Barracuda Networks has added a new, machine learning-based feature to its Web Application Firewall and WAF-as-a-Service solutions designed to ward off malicious bots and automated threats.
Called Advanced Bot Protection, the new technology safeguards websites from content scraping, data theft, and non-human traffic that can compromise availability and performance.
“In order to effectively protect their organizations against today’s evolving threats, customers need sophisticated bot mitigation capabilities,” said Tim Jefferson, senior vice president of data protection, network and application security at Barracuda, in a media statement. “Traditional web application firewalls don’t all provide advanced bot protection, and some bot mitigation vendors only offer point solutions that aren’t integrated into WAFs. Advanced Bot Protection is fully integrated into Barracuda’s web application firewalls to provide a complete application security solution that is easy to deploy and manage.”
Key features in Advanced Bot Protection include request risk scoring that uses advanced behavioral analytics to evaluate incoming requests, the ability to track users with better fidelity than IP addresses using “client finger printing”, bot spam detection functionality designed to reduce referrer spam and block comment spam, and technology that prevents attackers from using credential stuffing to take over accounts.
The system also comes with a revamped user interface designed to make configuring bot mitigation features simpler.
Web applications are the number one vector for attacks resulting in breaches, according to Barracuda, citing data from the 2019 Verizon Data Breach Investigations Report. Hackers are increasingly using command line browsers (known as “headless” browsers) and artificial intelligence to slip past traditional application security defenses.