Barracuda provides networking, storage, and security solutions to protect email, networks, data, and applications. It offers email protection, applications and cloud security, network security, and data protection for healthcare, retail, financial, education, and government industries. The company was founded in 2003 and is based in Campbell, California.
ESPs containing Barracuda
The ESP matrix leverages data and analyst insight to identify and rank leading companies in a given technology landscape.
The email security market is focused on protecting organizations from cyber attacks that are delivered through email. These attacks can include phishing, ransomware, trojans, and other malicious payloads. Many vendors in this market also offer security awareness training to teach employees to be resilient against these attacks. Additionally, some solutions offer features for archiving communicatio…
Expert Collections containing Barracuda
Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.
Barracuda is included in 1 Expert Collection, including Cybersecurity.
These companies protect organizations from digital threats.
Barracuda has filed 118 patents.
Domain name system, Network protocols, Computer network security, Virtual private networks, Internet privacy
Domain name system, Network protocols, Computer network security, Virtual private networks, Internet privacy
Latest Barracuda News
Nov 21, 2023
Barracuda’s Cyberthreat Predictions For 2024 Predicting the future is difficult, but you can anticipate what is likely to happen by looking at how things have evolved over the past year. This year, Barracuda asked its experts who work on the security frontline, from XDR and offensive security to international product specialists, its security operations team, and more, about the things they witnessed in 2023 and expect to see in 2024. What most surprised you in 2023? Adam Khan, VP Global Security Operations: The MGM attack where a group known as Scattered Spider employed social engineering to deceive MGM help desk employees into resetting the passwords and MFA codes of high-value MGM employees. This access enabled them to infiltrate MGM’s managed IT service, Okta, to install an identity provider and create single sign-on for themselves. The breach also extended to the Microsoft Azure cloud environment, leading to multiple system vulnerabilities and exposure of customer data. The ransomware attack cost MGM Resorts an estimated $100 million — and it showed yet again how social engineering remains a powerful and ever evolving cyberweapon. Merium Khalid, Director, SOC Offensive Security: That the volume of business email compromises (BEC) we encountered was almost equivalent to the number of ransomware attacks. Ransomware is often perceived as the more prevalent and damaging threat, while BEC has been somewhat under the radar, with many businesses underestimating its potential impact. The near parity of these two threats highlights the evolving nature of cyber threats and the adaptability of cybercriminals. As organizations bolster their defenses against ransomware, attackers are diversifying their tactics, leveraging BEC as an equally lucrative avenue. Jesus Cordero, Director, Systems Engineering, SASE and Cloud: The increasing amount of open cybersecurity positions worldwide. The latest data from ICS2 shows that the number of unfilled security roles has reached just under 4 million and other research shows the gap grew by 350% between 2021 and 2023. Rohit Aradhya, VP and Managing Director, Engineering: The blissful unawareness of smaller companies and their employees of the impending threat to their business. Outside the security industry there is a general lack of awareness about the importance of protecting digital assets, digital transactions, and web portals, and the acceptable use of email, public cloud services and cloud storage, and many other digital services. Emre Tezisci, Product Marketing Manager, Zero Trust: Several large mass ransomware attacks that used exploits in software and weaknesses in IT supply chains to target multiple companies. For example, the MOVEit mass cyberattack, which exploited a data transfer software product, impacted millions of individuals and thousands of companies. What are the biggest security concerns on customers’ minds as we approach 2024? Stephan Schachinger, Senior Product Manager, IoT: That cybercriminals could be faster with the adoption of AI than the security industry. As a result of tools such as generative AI, the quality of attacks, especially social engineering such as spear phishing, has reached a new level that makes it almost impossible for human victims to distinguish between real and fake. MK: The bypass of multifactor authentication (MFA). While MFA is a trusted security measure, there’s a growing trend of cybercriminals finding ways to circumvent it. Another pressing issue is the threat from critical zero-day vulnerabilities and cloud-based risks from misconfigurations, inadequate access controls, and vulnerabilities in cloud infrastructure. Charles Smith, Consulting Solutions Engineer, Data Protection, EMEA: We’re seeing companies starting to worry that their backup solution could be compromised if they are attacked. Hackers employ various methods to seek out and destroy backup data prior to encrypting or extorting data, and on-premises solutions are particularly vulnerable to such attacks. ET: The speed of cyberattacks. Account takeover and phishing together with ransomware-as-a-service (RaaS) kits, where prices start from as little as $40, remain key drivers in cyberattacks. They help attackers carry out more attacks faster, with the average number of days taken to execute a single attack falling from around 60 days in 2019 to four in 2023. And what are they least prepared to deal with? SS: Most organizations are not prepared to defend themselves against targeted and high-quality attacks that we used to see only at the nation-state and intelligence agency level. That includes social engineering and technical attack vectors. If you add the use of AI, it’s clear that more organizations are going to face sophisticated attacks. CS: Companies are poorly prepared to deal with testing their data loss prevention (DLP) and recovery. When it comes to data protection, for example, many companies do the bare minimum — they implement a backup solution, schedule their backups to run daily, and think the job’s done. They generally don’t give any time to testing all types of data restoration or to documenting the steps so that anyone in the IT security team can implement the process when under pressure. MK: MFA bypass. While zero-day vulnerabilities and cloud-based attacks are recognized threats that have been in the spotlight for some time, the increasing sophistication in bypassing MFA is a