Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
BarracudaNews
Home›News›Barracuda›Finally! A platform approach to application security

Finally! A platform approach to application security

By admin
05/11/2019
1346
0
Share:

Digital transformation is fundamentally changing today’s enterprises, making data and applications key to doing business. People are conducting transactions and accessing data through web and mobile applications, and as a result these applications are a source of competitive advantage for digital businesses.

As applications are increasingly crucial to driving business, it is not surprising that organizations continue to invest in them. DevOps processes, agile methodologies, and the move to cloud help enterprises to develop and update applications faster. However, while applications are developed and deployed faster than ever, secure coding practices have not kept pace, resulting in a constantly growing number of open vulnerabilities that can be exploited. It is critical to the success, and often to the very survival, of today’s organizations to protect these applications from vulnerabilities.

At the same time, the threat environment is continuously evolving and becoming more challenging. Hackers are getting more sophisticated; they are now professional criminals or even nation states. Today’s hackers are aware that web applications are inadequately protected and are often the weak link in enterprise IT security. In addition to manual hacking attacks, bots and botnets are increasingly used to attack enterprise infrastructures through web applications. These automated exploits are often executed as Distributed Denial of Service (DDoS) attacks, at both the network and application layer. And, of course, malware is constantly getting more advanced. It is increasingly able to evade traditional defenses such as next-generation firewalls and even sandboxes.

The growth in the number of unprotected application vulnerabilities, coupled with the increase in hacking and malware, has resulted in a perfect storm of data breaches.

Current Solutions

Existing solutions to protect web applications include application vulnerability assessment and security testing to identify vulnerabilities, as well as web application firewalls (WAF) and related technologies for vulnerability mitigation and/or remediation. The fact that application-related data breaches continue to occur indicates that existing solutions have not been sufficiently effective. There a number of reasons for this, including the complexity of existing approaches and the vendor fragmentation making this complexity even worse.

Application vulnerability assessment/testing solutions are typically provided by a set of security vendors that are different from those providing WAF solutions. While it is possible to integrate the testing and WAF products through APIs, it is too cumbersome and difficult for most organizations. As a result, virtual patching of vulnerabilities has not been broadly deployed.

With regard to WAF solutions, they are delivered as appliances (physical or virtual) or as SaaS solutions. WAF appliances have been quite complex to deploy and manage, resulting in insufficient deployments. In many cases, even when deployed, WAFs are set up in non-blocking mode due to concerns about blocking valid traffic. On the other hand, WAF-as-a-service solutions, while easier to deploy and manage, often do not provide granular controls and advanced functionality required to protect many applications.

I believe that what is needed to improve the situation is a platform approach to application security.

Barracuda Cloud Application Protection

Cloud application protection

Barracuda Cloud Application Protection (CAP) is a platform to protect web applications wherever they reside — in the cloud, on premises, or hybrid.

Web application firewalls are fundamental to protecting applications. Barracuda WAF can be deployed as software-as-a-service, cloud hosted, or on-premises appliance. All options provide comprehensive application security, including protection for the OWASP Top 10 and many more vulnerabilities and automated threats.

Barracuda Vulnerability Manager is a cloud-hosted scanner that examines web applications and identifies open vulnerabilities, generating a report that provides remediation information. Barracuda Vulnerability Remediation Service continuously scans for vulnerabilities and enables one-click remediation, to automatically secure your apps against a broad range of threats.

Today’s sophisticated bots can mimic human app users to carry out devastating attacks. Barracuda Advanced Bot Protection uses artificial intelligence and machine learning in the cloud to continually improve its ability to spot and block bad bots and human-mimicking “low and slow” bots—while allowing legitimate human and bot traffic to proceed.

Denial-of-service (DDoS) attacks continue to be a serious threat. Barracuda application security solutions include powerful, full-spectrum DDoS protection. Covering Layer-3 to Layer-7 traffic, and blocking both volumetric and application-based DDoS attacks, this capability ensures that your business-critical applications remain available, accessible, and effective.

Modern malware threats are designed to evade traditional detection techniques. And these new malware variants are appearing faster and in greater number than ever before. Barracuda Advanced Threat Protection is an integrated cloud-based service that analyzes traffic across all the major threat vectors. It uses multiple analytic layers—including sophisticated sandbox analysis—to spot and block threats, including evasive zero-day threats.

Barracuda application-security solutions provide protection for your entire attack surface, including REST and mobile applications, to help ensure that APIs are protected. XML protection secures REST and WSDL interfaces against schema and WSDL poisoning. JSON protection scans payloads to ensure that only legitimate requests are allowed through. Interactive applications using AJAX are also protected.

In addition to defending against a variety of cyber threats, it is also critical to ensure that only authorized personnel can access your application backends and data. Barracuda application-security keeps data from falling into the wrong hands by integrating with AD, LDAP, and RADIUS, giving you granular control over which users and groups can access what data. Barracuda WAF solutions can secure all the services that rely on ADFS. SAML support provides a seamless single-sign-on (SSO) experience across on-premises and cloud applications. Two-factor authentication further enhances security and integrates with popular services such as RSA SecureID, SMS PASSCODE, Duo, and others.

Get a closer look at Barracuda Cloud Application Protection

[Mike Goldgof]

Previous Article

Barracuda launches Cloud Application Protection to secure ...

Next Article

Media Alert: Sophos Annual Threat Report Details ...

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • FortinetNews

    Partnering on Global Cybercrime: A Group Effort

    20/11/2020
    By admin
  • Fortinet
    FortinetNews

    NTT West Chooses Fortinet Secure SD-WAN and SD-Branch to Deliver Security-Driven Networking Services

    06/05/2020
    By admin
  • BarracudaNews

    Barracuda launches Cloud Application Protection to secure web apps

    05/11/2019
    By admin
  • NewsSophos

    Sandboxie is now an open source tool!

    09/04/2020
    By admin
  • NewsWatchGuard

    Changing Times, Changing WatchGuard

    09/09/2019
    By admin
  • Fortinet
    FortinetNews

    Fortinet Introduces Self-Learning Artificial Intelligence Appliance for Sub-Second Threat Detection

    24/02/2020
    By admin

  • Fortinet
    FortinetNews

    Fortinet: Threat Landscape Report Q1

  • FirmwareSoftware UpdatesSophos

    Sophos XG Firewall v18 is now available!

  • NewsSophos

    Safe shopping, happy retailing: 3 cybersecurity tips for the holidays

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home