App security vendor stiffens controls against automated threats
Barracuda is taking the fight to the machines with a new set of defenses designed to identify and block malicious bots wreaking havoc on Web apps.
The Lowdown: The new Barracuda Advanced Bot Protection is being added to both the company’s Web Application Firewall platform and its WAF-as-a-Service offering. Officials claim the added functionality uses artificial intelligence and machine learning to deliver spam detection, credential stuffing prevention, request risk scoring, and client fingerprinting.
The Details: At the cloud AI/ML layer, Barracuda’s Advanced Bot Protection learns from incoming traffic, detecting non-standard application access patterns and calculating client risk scores, officials said.
Barracuda Advanced Bot Protection also features a dedicated bot mitigation UI to simplify the configuration of bot controls.
The Impact: Barracuda Advanced Bot Protection is available now.
Background: According to the latest Verizon Data Breach Investigations Report (DBIR), Web applications are the No. 1 attack vector for hacks resulting in breaches, and the malicous bots largely responsible for such attacks have evolved from simple scripts to sophisticated tactics to scuttle traditional app security defenses.
The Buzz: “In order to effectively protect their organizations against today’s evolving threats, customers need sophisticated bot mitigation capabilities,” said Tim Jefferson, senior vice president of data protection, network, and application security at Barracuda. “Traditional Web application firewalls don’t all provide advanced bot protection, and some bot mitigation vendors offer only point solutions that aren’t integrated into WAFs. Advanced Bot Protection is fully integrated into Barracuda’s Web application firewalls to provide a complete application security solution that’s easy to deploy and manage.”