relatively newer challenge. Sheila Hara, Senior Director, Product Management, Email Protection: Image-based attacks. These attacks exemplify the evolving nature of cyberthreats. They include steganographic payloads where cybercriminals embed malicious code, text, or files within images. This payload can be extracted using specific tools, allowing attackers to conceal their intentions. There is also malicious watermarking, where attackers add imperceptible watermarks to images, containing encoded information or links to malicious content; and polyglot files that are crafted to be interpreted as both valid images and executable files, allowing attackers to bypass certain security checks. What do you expect attackers to focus on most in 2024? MK: AI-powered attacks and more targeted ransomware campaigns. Attackers are leveraging advanced AI algorithms to automate their attack processes, making them more efficient, scalable, and difficult to detect. These AI-driven attacks can adapt in real time, learning from the defenses they encounter and finding innovative ways to bypass them. Ransomware attacks are evolving into more targeted campaigns as cybercriminals focus on critical infrastructure and high-value targets, aiming to inflict maximum damage and, in turn, demand exorbitant ransoms. Peterson Gutierrez, VP, Information Security: There seems to have been a great deal of energy spent by cybercriminals on account takeover attacks in 2023. I think we will see a continued and concentrated effort by threat actors to attack identities first and foremost, as this affords them a variety of pivot points for additional attacks. SH: 2024 may see new threats emerge based on technological advancements, geopolitical events, and changes in attacker tactics. This may include deepfake and synthetic media attacks. As deepfake technology advances, attackers may use it for disinformation campaigns, impersonation, or to manipulate media for malicious purposes. At the same time, established attacks including ransomware, supply chain attacks, and data privacy violations are likely to continue and increase. Attackers may focus increasingly on exploiting vulnerabilities in IoT and operational technology (OT). JC: I see two trends. The first one is the continuation of the usual threat vectors as attackers know that companies are both understaffed with inexperienced IT teams and grappling with possibly legacy, outdated, or misconfigured solutions. The second one is the natural evolution of technology — as we enhance our security assets with AI-based solutions, we are automatically creating new attack vectors that are crafted based on the quality of results of generative AI itself. As AI-enabled cyberattacks take deeper hold in 2024, will security vendors need to do more to help companies deal with attacks? SS: Organizations should prepare themselves for compromise. This means that, in addition to the initial prevention, we should focus on the detection of ongoing attacks and the corresponding response, for example with decentralized security at the edge. MK: The inherent adaptability of AI-driven threats, which can analyze defenses and recalibrate their tactics in real time, challenges the traditional preventive measures. Security vendors must equip organizations with tools not only for rapid breach detection, but also for understanding the scope and containing the threat swiftly.
Barracuda Frequently Asked Questions (FAQ)
When was Barracuda founded?
Barracuda was founded in 2003.
Where is Barracuda's headquarters?
Barracuda's headquarters is located at 3175 Winchester Boulevard, Campbell.
What is Barracuda's latest funding round?
Barracuda's latest funding round is Acq - Fin.
How much did Barracuda raise?
Barracuda raised a total of $40M.
Who are the investors of Barracuda?
Investors of Barracuda include KKR, Thoma Bravo, Sequoia Capital, Francisco Partners and Focus Ventures.
Who are Barracuda's competitors?
Competitors of Barracuda include Mimecast, Opswat, WatchGuard Technologies, ThreatLocker, Censornet and 7 more.
Compare Barracuda to Competitors
SonicWall focuses on cybersecurity, operating within the information technology and services industry. The company provides real-time breach detection and prevention solutions, designed to secure business and mobile networks, emails, applications, and data. It primarily serves small to medium-sized businesses and enterprises worldwide. It was founded in 1991 and is based in Milpitas, California.
Sophos provides information technology services. It offers security and data protection, data loss prevention, patch assessment, full-disk encryption, firewall, intrusion prevention system, mobile device management, wireless security, and network access control. It offers its solutions in a wide range of industries such as education, healthcare, manufacturing, retail, and more. The company was founded in 1985 and is based in Abingdon, United Kingdom.
Proofpoint operates as a security and compliance solutions company. It offers email, mobile, desktop, cloud, digital risk, and information protection products to provide security awareness training, archiving, and compliance solutions. The company serves the federal government, higher education, financial services, healthcare, and other industries. The company was founded in 2002 and is based in Sunnyvale, California.
IRONSCALES provides an artificial intelligence-driven email security platform. The company offers ransomware protection, credential theft protection, account takeover protection, security awareness training, phishing stimulation testing, and more. It primarily serves the cybersecurity industry. The company was founded in 2014 and is based in Atlanta, Georgia.
WatchGuard Technologies is a global leader in unified cybersecurity, operating in the network security, secure Wi-Fi, multi-factor authentication, and endpoint security sectors. The company offers a range of products and services including network security solutions, secure Wi-Fi systems, multi-factor authentication services, and endpoint security solutions, all designed to protect and secure various aspects of an organization's digital infrastructure. WatchGuard primarily serves security resellers and service providers, with over 250,000 customers protected by their solutions. It was founded in 1996 and is based in Seattle, Washington.
Netskope operates a global cybersecurity company. It offers a range of products and solutions, including the intelligent security service edge (SSE) platform, which provides security for people, devices, and data. Its services include protection against advanced and cloud-enabled threats, secure access to web and cloud applications, and data loss prevention. It primarily serves the cybersecurity industry. The company was founded in 2012 and is based in Santa Clara, California.