(Source – Shutterstock)

Barracuda launches new capabilities for Web Application and API Protection, expands SASE platform

Gartner defines Web Application and API Protection (WAAP) as the evolution of the web application firewall market (WAF). WAAP expands WAF capabilities to four features that are WAF, DDoS protection, bot management, and API protection.

Over the years, the demands for WAAP continue to increase as more stringent enterprises’ requirements required improved API security features. Today, most major cybersecurity vendors offer a variety of WAAP solutions as part of their cybersecurity offerings.

In fact, Gartner also stated that web applications, mobile applications, and APIs are being subjected to increasing volumes of complex attacks. As such, security and risk management technical professionals responsible for application security architecture must use an appropriate mix of mitigating technologies to secure applications.

To deal with this, Barracuda Networks’ Barracuda Cloud Application Protection adds powerful new automated API Discovery and GraphQL security capabilities, augments Account Takeover Protection capabilities, and enhances the client-side protection feature set. Additionally, the integration of the Barracuda Web Application Firewall and the Venafi Trust Protection Platform adds the ability to continually automate machine identity management for TLS certificates to stop outages and make it easy to scale web application firewall usage.

With this new release, Barracuda Cloud Application Protection includes continuous, automatic API Discovery using machine learning to improve compliance and security. This capability greatly reduces the admin overheads of importing API specs and configuring protections, while allowing development teams to build and deploy secure APIs quickly.

At the same time, the new technology integration of Barracuda Web Application Firewall and Venafi Trust Protection Platform offers a fully-featured, unified solution that enables the secure, centralized, and automated management of certificates and keys across Barracuda Web Application Firewall. This integration adds security to the managed machine identities and eliminates the anxiety and risk associated with certificate-related downtime and risks.

According to Tim Jefferson, SVP, Engineering for Data, Network, and Application Security at Barracuda, every business needs this type of critical protection against API vulnerabilities and automated bot attacks.

Apart from new capabilities in WAAP, Barracuda also announced an expansion to its cloud-native SASE platform. The expansion includes new capabilities for hybrid deployment models and IoT environments. Additionally, new technology integrations offer secure data transfer, orchestration, asset management, and anomaly detection.

As part of the Barracuda SASE platform, CloudGen WAN will now provide private service edge for hybrid deployments. Private service edge is ideal for organizations that need to follow certain geopolitical requirements or need full control over the data plane. Private service edge devices provide the same scope of security and networking functionality as the cloud service and are administrated and maintained via a central management platform.

For virtual appliances and new ruggedized site devices, CloudGen WAN also offers Secure Connector that provides highly scalable internet-of-things connectivity, as well as cloud and private service edge-based security for IoT endpoints.

“The expansion of Barracuda’s cloud-native SASE platform for hybrid deployment models and IoT environments solves a number of common security, connectivity, and scalability challenges that businesses are facing in this age of digital transformation,” added Jefferson.