SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Barracuda launches new Application Protection plans
Fri, 21st Apr 2023

Barracuda Networks has introduced new Application Protection plans to make it easier for customers to protect websites, applications, and APIs with comprehensive enterprise-grade protection.

The new plans combine machine learning (ML) powered web application, API, DDoS and bot protection with zero trust security to help prevent todays most complex threats.

According to Barracuda, customers need a solution that delivers Web Application and API Protection (WAAP) to applications no matter where they reside including on-premises, hybrid, and multi-cloud application deployments. The new Application Protection plans are designed so customers can choose the security capabilities they need, input the number of applications, and get started.

According to Forrester, "While web application firewalls (WAFs) remain a popular tool to protect web applications, customers today are looking to protect a wider range of applications across a wider range of deployment environments with fewer people."

Barracuda WAF-as-a-Service is designed to enable comprehensive application security for web applications and APIs of any size. Applications can be quickly onboarded and secured with the three-step onboarding wizard.

WAF-as-a-Service features deep visibility to identify attacks and traffic trends. Among these are visualisations for client-side scripts on their web applications something that few admins have visibility into and are important to protecting against website supply chain attacks. ML-powered capabilities like the Auto Configuration Engine and shadow API Discovery enable admins to reduce their unknown attack surfaces. 

Customers can choose between the following plans based on their security needs:

Advanced plan:

  • Protect against OWASP Top 10 Web & API Attacks
  • Full spectrum protection against volumetric and application DDoS attacks
  • Protect against zero-day attacks and gain valuable air cover and time to patch applications
  • Stop account takeover attacks against web and API applications
  • ML-powered Auto Configuration Engine to make administration much easier

Premium plan: Includes everything in the Advanced plan, plus:

  • Automated API Discovery to secure hidden shadow APIs
  • ML-powered Bot Protection to identify and block emerging complex threats in near-real time
  • Client-Side Protection to identify and block website supply chain attacks
  • ML-powered Privileged Account protection to stop advanced attackers from compromising applications
  • Container protection provides admins the ability to deploy containerised WAFs for close-in protection of applications
  • Built-in zero trust access capabilities can be used to protect critical accounts for the application

Tim Jefferson, Barracuda SVP, Engineering & Product Management, Data, Network, and Application Protection, comments, "The new plans make it easy for customers to choose the security capabilities they need and get started with Barracuda Application Protection.

"The new plans offer a unique combination of ML-powered vulnerability, API, DDoS, and bot protection with zero trust security to help customers in combating todays most challenging threats."

Paul Crighton, Regional Sales Director, ANZ, Barracuda, says, "With these new plans we are making it easier for channel partners to help their customers secure internal and third-party applications. Web and API-based applications are core to a business digital journey.

"However, our own internal research shows that for many businesses the prospect of effectively securing apps against an ever-evolving range of cyber threats can appear complex and resource-intensive. It doesn't need to be either of those things.

"These new plans will enable channel partners to offer advanced yet easy to deploy and manage service-based application security. Partners will be able to quickly onboard and manage new customers and support them in meeting compliance and cyber-insurance requirements."