Barracuda has launched Integrated Email Protection, an integrated cloud email security product designed to detect and remediate AI-driven threats across the full attack lifecycle.
The company said the product continuously detects and remediates threats, explains Microsoft 365 and Google Workspace verdicts, and enables post-delivery message clawback. It is built on the BarracudaONE platform and uses signals across email, identity, network, data, and applications to support single-tenant and multi-tenant environments, including managed service providers.
Barracuda said its research shows how quickly modern email attacks can escalate. In one red-team recreation of a multi-stage AI-powered attack, a phishing email moved to identity theft, multifactor authentication bypass, and endpoint compromise in minutes. The company also said one in seven compromised accounts is now used to launch additional attacks.
Rohit Ghai, Chief Executive Officer at Barracuda, said: “Email is no longer a human-centric communication platform; it’s an operational fabric where humans and AI interact, making it a much bigger target and amplifying the speed, scale and impact of attacks when threats go undetected.”
The launch sits within a wider shift towards cyber resilience as a regulatory and board-level concern. The UK’s Cyber Security and Resilience Bill, covered in Cyber bill raises resilience obligations, points to stronger expectations around continuity, supplier risk, and security standards across essential services and digital infrastructure.
Email remains one of the most persistent attack channels because it connects identity, communication, payments, documents, and business-process approvals. AI increases the risk by making phishing more convincing, faster to customise, and easier to scale. Attackers can generate tailored language, impersonate trusted contacts, create plausible documents, and adapt messages to specific roles or sectors.
Post-delivery protection has become more important as attacks evolve. Traditional email security often focused on blocking threats before they reached the inbox. Modern campaigns may change after delivery, activate links later, or use compromised accounts to bypass normal trust signals. Security teams need tools that can re-evaluate messages, pull threats back, and connect email events with identity and endpoint activity.
Cross-domain telemetry has become central to security platforms. A suspicious email may look manageable in isolation, but the risk changes if the recipient’s identity is behaving unusually, a malicious URL is activated, or related activity appears on an endpoint. Analysts need systems that connect signals quickly rather than leaving teams to reconstruct events manually.
Managed service providers face the same challenge across multiple customers. Multi-tenant visibility, explainable actions, unified quarantine, and automated remediation can reduce repetitive work and improve consistency, although customers and partners still need to understand what automated systems have done. Barracuda’s Bailey AI assistant is intended to provide plain-language explanations and allow teams to review or reverse automated actions.
Security automation is becoming more common because attack speed is outpacing manual response. Human oversight remains essential, but its role changes. People are most valuable in setting policy, reviewing high-risk decisions, investigating exceptions, strengthening controls, and ensuring automated systems do not create new operational blind spots.
Barracuda’s launch reflects the development of email security from point-in-time filtering into continuous lifecycle protection. As AI changes how attackers create, deliver, and adapt campaigns, inbox defence is becoming part of a wider resilience architecture connecting identity, data, applications, endpoints, and human judgement.
You must be logged in to post a comment.