Barracuda launches AI email protection for Microsoft 365

Barracuda has launched Barracuda Integrated Email Protection, aimed at Microsoft 365 and Google Workspace email environments.

The integrated cloud email security service uses artificial intelligence to detect and remove threats after they reach users' inboxes. It also includes post-delivery message clawback and explains security verdicts generated across Microsoft 365, Google Workspace and Barracuda systems.

The launch comes as Barracuda publishes new research on the pace of email-based attacks. In a controlled red-team simulation, a single phishing email led to identity theft, multifactor authentication bypass, persistence and endpoint compromise within five minutes.

That finding points to a broader shift in email security. The main challenge is no longer limited to blocking malicious messages before delivery. Attackers are increasingly using compromised accounts, automated tools and staged techniques that continue after an email arrives, increasing pressure on security teams to spot suspicious activity and respond quickly.

Barracuda said the product is built on its BarracudaONE platform and draws on signals from email, identity, network, data and application environments. It is designed for both single-tenant and multi-tenant use, making it suitable for managed service providers handling multiple customer environments.

Attack lifecycle

The system is intended to operate across what Barracuda describes as the full attack lifecycle. It not only assesses an incoming message at delivery, but also re-evaluates threats as new evidence emerges, including activity linked to URLs, identity signals and broader telemetry from connected systems.

Features outlined by Barracuda include automated threat investigation, tenant-wide remediation, a unified quarantine view and reporting designed to show threats stopped before and after delivery. The service can also consolidate Microsoft-quarantined emails into its own interface and rescan messages before release.

Barracuda has also tied the product to Bailey, its artificial intelligence assistant, which is designed to explain security decisions in plain language and let users review or reverse automated actions. The aim is to address concerns among customers and partners about opaque automated decision-making in security tools.

Rohit Ghai, Chief Executive Officer at Barracuda, framed the launch around changes in how email is used and attacked.

"Email is no longer a human-centric communication platform; it's an operational fabric where humans and AI interact, making it a much bigger target and amplifying the speed, scale and impact of attacks when threats go undetected," said Rohit Ghai, Chief Executive Officer at Barracuda.

"In the agentic AI era, effective security requires a platform approach that delivers continuous visibility and response across the full attack lifecycle. Barracuda Integrated Email Protection is fundamentally different because it correlates cross-domain signals in real time and turns them into automated, explainable action partners and customers can trust and control. The result is measurable, high-efficacy protection that stops threats as they evolve and makes cyber resilience dramatically easier," said Ghai.

Research findings

Barracuda's research also found that one in seven compromised accounts is now used to launch further attacks. The pattern supports lateral movement across identities, systems and data and may become more common as threat actors adopt more automation.

The figures underpin Barracuda's argument that email security products need to handle attacks that continue after a user clicks a malicious link or interacts with a message. That includes identity compromise, suspicious authentication activity and follow-on attacks launched from breached accounts.

Barracuda's wider threat intelligence operation analyses about 1.5 billion URLs a day and draws on hundreds of threat feeds. The company said the data is used to refine detection over time across hundreds of thousands of customer environments.

Customer response

Barracuda included comments from one customer, TriRx Pharmaceuticals, on the product's use in a changing threat environment.

"Barracuda Email Protection gives us genuine peace of mind in a rapidly evolving threat landscape. It goes beyond stopping attacks at delivery - proactively identifying and removing threats wherever and whenever they appear," said Scott Harris, Chief Information Officer at TriRx Pharmaceuticals.

"These new capabilities set a new standard for modern email security and give us confidence that we're protected as threats continue to evolve. It's a true game-changer for safeguarding our people and maintaining resilient operations," said Harris.

According to Barracuda, the product deploys through an API-based architecture, avoiding changes to mail exchange records and reducing disruption to mail flow. It is targeting organisations using Microsoft 365 and Google Workspace, as well as service providers that want a single view across customer tenants.

The launch adds to a crowded market for cloud email security tools, where suppliers are trying to distinguish themselves through automation, cross-platform visibility and post-delivery remediation as email threats become faster and less dependent on a single malicious message.