This is the first new capability Barracuda has added to the Total Email Security bundle since they created it last fall, and they say that others are on the way.
Security vendor Barracuda has announced that a new Forensics and Incident Response capability has been added to Barracuda Total Email Protection. It combines forensics and incident response capabilities together to automate incident response and take remediation actions, including things like detecting and removing infected emails which are already in employee inboxes.
Barracuda created the Total Email Protection Bundle last September, combining their existing Barracuda Essentials bundle with two more recent products, Barracuda Sentinel, which targets spear phishing, and Barracuda PhishLine. Barracuda Sentinel is designed to combat spear phishing, while Barracuda PhishLine is a social engineering simulation and training product to minimize the impact of phishing.
“We think that the Total Email Protection Bundle is the most comprehensive product available, providing multi-layered protection at the gateway, anti-phishing protection and security awareness training,” said Asaf Cidon, VP of Content Security at Barracuda. “It gives our partners more tools in their arsenal. This is the first new capability that we are offering as part of this bundle, and the first real glue that we have added between the different products.”
Cidon said that the new capability is significant and will save users a lot of time, whether they be customers or MSPs.
“The way it worked before, if a user reports an attack or a phish to the security team, security has to go through a long list of manual steps to remediate the issue,” he indicated. “It includes manually deleting the email, alerting employees about the email, and resetting the password. That process can be time consuming. As a result customers can spend a lot of time on it – or not do some of it at all. This automates the whole process. It searches for suspicious emails, deletes them once found using a unique API-based approach, and notifies employees. It’s so useful, that it’s like adding a new product, as opposed to an enhancement to the existing product.”
Cidon indicated that elements of these capabilities existed before in some of the products, but they were not being used in the proactive and systematic way that they are now.
“The Barracuda Email Security service, for example, had a search capability, but it wasn’t geared to incident response, and wasn’t geared to these specific workloads and use cases,” he indicated. “Our ability to retroactively delete emails from employee mailboxes leverages the APIs of Office 365 to do this. We have had the API-based capabilities for almost a year and a half with the launch of Sentinel, and this leverages the Sentinel capabilities, which we never really used for incident response before. We didn’t have the ability to find similar malicious workflows before. We didn’t have ability to group emails based on IP location. These are all net-new capabilities.
“From a technology perspective, this is exciting,” Cidon added. “This combines forensics and incident response capabilities for the first time, which I think makes us unique in the market.”
MSPs who manage sites for customers will benefit directly from these same new capabilities.
“Many do help desks for their customers, and this gives them SOC-like abilities,” Cidon said. “This will make their lives easier. The new capabilities are effectively both a security tool and an operational tool for MSPs that decreases the amount of time they have to spend on tasks.”
Forensics and Incident Response is now available with Barracuda Total Email Protection.
“This is just an addition to Total Email Protection – adding another checkmark on a new set of features,” Cidon said. “It won’t cost extra. We are trying to incentivize folks to go with this bundle and make it even more comprehensive. We will be adding more and more capabilities as we go forward. It’s a very competitive market so we always need to give customers more.”