Barracuda Advanced Bot Protection
Stop bots dead in their tracks.
Keep bad bots at bay.
Remote work is here to stay, cloud migrations are accelerating, and secure access is critical. Enterprises need Zero Trust Network Access (ZTNA) to verify every access attempt to data and resources.
Barracuda Advanced Bot Protection is an innovative ZTNA solution that provides secure access to applications and workloads from any device and location. Advanced Bot Protection continuously verifies that only the right person, with the right device, and the right permissions can access company data or apps, or any infrastructure.
Secure your online data, analytics and inventory against advanced bots.
Protect websites, mobile applications and API's from the growing threat of advanced bots that can scrape your data, lock up your inventory, skew your web analytics, bringing chaos for your digital business.
Detect and block hidden almost-human bot attacks with machine learning.
Our cloud-based Threat Intelligence Service uses crowd-sourced data and battle-tested machine learning models to identify and block sneaky low-and-slow attacks attempted by advanced bots.
Improve user experience and security.
Minimize the risk of data breaches, reputational damage and financial disasters without using CAPTCHAs or slowing down customers. Barracuda's powerful, innovative application security and bot mitigation solutions are truly simple to deploy, configure, and manage.
Secure critical applications against all attacks with a single solution.
Barracuda protects your websites, mobile applications and API's against the worst application attacks-no matter what form they take. Attacks such as OWASP Top 10, DDoS or bot attacks that use scraping, denial of inventory and credential stuffing are no match for our proven application security solution. Our customers rely on us every day with confidence, because our solution has been deployed globally and continually improved for over a decade. Best of all, our solution makes it simple to deliver the application security you need with industry-leading ease of use.
Harness the power of the crowd and machine learning for early detection.
Barracuda's Threat Intelligence Service collects data from thousands of deployments, honeypots and other sources, and distills this into actionable intelligence. Barracuda Advanced Bot Protection combines this threat intelligence with cloud-based machine-learning models to identify and detect almost-human bots and other advanced attackers.
Block bots and advanced attackers without impairing customer experience.
Current defense mechanisms like CAPTCHA and IP blocks can be awkward and impair the customer experience. Barracuda learns your application patterns to intelligently block the actual attackers, while letting your legitimate customers experience the application the way you intended. Barracuda Advanced Bot Protection uses advanced fingerprinting to identify each client, and lets you easily respond with tools like tarpits, timed blocks, autonomous system numbers, data centers, IP reputation and fingerprint-based actions to slow down and block bots.
Gain full visibility into what's going on with your applications and traffic.
The Advanced Analytics Dashboard gives you at-a-glance visibility into traffic patterns and the types of clients who visit your website. A single pane of glass provides you with a birds-eye view of traffic patterns. Want to get granular? You can drill down into specific applications and see every bot that has visited your website, how often it attacks, how much data has been transferred, helping you make informed decisions on how to protect your digital property.
Features & Benefits:
Basic Bot Protection
- Bot Identification
The most basic of bots can be identified using various signatures. The Barracuda WAF product line comes with an on-board signature database with over 10,000 bot entries collated from various sources. These entries, along with capabilities like reverse DNS lookups, Honeytraps and JS-based challenges are used to quickly and accurately identify the simpler bots. Once identified, the good ones are allowed through, and the bad ones are blocked immediately.
- Web & Price Scraping Protection
Competitors and other third parties often use automated scripts to steal pricing and other content in real-time. Price scraping and content scraping results in reduced customer visits and conversions. The ABP solution uses a number of signals - page access speeds, page access patterns, client telemetry (IP, SSL Fingerprint) etc - to identify and block possible web scraping attempts.
- Brute Force Detection
Brute Force attacks are typically used during reconnaissance attempts - these include attacks like directory traversal, credential cracking etc. The Barracuda WAF product line can identify brute force attempts from individual clients and block them.
- Bot Spam Detection
Bot Spam takes various forms - it can be in the form of referrer spam, polluting your website analytics. Alternatively, it can present as Form Spam, with thousands of spurious signups on your internet facing forms. Either way, you end up with skewed data that can take forever to clean up. Barracuda ABP uses several methods to identify and block such spam, including learning all the forms on a website and the time taken to fill the form. It then uses these learned parameters to identify spammers and block them.
- Client Fingerprinting
Blocking an entire IP address for bad behavior causes significant problems. This method can be used for known problem IP ranges, such as hosting providers, TOR ranges etc, but in most cases, an IP address may have hundreds or more users behind it. The Barracuda ABP systems uses passive and active methods to fingerprint each client beyond the IP, down to the browser level. This allows you to block a single misbehaving client down to the browser level, reducing the blast radius of the block.
