Barracuda Improves Email Security With Forensics and Incident Response | eWeek

Barracuda Improves Email Security With Forensics and Incident Response

Barracuda Forensics
Jan 17, 2019
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Barracuda announced an update to its Total Email Protection platform on Jan. 17, providing organizations with new Forensics and Incident Response capabilities.

Total Email Protection is Barracuda’s flagship email platform that integrates multiple capabilities including email threat prevention as well as an advanced artificial engine that can mitigate the risk of spear phishing attacks. The Forensics and Incident Response capability now adds a new layer, enabling organizations to perform analysis and remediation.

“Forensics and Incident Response allows users to investigate malicious emails that were delivered to users retroactively and understand where they came from,” Asaf Cidon, vice president of content security at Barracuda, told eWEEK


Cidon added that the Forensics and Incident Response feature also enables organizations to find all copies of malicious emails and see which users clicked on any malicious links. For the response portion, the new feature enables organizations to notify all impacted email recipients, as well as provide the ability to delete or quarantine the emails retroactively. Cidon said that the forensics and response workflow did not exist in any of Barracuda’s email security products before.

Unlike some other email security technologies that Barracuda gained by way of acquisition, Cidon said that all of the technology for Forensics and Incident Response was developed in-house. Cidon sold his security startup Sookasa to Barracuda in March 2016, which helped to serve some of the foundational elements of the Barracuda Sentinel artificial intelligence capability for email that debuted in June 2017.

How It Works

Cidon explained that many of Barracuda customers already have users reporting suspicious emails to security and IT departments, which causes administrators to take many manual steps. Some of those steps involve Powershell scripts or manual sifting of mailboxes to locate emails, figuring out who received it, trying to manually delete it and notifying the affected users.

“This is a way for IT to automatically investigate and remediate these incidents, which saves significant amounts of time and effort,” Cidon said. “To clarify, this augments our automated security solutions, which automatically block malicious emails from ever reaching employees.”

Overall, Cidon said that the goal for the Forensics and Incident Response capability is to have it be a “connective tissue” across many of Barracuda’s other products. For example, once an attack is identified, Barracuda can also block any links that existed in the email from being opened from the network. Another example is to use the incidents found by IT teams that might have been clicked on or opened by users as content for future phishing simulation campaigns.

Looking forward for email security and Total Email Protection at Barracuda, Cidon said that the company is focused on preventing and detecting account takeover automatically. 

“Account takeover is when an attacker steals employee credentials and uses them to log in as the employee for malicious purposes, such as launching a BEC [business email compromise] attack, spreading phishing or malware, or stealing information,” Cidon said.

Cidon noted that Barracuda already has an account takeover detection capability in the market, and is working hard to make it even better, detecting different types of malicious activity, including forwarding rule changes and the suspicious deletion of emails.

“We continue to focus on preventing targeted attacks, especially BEC and zero-day phishing attacks,” he said. “We constantly work on improving detection rates and false positives by improving the AI by improving the natural language processing classification and adding new signals related to file attachments and links.”

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.