Barracuda Unleashes Advanced Bot Protection

Barracuda Thursday unveiled its new Advanced Bot Protection, which uses artificial intelligence (AI) and machine learning to protect against the latest automated threats.

It is available for both the Barracuda Web Application Firewall (WAF)-as-a-Service and WAF platforms. Barracuda WAF customers now have access to functionality that includes: bot spam detection; credential stuffing prevention; request risk scoring to detect attackers; client fingerprinting; and dedicated bot mitigation user interface.

Tim Jefferson, Barracuda‘s senior vice president of data protection, network and application security, tells Channel Futures that organizations are increasingly under attack by malicious bots. Advanced Bot Protection is a “great product” for MSSPs and MSPs as it provides them with an “easy to administer” set of capabilities that gives them a new source of revenue without increasing their operational costs, he said.

Barracuda’s Tim Jefferson

“Security-focused partners recognize this problem and are looking for solutions they can provide for their customers,” he said. “Unfortunately, most WAFs don’t provide enough bot-mitigation capabilities. Stand-alone bot-mitigation solutions are expensive and do not integrate with WAFs, which makes them difficult to implement and manage. Barracuda now offers sophisticated bot protection capabilities that are fully integrated with Barracuda WAFs, are easy to implement and manage, and are included in the WAF price. This will create many new opportunities for partners to provide full bot-mitigation solutions to those customers who have not been able to afford or manage bot mitigation point solutions.”

Bots have evolved from using simple scripts to using sophisticated tactics such as headless browsers and machine learning to break through traditional application security defenses, according to Barracuda.

According to Gartner, the main types of bot attacks include DDoS, fraudulent purchases, web scraping, and vulnerability scans and exploits. Unsupervised machine learning can be used to learn the characteristics of typical human-driven traffic, allowing the detection of bots as anomalies, while supervised machine learning can be used to identify features related to automated behavior, it said.

“Barracuda Advanced Bot Protection is a major competitive advantage for application security-focused partners,” Jefferson said.