Barracuda Sentinel Uses Machine Learning to Detect Spear Phishing | eWeek

Barracuda Sentinel Uses AI to Detect Spear Phishing Attacks

Data security
Jun 29, 2017
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Asaf Cidon sold his security startup Sookasa to Barracuda in March 2016 and has been busy helping to build new technologies for Barracuda ever since. One of those new technologies was announced on June 28, with the debut of the Barracuda Sentinel service designed to help detect spear phishing and improve email security.

“Our team from Sookasa has been working on communication and content security which led lead us to this new product, Barracuda Sentinel,” Cidon told eWEEK. “Sentinel leverages a lot of the work we had already done using the APIs of cloud services.”

The new Barracuda Sentinel service uses machine learning and artificial intelligence technology to help identify potentially malicious email attacks and targeted spear phishing. Cidon said that Sentinel uses a combination of different machine learning technologies including Apache Spark, to conduct analysis of email messages. 

As opposed to mass spam attacks, targeted spear phishing attacks take specific aim at a particular user. Spear phishing attacks can also lead to Business Email Compromise (BEC) fraud, with attackers tricking users into paying fraudulent account invoices. BEC is a large problem which resulted in losses of over $360 million in 2016 according to the latest statistics compiled by the FBI’s Internet Crime Complaint Center (IC3).

Cidon explained that traditional email security systems tend to rely on global rule bases to make decisions on spam and malicious email content. With Barracuda Sentinel the approach is different, as the system provides a unique set of rules for each specific customer. The rules are learned by the artificial intelligence technology back end, based on each specific company’s communication patterns. Barracuda is not storing user emails as part of the Sentinel service, but rather is extracting what Cidon referred to as ‘signals’ that can help to determine the authenticity of a given email interaction.

On initial deployment, Cidon said that Barracuda Sentinel will spend time to analyze the normal context of communication within an organization to learn what is normal and expected behavior. The system swill build a unique database for each customer based on the machine learning activity to identify when there is any type of email that appears to be outside of the normal patterns.

In the past, building a specific user database for each company would have been a large and complicated task. Cidon said that Barracuda is using Amazon Web Services and specifically the Amazon EC2 Container Service (ECS) to easily build and scale out the required software infrastructure.

“Using ECS it’s actually pretty easy,” Cidon said. “With containers and Spark we can build unique user profiles completely automatically.”


DMARC

In addition to helping organizations detect potential spear phishing attacks, Barracuda Sentinel also provides organizations with capabilities to improve the security of email overall. Among the capabilities is DMARC (Domain-based Message Authentication, Reporting and Conformance) configuration for an organization’s email domain. DMARC is a technology approach that can help improve email authenticity and reduce email domain spoofing.

“We provide a set of tools that help organizations to setup DMARC properly,” Cidon said. 

Among the DMARC configuration tools are analytics to understand email configuration across a large organization. Cidon said that there are also tools to help identify if someone is attempting to spoof a company’s email domain as well. Additionally, the Barracuda Sentinel service provides user training and simulation capabilities.

“We can simulate attacks against the highest risk employees and train them to be aware,” Cidon said. “It’s always important to make sure employees have awareness because no technology is 100 percent perfect.”

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.