Q&A: Barracuda’s integration with Amazon Security Lake
We’re excited to share that today we announced that Barracuda Email Protection integrates with Amazon Security Lake. Amazon Security Lake automatically centralizes an organization’s security data from cloud, on-premises, and custom sources into a purpose-built data lake stored in a customer’s account. Barracuda Email Protection together with Amazon Security Lake can reduce the complexity and costs for customers to access their security data from an email security solution and address a variety of security use cases such as threat detection, investigation, and incident response.
To give you a closer look at this exciting new integration, the use cases for it, and how the integration can help you, we sat down to talk with Barracuda CTO Fleming Shi to get his insights.
Q&A with CTO Fleming Shi
How does the integration with Amazon Security Lake help Barracuda Email Protection customers?
The most important way it helps customers is by streamlining and optimizing delivery of security event data through Amazon Security Lake. We're not just sending logs. We are sending findings that are important and actionable, so they can use that data for threat hunting, feed it into their existing tools, and take action quickly.
What would the benefits be for customers, compared to what they might be doing before the integration?
In the past, they probably had to build out a logging service to ingest the logs from Barracuda, then identify the elements that are important to them. That’s something that takes a lot of a compute and storage resources.
With the integration with Amazon Security Lake, what we're delivering are already actionable events that are available in an appropriate format, in this case, the Open Cybersecurity Schema Framework (OCSF), which allows us to capture these alerts. We basically have done extra work for them and made it more optimized. By doing this with Barracuda and Amazon Security Lake, it reduces the complexity and increases the visibility into the threat vector.
What types of customers or use cases is the integration a good fit for? Who would get the most out of taking advantage of this integration?
This integration is a good fit for customers who are slightly larger and have a SIEM, SOAR, XDR, or some type of tooling or security practice that governs their overall posture, even potentially working with a partner like through an MSP or MSSP. Those types of customers will benefit from this because what they're getting is the important information they should know about while eliminating any extra noise they don't need.
In order to take advantage of the integration, you have to be a subscriber to Amazon Security Lake because you need to be able to hook up their subscriber mode to ingest the data. Now that ingestion will be much easier because we're working with Amazon Web Services (AWS) and the Open Cybersecurity Schema Framework, which allows us to standardize and make sure the findings are easily consumable.
What aspects of the integration are you most excited about?
As a leader in email and messaging security, what's exciting is we are the first email security solution to integrate with Amazon Security Lake, so we will be the first to drive some of the definitions of what it means to identify these threats. We get to make it super useful for the customer because we're not sitting still. We're going to be identifying attacks through these signals and findings and be at the forefront of email security. What's exciting to me is being that first one working with AWS to help them and the OCSF community to better define what email security means.
How does this integration fit in with Barracuda’s cloud first approach?
AWS is a cloud services provider, so they're super-fast at reaching people, and their infrastructure is fantastic. That's important because we want to make sure that when our shared customers move to the cloud, they have access to these security findings easily in a scalable manner. And we optimize the entire process, so they don't have to spend months getting infrastructure right and get the parsing all right.
This type of innovation reinforces that Barracuda is a cloud-first company. We are identifying opportunities with cloud providers like AWS and integrating with the types of cloud and SaaS tools our customers are using. In the past, we’ve integrated with other solutions like Splunk, IBM Q-Radar, and Stellar Cyber. It shows the way that we’re evolving, and it helps our customers because it fits where they are now.