Cloud Application Protection 2.0 adds client-side protection, container protection, a new engine to make things simpler for customers with security recommendations, and a new bundle of threat intelligence solutions.
In late 2019, Barracuda Networks introduced their Cloud Application Protection platform, which is essentially a Web Application Firewall on steroids, updated for the modern era and delivered as a service. It was also built on Azure and available in the Azure Marketplace. Today they are announcing Cloud Application Protection 2.0, which adds new features like client-side protection, powerful containerized deployment capabilities, and a brand new auto-configuration engine that makes recommendations about modifying security settings. They have also created a new bundle of threat intelligence offerings that both increases efficiencies and will make it easier for partners to sell them.
“When we started with the Cloud Application Protection platform, the idea was that we could tell the customer that once you get it, we will worry about what’s inside it, and provide the protection,” said Nitzan Miron, Vice President of Product Management, Application Security Services at Barracuda. “Version 2.0 is about making it even easier than it was before.”
The enhancements begin with new client-side protection against website skimming and supply chain attacks like MageCart.
“These attacks came out of the blue a couple of years ago and became very prevalent,” Miron said. “They are also known as software supply chain attacks. Today, developers use an existing set of frameworks and libraries from repositories like Github to build their applications. If an attacker finds a vulnerability on one of these, it can compromise many applications.” In addition, because these attacks infect a script that is loaded directly by the browser, WAFs can’t detect them.
Miron said that while these types of attacks are still less significant than other types of attacks, they are growing rapidly.
“The damage is usually pretty bad because if they get compiled into an application, they can do pretty much what they want,” he stated. “With the British Airways hack, every time you used a credit card for BA it was sent to BA – and also to the attacker.”
Cloud Application Protection 2.0 provides both protection and reporting capabilities against these attacks.
Another new feature is containerized WAF deployment, which allows the WAF to be deployed in a container form. Miron said that while others provide this capability, they do not do so at the same strength.
“We may be the first to fit a full-featured WAF into a container,” he noted. “There are other ones, but they are lightweight. Ours provides a lot of power in a container.”
A net-new feature is the Auto-Configuration Engine, which uses machine learning models to check an organization’s traffic patterns and provide recommendations to tighten security settings.
“We want Cloud Application Protection to be powerful, but also easy to use,” Miron said. “This is part of the easy to use side. The engine looks at your traffic and makes security suggestions, like ‘use this feature’ or ‘turn this one off.’ It saves you from having to comb through logs.”
The new bundle is Active Threat Intelligence, a cloud-based machine learning-enhanced service that provides near real-time active threat intelligence. It brings together the Barracuda Vulnerability Manager, Barracuda Vulnerability Remediation Service, Barracuda Advanced Threat Protection, and Barracuda Advanced Bot Protection’s cloud layer, making it a single service that covers the full range from detection to remediation.
“It’s a bundling of some existing features like Vulnerability Manager and Advanced Bot Protection with some new features into one consolidated service,” Miron indicated. “It comes to one combined verdict. The main asset to the customer is that it will be more insightful, as you get more when you put them together. The whole is greater than the sum of the parts.”
A minor part of the 2.0 release is the addition of an Azure Sentinel integration that lets defenders quickly see the most important information in the specific context, allowing for rapid responses.
“It’s a convenience that can be combined with other sources to provide a consolidated source into what’s going on,” Miron said.
In addition, a workbook that sets up an Azure Sentinel workspace with a dashboard specific to Barracuda WAF or WAF-as-a-Service is now available in the Azure portal, making it easy for administrators to deploy this integration.
Miron said Cloud Application Protection 2.0 has been designed to make it easier for partners, who are Barracuda’s route to market.
“By combining all this into one platform, we make it easy for partners to sell application security,” he stated. “They can pitch it with confidence to their customers. This was a big part of the platform and bundling exercises, to make it easier for the channel to know what to sell.”