“Web applications are a leading attack vector used by hackers to infiltrate businesses, yet the cost and complexity of securing applications often leave IT professionals without an easy or cost-effective way to secure their infrastructure,” explained Sanjay Ramnath, Senior Director, Security Product Management, Barracuda. “Barracuda Vulnerability Manager helps solve this problem with an easy-to-use cloud service that scans, detects, and identifies web vulnerabilities. Barracuda Vulnerability Manager, together with the Barracuda Web Application Firewall, offers business owners a web application security solution that can help them protect their organisation from vulnerabilities with a few simple steps.”
Simplified Installation & Management
Barracuda Vulnerability Manager scans for vulnerabilities hosted on-premises, in virtual environments, and in public and private clouds. It can help customers identify the risks in their web application infrastructure in order to effectively prioritise and remediate them. Barracuda Vulnerability Manager is centrally managed from Barracuda Cloud Control, an intuitive web-based interface that allows customers to manage multiple Barracuda solutions from any location over a secure Internet connection.
Simplified, Comprehensive Detection
Barracuda Vulnerability Manager scans web applications to detect and identify a broad range of vulnerabilities, including the OWASP Top 10 such as SQL injections and Cross-Site Scripting. Data collected during the Barracuda Vulnerability Manager’s beta program shows that more than 50 per cent of applications scanned are vulnerable to Cross-Site Scripting1, which creates a vulnerability that can allow attackers to bypass certain access controls. Applications that are custom-coded in house often are most vulnerable, as many organisations do not have the proper resources and education on application security best practices in place. Second to that are out-of-date versions of open source web platforms, such as Wordpress or Joomla!, which may have well-known vulnerabilities that are easy for any hacker to exploit.
Simplified Remediation
Prioritising, validating, and remediating fixes for vulnerabilities are increasingly complex tasks for enterprise security teams. Industry research reports that more than 80 per cent of websites tested have at least one serious vulnerability.2 Further, recent research indicates that web application vulnerabilities continue to rise.3 The Barracuda Vulnerability Manager seamlessly integrates with the Barracuda Web Application Firewall, which can be deployed as a physical appliance, a virtual appliance, or in the public cloud. Vulnerabilities found by the Barracuda Vulnerability Manager can be imported easily into the Barracuda Web Application Firewall, which can automatically generate mitigation rules and apply them with a single click, together providing an end-to-end solution that easily detects and secures against common web application vulnerabilities.
“We’ve used Barracuda Vulnerability Manager to run quick scans or periodic monitoring of systems while in consultation with customers. The Barracuda Vulnerability Manager addresses all of a customer’s publicly available content, including the most extensive content, saving a lot of research time because of the generic nature of many websites,” said Jeroen Bakker, Security Officer and Technical Consultant, Ormer ICT, a Barracuda reseller. “We’ve been able to use Barracuda Vulnerability Manager to successfully detect and quickly set rules to mitigate web application vulnerabilities found on customer sites and it is a perfect complement to the industry-leading Barracuda Web Application Firewall.”
