech SEA

Media Partners

  • Jumpstart Media
  • My Security Media
  • Retail CIO Outlook
  • Cybersec Asia
  • Frontier Enterprise – Jicara Media

Media Partners

  • Telecom Era
  • Supply Chain Digital
  • Techwire Asia
  • Gigabit
  • Digicon Asia

Media Partners

  • FutureIoT
  • Marketing Ops
  • Payment & Cards Network
  • Techtarget
  • FutureCIO

Official Partner Hotel

  • MBS

Media Partners

  • Wire 19
  • 计算机网络世界
  • Supply Chain Brain
  • Disruptive Tech Asean
  • FutureCFO

  • Hillstone