Campbell, California-based Barracuda Networks Inc. has introduced a new vulnerability assessment tool that identifies potential security vulnerabilities in websites and Web-based applications hosted either in the cloud or in onsite physical and virtual servers.
Named Barracuda Vulnerability Manager, the new solution integrates with Barracuda’s Web Application Firewall product to create and apply mitigation policies for detected security flaws automatically, and can be administered via Barracuda’s Cloud Control centralized management portal. The system, which is available immediately, is free for a limited time to authorized Barracuda resellers and customers with a valid Barracuda subscription.
SQL injection, cross-site scripting, and other Web-based attacks impacted 64 percent of businesses surveyed by security research firm the Ponemon Institute in its 2015 Cost of Cyber Crime Study, which also estimated the average per-incident cost of those attacks to be $96,424.
What’s more, over half of the applications that Barracuda Vulnerability Manager users scanned during beta tests proved susceptible to cross-site scripting exploits. According to Barracuda, the most at-risk applications tend to be custom-coded ones written by developers with weak knowledge of security best practices and systems running on outdated versions of WordPress, Joomla!, and other open source Web platforms.
“Web applications are a leading attack vector used by hackers to infiltrate businesses, yet the cost and complexity of securing applications often leave IT professionals without an easy or cost-effective way to secure their infrastructure,” stated Sanjay Ramnath, Barracuda’s senior director of security product management in a press statement. “Barracuda Vulnerability Manager helps solve this problem with an easy-to-use cloud service that scans, detects, and identifies web vulnerabilities.”
Jeroen Bakker, security officer and technical consultant at Netherlands-based Barracuda reseller and beta test participant Ormer ICT backed that claim in a statement quoted in Barracuda’s press release. “The Barracuda Vulnerability Manager addresses all of a customer’s publicly available content, including the most extensive content, saving a lot of research time because of the generic nature of many websites,” he said.
Barracuda’s latest product release comes just days after reports that Barracuda management is investigating a possible sale of the company; less than a week after the debut of a new Cloud Video Gateway product and partnership with Kroll Ontrack; a little over three weeks since the company’s latest quarterly earnings statement revealed a 14 percent revenue increase but per-share earnings that disappointed Wall Street analysts, leading to a sell-off of the company’s stock; and roughly four months after Barracuda purchased data protection vendor Intronis Inc.
As previously reported by ChannelPro, Barracuda won’t comment on the rumors of a potential sale but says it remains committed to the success of its channel.
