Barracuda WAF-as-a-Service Updates

Barracuda WAF-as-a-Service Updates

waas.barracudanetworks.com

Fair Usage Visibility !

by Arvind K Sastry, SPM - AppSec
Fair Usage Policy tracking Barracuda WAFaaS now enables you to track the total Bandwidth and no. of requests transacted on your application.  Currently, the account is said to be within the fair usage limits, when Total Bandwidth
New
Announcement
Update

A Smarter, More Streamlined WAFaaS Experience

by Arvind K Sastry, SPM - AppSec
We’ve redesigned the Barracuda WAFaaS interface to help you work faster and with greater clarity, with a layout that’s cleaner, more intuitive, and easier to navigate. This update also brings a unified experience across the Barracuda
New
Update

Kosovo and South Sudan Now Supported in IP Geolocation Module!

by AppSec PM Team
Exciting Update: Kosovo and South Sudan Now Supported in IP Geolocation Module!, We are excited to announce that our IP Geolocation module has expanded its coverage to include two new countries: Kosovo and South Sudan ! This update
New
Update

Executive Summary Report Now Available!

by Vishal Khandelwal, PM
Exciting news! We've launched the Executive Summary Report – your comprehensive report for application security insights at a glance! The Executive Summary Report makes it easier than ever to demonstrate the value of WAF-as-a-Service in
New
Update
Announcement

App Groups

by Scott Treacy
Update
Announcement
After several months of development, we are very pleased to announce the availability of App Groups. This is a significant new feature that allows you to group applications together with common Resources. For example a staging group of
App Groups

OpenSSL Vulnerabilities (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217 and CVE-2023-0401)

by Scott Treacy
Announcement
CVE
OpenSSL have announced a new security advisory. Please see Barracuda Campus for the latest news on this advisory.
OpenSSL Vulnerabilities (CVE-2023-0286, CVE-2022-4304, CVE-2022-4203, CVE-2023-0215, CVE-2022-4450, CVE-2023-0216, CVE-2023-0217 and CVE-2023-0401)

Claroty JSON SQLi Vulnerabilities

by Scott Treacy
The Claroty T82 research team released a blog last week demonstrating a newly identified SQL injection in JSON based SQL and how this bypasses many name brand WAF vendors...
Announcement
CVE

OpenSSL v3 X.509 Email Address Buffer Overflows (CVE-2022-3786 and CVE-2022-3602)

by Scott Treacy
Last week the OpenSSL Project announced they would release OpenSSL v3.0.7 on November 1st, highlighting that this release will be a security fix for a critical vulnerability of the highest severity. Upon release of the fix and the advisory,
Announcement
CVE

Apache Commons Text packages (CVE-2022-42889)

by Scott Treacy
This article provides an update on the recently discovered vulnerability in Apache Commons Text packages (CVE-2022-42889).
Announcement
CVE