Barracuda adds more proactive defense capability with Barracuda Advanced Bot Protection

Barracuda enhances protection against bots in their WAF and WAF-as-a-Service platforms with new machine learning and AI abilities.

Barracuda has upgraded the anti-bot capabilities in their Web Application Firewall [WAF] platform and WAF-as-a-Service with the introduction of Advanced Bot Protection and its machine learning and AI-based capabilities.

“We have focused a lot of protection around industry best practices and we have had bot protection in place, but that protection has been more passive,” said Tim Jefferson, SVP of Data Protection, Network and Application Security, Barracuda. “You can have very strong passive protections in place, but the newer bots we are seeing today require that you build a model that is capable of learning good behavior and bad behavior.”

Machine learning and AI are now fundamental to a bot strategy, because harmful bots now increasingly have these capabilities themselves.

“Bot management strategy is two things,” Jefferson said. “The first is detection, but the second is response. You need a response strategy because many bots are good bots. We have had a focused strategy which started in late 2017 and 2018, to respond to the appearance of advanced bots using machine learning. This is now something that requires advanced analytics. The good thing is that analytics technology is now more consumable for companies like us, because our technology partners, especially the big IaaS players, have made it easier for companies like us to consume, in order to help us innovate quickly. We have been early adopters of this, and also use it in our email business.”

Jefferson said the Advanced Bot Protection technology blends this AI capability with their own IP.

“We do have some unique insights into behavior-based indices, so that we can train bots and start them learning,” he stated. “We use them for that to build this new launch around advanced analytics to keep up with the bad guys in this arms race that’s going on.”

The new functionality includes bot spam detection to reduce referrer spam and block comment spam, and also blocks credential stuffing to stop account takeover attacks. It adds risk scoring, tracking incoming requests and using advanced behavioral analytics to detect attackers. It also introduces client finger printing to track users more accurately than with IP addresses.

“This functionality is now more behavior based, benefiting from training on what good and bad bots do, and able to detect more anomalous behavior, even though it is getting very sophisticated,” Jefferson said.

Anti-bot protection particularly appeals to people from the line of business side rather than traditional security people.

“The customers who come back for this are the business side people, who are concerned about implications of bots on business behavior, as opposed to event that will pop up in a SIEM,” Jefferson noted. “They tell us that their marketing teams and analytics have been affected by bots, with the result that their investments have been been wasted. eCommerce sites want something done about them.”

Jefferson said that this enhanced anti-bot protection further strengthen what should be a strong partner play in the WAF space.

“We know from a Verizon report that 95 per cent of all breaches start by attacking web apps,” he stated. “WAFs have very sophisticated security tools – which very few people know how to operationalize. That has dampened their effectiveness and created a great opportunity for partners around managed security. This is a further way for partners to further pivot their practices around security, and which will  help them be consistently engaged with customers. WaaF as a service, which we launched last year – is an even stickier version of this for partners, which we have built with an easy user bot mitigation interface that makes it easy to configure, and to provide industry best practice protections with a couple of clicks.”

Leave a Reply

Your email address will not be published. Required fields are marked *