Barracuda launches Cloud Application Protection 2.0

The new platform blocks supply chain attacks, uses machine learning (ML) and adds containerised WAF to protect apps deployed in containers

Barracuda Networks, a leading provider of cloud-enabled security solutions, has announced new capabilities for its Cloud Application Protection platform to deliver an additional level of protection and make it even easier for organisations to secure their applications. 

Client-side protection, the ability to deploy containerised WAF nodes, and an auto-configuration engine are just some of the new services and features the platform includes. The Cloud Application Protection also now leverages machine learning (ML), vulnerability scanning and remediation, and Advanced Threat Protection to provide active threat intelligence for stronger protection.

Highlights of Cloud Application Protection 2.0 include:

  • Client-Side Protection — This new feature automatically creates and deploys protections against website skimming and supply chain attacks such as MageCart. These types of attacks are performed by infecting a script that is loaded directly by the browser, meaning that WAFs are unable to detect them. Cloud Application Protection 2.0 adds both protection and reporting capabilities against these attacks.
  • Containerized WAF deployment This new deployment option brings the same security engine as Barracuda WAF and WAF-as-a-Service, but in a container form. As more applications are now deployed in containers, they can now be protected.
  • Auto-Configuration Engine The Auto-Configuration Engine uses ML models to check an organisation's traffic patterns and provide recommendations to tighten security settings, reducing administrative overhead.
  • Active Threat Intelligence — This cloud-based ML-enhanced service provides near real-time active threat intelligence to detect and stop new threats as they occur. Barracuda Active Threat Intelligence brings together the Barracuda Vulnerability Manager, Barracuda Vulnerability Remediation Service, Barracuda Advanced Threat Protection, and Barracuda Advanced Bot Protection's cloud layer, making it a single service that covers the full range from detection to remediation.

“At Barracuda, we strive to continually make security easier for our customers, and Cloud Application Protection 2.0 provides enterprise-level application security with consumer-level ease of use,” said Tim Jefferson, SVP, Engineering for Data, Networks and Application Security at Barracuda. “The powerful new capabilities we’re introducing address the application security issues organisations are most concerned about right now and also provide protection for where applications are headed next.”

The state of application security in 2021


Barracuda has recently released the results of its survey, ‘The state of application security in 2021.’ They surveyed 750 application security decision-makers responsible for their organisation’s application development and security. Participants were from the US, Europe, and APAC, and each represented organisation had 500 or more employees globally.

The top five application security challenges they pointed to were bots, supply chain attacks, vulnerability detection, API security, and security slowing down app developments. On average, respondents were successfully breached twice in the past 12 months as a direct result of an application vulnerability. 72% of respondents said their organisation suffered at least one security breach from an application vulnerability. 

Overall, the findings indicate that more needs to be done to protect against application security threats, particularly newer threats. Many organisations realised issues within their systems and are looking to deploy new solutions in the coming year such as bot protection (41%), API gateway (36%), and software supply chain protection (scanning) (33%). 


Featured Articles

Google delays launch of long-anticipated Gemini AI model

The tech giant has pushed back the launch of its new conversational AI model, Gemini AI, amid speculation over if it can out-perform competitor models

Atos to deliver critical IT services to UEFA EURO 2024

IT service and consulting company Atos will deliver key on-site and remote IT services for the UEFA EURO 2024 taking place in Germany in June

Orange cyber report: highest number of victims ever recorded

Orange Cyberdefense's Security Navigator 2024 reveals the highest number of cyber extortion victims recorded, with an increase of 46% worldwide in 2023

ChatGPT turns one: How AI chatbot has changed the tech world

AI & Machine Learning

AWS announces AI tool Amazon Q to reimagine future of work

AI & Machine Learning

Deloitte & IBM: Data solutions driving tech sustainability

Data & Data Analytics