Earlier today we announced the launch of Barracuda Sentinel, an exciting new intelligence service that is designed to stop spear phishing and cyber fraud.
Barracuda Sentinel is the leading comprehensive solution engineered specifically to protect people, businesses, and brands from spear phishing and cyber fraud. It combines three dedicated layers of defense:
- Artificial Intelligence (AI) Real Time Spear Phishing Prevention
- Domain Fraud Visibility and Protection
- Anti-Fraud user training
To learn more about this, we're talking to Asaf Cidon, VP Content Security Services. If you're familiar with our blog, you'll know Asaf from his monthly blogging on threat spotlights and other security issues. Asaf has a long and successful history as a security expert and is one of the leaders of Barracuda Sentinel.
Q: Why create a solution specifically for spear phishing and cyber fraud?
To answer that, let's start with what makes spear phishing so dangerous. Attackers go to great lengths to personalize a message that will earn the trust of the recipient. The email is typically a clean message, which means that there aren't malicious links or attachments to trigger sandboxing. And because the email is so personalized and unique, rules-based detection that looks for high volume attacks will not help. In short, people are more vulnerable to this type of attack.
To stop impersonation you have to understand internal patterns … who’s talking to whom, when, how frequently, is the conversation typically one way or not, which email addresses are they using, etc.
Our AI engine ingests a large number of signals related to the metadata of the message (who’s sending to whom) and its content, which allows it to determine with a high degree of certainty whether or not the message in question is spear phishing.
We take that information – that messaging intelligence – and combine it with other data to determine with a high degree of certainty whether or not the message in question is spear phishing.
The AI engine is powerful because it can identify impersonation attempts and stop these attacks in real time. It also gives a view into those individuals who are at highest risk of both being impersonated and being targeted
Spear phishing is growing. The FBI reports that organizations have already lost $5 billion to these attacks. Barracuda Sentinel is stopping these attacks.
Q: How does Barracuda Sentinel learn patterns and stop impersonation?
Barracuda Sentinel uses the Artificial Intelligence engine mentioned above and combines it with big data analysis of Domain-based Message Authentication, Reporting and Conformance (DMARC) reports. DMARC allows us to get feedback on which senders are sending emails with the company’s domain. By correctly setting up DMARC, customers can prevent domain spoofing and brand hijacking. Barracuda Sentinel makes it easy for companies to implement, monitor, and enforce DMARC.
Q: Will Barracuda Sentinel slow down email delivery or internal networks?
No. Barracuda Sentinel uses an API-based approach, which ensures that there is zero impact on network performance. This API approach also makes Barracuda Sentinel easily extendable to other platforms beyond email and beyond Office 365. Our technology is transparent. The customer doesn’t even know we are there.
Q: How long does it take Barracuda Sentinel to learn patterns and become effective at stopping spear phishing and cyber fraud?
Our API-based architecture is designed to provide our customers with instant protection. It literally takes only minutes to setup Barracuda Sentinel. Once it is setup, it automatically starts learning existing communication patterns. It typically takes it an hour or so to be ready to start intercepting live attacks.
If you would like more information on Barracuda Sentinel, take a look at these resources:
To get started with Barracuda Sentinel, click here.
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology and project management credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.
Connect with Christine on LinkedIn here.