Barracuda WAF-as-a-Service Updates

Barracuda WAF-as-a-Service Updates

waas.barracudanetworks.com

Fair Usage Visibility !

by Arvind K Sastry, SPM - AppSec
Fair Usage Policy tracking Barracuda WAFaaS now enables you to track the total Bandwidth and no. of requests transacted on your application.  Currently, the account is said to be within the fair usage limits, when Total Bandwidth
New
Announcement
Update

A Smarter, More Streamlined WAFaaS Experience

by Arvind K Sastry, SPM - AppSec
We’ve redesigned the Barracuda WAFaaS interface to help you work faster and with greater clarity, with a layout that’s cleaner, more intuitive, and easier to navigate. This update also brings a unified experience across the Barracuda
New
Update

Kosovo and South Sudan Now Supported in IP Geolocation Module!

by AppSec PM Team
Exciting Update: Kosovo and South Sudan Now Supported in IP Geolocation Module!, We are excited to announce that our IP Geolocation module has expanded its coverage to include two new countries: Kosovo and South Sudan ! This update
New
Update

Executive Summary Report Now Available!

by Vishal Khandelwal, PM
Exciting news! We've launched the Executive Summary Report – your comprehensive report for application security insights at a glance! The Executive Summary Report makes it easier than ever to demonstrate the value of WAF-as-a-Service in
New
Update
Announcement

App Groups

by Scott Treacy
Update
Announcement
After several months of development, we are very pleased to announce the availability of App Groups. This is a significant new feature that allows you to group applications together with common Resources. For example a staging group of
App Groups

Security Advisory

by Vishal Khandelwal
We are hardening WAF-as-a-Service to protect against two design limitations and associated vulnerabilities, discovered in the previous firmware.  When an application is in Block mode, under certain configurations is may be possible to
New
Announcement
Improvement
Fix

OpenSSL Vulnerabilities (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217 and CVE-2023-0401)

by Scott Treacy
Announcement
CVE
OpenSSL have announced a new security advisory. Please see Barracuda Campus for the latest news on this advisory.
OpenSSL Vulnerabilities (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217 and CVE-2023-0401)

Datapath Management Fix

by Scott Treacy
A few customers experienced an issue with the logic that manages the scaling of the datapath under certain conditions. We have implemented and tested a fix which will be deployed to the version 11 datapath on Sunday 22nd and the version 12
Fix
Datapath

Claroty JSON SQLi Vulnerabilities

by Scott Treacy
The Claroty T82 research team released a blog last week demonstrating a newly identified SQL injection in JSON based SQL and how this bypasses many name brand WAF vendors...
Announcement
CVE