Barracuda Cloud Security Guardian Updates

WAF and Email Security detection

2021-05-27T13:00:00Z

Running a scan with Cloud Security Guardian will now also check whether your web applications have Web Application Firewalls deployed in front of them. Many standards, including PCI-DSS, require a WAF in front of all public-facing web applications.

In addition, we will check your incoming email configuration and report if you do not seem to be running an email security solution. Though email security is typically not in scope of a CSPM audit, since so many business compromises start with an email, it is prudent to ensure that vector is protected as well.

You can turn off either of these scans by modifying your Security Policy. Simply uncheck the scans you want to turn off on the Barracuda Best Practices tab.

Improved onboarding for AWS and Azure

2021-01-26T20:52:00.001Z

We just released version 2021.1, with a significant change to how we onboard AWS and Azure accounts.

For AWS: instead of having to copy and paste values from the CloudFormation Template output, Cloud Security Guardian will now auto-detect when you have deployed the template and onboard the account. For full documentation, see https://campus.barracuda.com/doc/78155906/ .

For Azure: instead of having to create an App Registration manually, and then copy and paste its credentials, Cloud Security Guardian will now authenticate you with your Azure credentials and automatically set up permissions for you. For full documentation, see https://campus.barracuda.com/doc/78808235/ .

Azure Security Center/AWS Security Hub Import, Contextual Links

2020-12-06T17:10:00.001Z

We just released CSG version 2020.8 with the following changes:

CSG will now import alerts from Azure Security Center and AWS Security Hub. The alerts will be shown on the Security Findings and Security Risks pages. You can Suppress the alerts you don’t want to see just like any other finding in CSG. CSG will also link you directly to the alert in the Azure Portal or AWS Console to see full details on an alert.
CSG will now link you between pages while maintaining context. This will make it easier to “slice and dice” your risks and findings.
- When viewing a risk on the Security Risks page, you can see all findings (passed and failed) for that control on the Security Findings page.
- When viewing details on a finding or risk, you can click the resource name to jump directly to that resource on the Resources page. You can also see all findings associated with the same control across your cloud connections.
- When viewing resource details on the Resources page, you can jump directly to all risks or all findings for that resource.
CSG will now automatically remove findings for resources that do not exist in your public cloud tenant anymore. Findings will be hidden after 24 hours.
We’ve updated remediation steps for some findings, specifically for Azure where the user interface has changed since they were initially published.

CSG Release 2020.7: Filters, filters, filters!

2020-11-13T19:09:00.001Z

Barracuda Cloud Security Guardian Release 2020.7 has been released and has the following improvements:

The Security Risks and Security Findings pages have two new filters. Resource Type allows you to see only resources of a specific type, and Resource allows you to narrow down your view to a specific resource.
When you set filters on the Security Risks, Security Findings, or Resources pages, you will notice that your address bar changes. If you bookmark a page with a filter applied, you will see the same filters when you open that bookmark. You can also copy the URL in your address bar and send it to someone else with access to your account - they will see the same filters you applied.
If you set a filter on the Security Risks page, and then click through to the Security Findings page, your filter will be retained; or vice versa.
If you set a filter on the Security Risks, Security Findings, or Resources pages, click through to a different page, and then return to that page, your filter will be preserved. Click “Clear Filters” to clear the filter if you wish to reset the view.

New product changelog

2020-10-12T19:49:00.001Z

If you look on the top-right corner of the Cloud Security Guardian interface, near the account dropdown, you will see a new widget: Announcements. This widget will notify you of new features and changes to Cloud Security Guardian as they are released. If there is an unread change, the icon will show a red dot; clicking the icon will show the latest updates.

You can also click “View more updates” at the bottom to see all updates.

Want to be notified via email whenever new changes are published? Click here: https://timeline.noticeable.io/UNK0IPJKrf25SIoybUkR/subscribe . You can also click the blue “Subscribe to Updates” button on the “View more updates” page.

Free-text search now available for Findings and Risks

2020-09-25T17:55:00.001Z

To make it easier to find the risk or finding you’re looking for, we’ve added a free-text search box to the Security Risks and Security Findings pages. The search box will search the title and description of the risks/findings and show only those that match.

Controls can now be filtered using a dropdown

2020-09-18T17:53:00.001Z

In response to customer feedback, we’ve replaced the Controls filter on the Security Risks and Security Findings pages. Instead of a flat list of hundreds of controls - which can be hard to navigate - we are now showing a tree view. This allows you to easily select or deselect groups of controls that you’d like to see, especially when you want to see a specific standard but filter out others. The “All” and “None” links at the top quickly select or deselect all so you can more easily filter what you want to see.

Welcome to Cloud Security Guardian 2.0!

2020-09-01T17:45:00.001Z

Barracuda Cloud Security Guardian 2.0 improves many of the features in the previous version, and adds some new capabilities. Some of the main features are:

You can now connect your AWS or Azure accounts without deploying any virtual machines or instances in those accounts. This saves you the cost of running the virtual machines, and makes onboarding new accounts faster.
You can now view your scan results in two ways: the Security Findings page shows all checks, both passed and failed; the Security Risks shows only the failed checks and is an easy “inbox” view into what you need to do to become compliant. Both pages have filters to help you narrow down what you’re working on.

If you were previously using Barracuda Cloud Security Guardian 1.0, all your settings have been automatically migrated to this version, except any custom security policies. If you need to migrate your custom security policies, please contact us at [email protected]" target="_blank" rel="noopener">[email protected].

For help using Barracuda Cloud Security Guardian 2.0, please refer to Barracuda Campus.

If you require any assistance, please contact us at [email protected]" target="_blank" rel="noopener">[email protected].