- Proactive Defense
Bots come from a variety of sources - home IP addresses, datacenters, VPS, consumer VPN providers and Tor. In some cases, it is quite easy to stop bots by blocking entire IP ranges, like VPS providers or datacenters. The Barracuda WAF product line provides several such IP categories, including reputation-based lists to proactively block attackers and bots at the IP level.
Advanced Bot Protection
- Account Takeover Detection
Credential Stuffing and Spraying attacks have been used to compromise household names the world over with Account Takeover attacks. Attackers use bots and breached credential lists to perform low and slow brute force attacks and takeover user accounts. Barracuda ABP hosts a cloud database of breached credentials and validated incoming logins against this database. When a hit is found, you can then block the attacker and secure the user account.
- Machine Learning-based Bot Detection
Today's bots are built to be almost human in their behavior. Standard signature checks and validations do not always catch these bots. Barracuda ABP's cloud-based detection identifies the most advanced bots within the first few requests using a combination of website specific rules and machine learning models. The website specific rules are built by our system for each application you onboard, leading to a very low false positive rate. Since the ML system is built in the cloud, new bot detection models that are deployed are usable by all connected systems without needing a firmware upgrade.
- Crowd-Sourced Bot Detection
The Barracuda ABP systems gets data from a massive honeypot network which collects many forms of threat intelligence beyond web attacks. This intelligence is combined with other data we see in production systems the world over, and a curated crowd-sourced threat intelligence stream is available to every ABP customer.
Defensive and Offensive Responses
Blocking a bot stops the bot at that point in time. However, the bot is now free to try coming in from a different IP or fingerprint to try and access your website again. One of the responses available to you with Barracuda ABP is the ability to tarpit a client. When a client is identified as being malicious, they can be put into a tarpit, where they are actively slowed down to near-unusable speeds. The bot spends a lot of time trying to access the site but does not get very far for its effort because it is continually slowed down.
- CAPTCHA and reCAPTCHA
The Barracuda WAF product line offers both an internal alphanumeric CAPTCHA and integration with Google reCAPTCHA v2 and reCAPTCHA v3. When clients are identified as being suspicious, you can choose to issue any of these to validate the client as either human or bot.
- On-box visibility
The Barracuda WAF product line provides you with on-board reporting of bot traffic. The reporting module has many reports that provide a deep visibility into the amount of bot traffic, the types of bots and detailed looks at the types of attacks and responses. You can get reports on the bot traffic levels, the number of credential stuffing attacks versus the number of requests, number of CAPTCHA's issues versus the number solved and much more.
- Advanced Analytics Dashboard
The cloud-based Advanced Analytics Dashboard is driven by data from your websites connected to the Barracuda ABP solution. The AAD provides a deep look into your bot traffic statistics. On the dashboard, you can drill right down to the level of each detected bot - and see details about its visits to your application, the amount of traffic it has generated, source IP address and more. The data provides you with a deep historical look at bot traffic, and its effects on your application.
Bot-spotting is getting harder:
Incredible as it may seem, bots generate more than half of today's internet traffic-including a lot of the malicious traffic that seeks to penetrate your web applications in order to attack your network and your data.
Not all bot traffic is malicious, however. Allowing traffic from legitimate crawlers is critical to accessing markets and getting your information in front of consumers. And, of course, you want to be sure not to block legitimate human traffic. The most advanced malicious bots in use today are increasingly good at mimicking human online behavior-and many bot-detection solutions just can't keep up with today's sophisticated bots.
Malicious bot behavior
As online-commerce apps have proliferated, bad actors have developed many techniques to use bots in ways that result in high costs for organizations like yours. While simple bots have long been used to launch DDoS attacks that can freeze your operations, today's more sophisticated bots might buy up all the tickets to an event or an airline flight-typically using stolen credit-card numbers-in order to re-sell them at inflated prices on a scalping site. The potential impact to your business can be severe, in terms of both revenue and reputation.
A multi-layered approach to bot-blocking
As bots evolve and simulate human behavior more and more closely, bot detection and mitigation strategies must evolve as well. Today's "low-and-slow" bots, which request data slowly and rotate IP addresses often, require special fingerprinting techniques to detect.
Barracuda Advanced Bot Protection is a cloud-delivered service that combines Barracuda's vast, real-time Global Threat Intelligence Infrastructure with advanced machine-learning technology. It scans incoming application traffic in real time, using AI traffic analysis and behavioral classification to identify even the most sophisticated, human-seeming bots-while minimizing false-positives that could block legitimate traffic and harm your business.
Each e-commerce application offers unique opportunities for bots. A generic bot detection methodology cannot address the specific bots written to target a specific application. Our state-of-the-art machine-learning layer provides automatic profiling of each individual application to provide application-specific bot detection and mitigation capabilities to help ensure the highest possible level of protection
Download the Barracuda Advanced Bot Protection Solution Brief (PDF).