Barracuda Networks Inc., a provider of cloud-first security solutions, announced the expansion of Barracuda Cloud Application Protection, its platform for Web Application and API Protection (WAAP). The release adds powerful automated API Discovery and GraphQL security capabilities, augments account takeover protection capabilities, and enhances the client-side protection feature set. Additionally, the integration of the Barracuda Web Application Firewall and the Venafi Trust Protection Platform adds the ability to automate machine identity management for TLS certificates to stop outages and make it easy to scale web application firewall usage.
With the release, Barracuda Cloud Application Protection includes continuous, automatic API Discovery using machine learning to improve compliance and security. This capability reduces the admin overheads of importing API specs and configuring protections while allowing development teams to build and deploy secure APIs quickly.
Additional highlights include:
- New GraphQL security capabilities include native parsing of such requests and enforcement of security checks to protect against GraphQL-specific attacks.
- New Privileged Account Protection (PAP), backed by a machine learning layer, identifies risky logins and performs pre-configured actions to prevent Account Takeover attacks.
- Enhanced machine learning models in the Active Threat Intelligence (ATI) layer that powers Barracuda Advanced Bot Protection to identify and detect persistent bots.
- Improved controls for client-side protection over the configuration and visualization of content-security policies and sub-resource integrity settings.
- New capabilities for Barracuda WAF-as-a-Service make administration actions easier. The new snapshots feature allows the import and export of configuration as a JSON file to enable easier integration with automation tools.
The new technology integration of the Barracuda Web Application Firewall and Venafi Trust Protection Platform offers a fully featured, unified solution that enables the secure, centralized, and automated management of certificates and keys across the Barracuda Web Application Firewall. This integration adds security to the managed machine identities, and eliminates the anxiety and risk associated with certificate-related downtime and risks.