Barracuda Acquires Evo Security: Advancing Complete Identity-Driven Cyber Resilience for the AI Era
Key takeaways
- Barracuda acquires Evo Security to deliver the industry’s most comprehensive partner-first platform unifying privileged access management (PAM), access control, identity protection, and identity threat detection and response.
- Identity‑based attacks are accelerating in the AI era; there is a 71% increase in attacks using stolen credentials, making unified identity security essential for modern cybersecurity.
- Together, BarracudaONE and Evo Security will deliver complete identity resilience across the full attack chain, helping MSPs and organizations stop credential‑based attacks, reduce operational complexity and strengthen cyber resilience at scale.
Cyberattacks have entered a new phase – one where identity is the primary battleground, and AI is accelerating both the speed and sophistication of threats. Organizations and channel partners need security that protects every identity, every access decision and every stage of the attack chain. Today, Barracuda is taking a major step forward in delivering complete identity‑driven cyber resilience.
Barracuda has acquired Evo Security, an identity and access management (IAM) provider purpose‑built for managed service providers (MSPs). As organizations increasingly recognize identity as the foundation of cybersecurity, global IAM investment is surging, with industry analysts projecting sustained double-digit annual growth. By combining Evo Security’s MSP‑first IAM capabilities with the intelligent BarracudaONE® platform, we will deliver the industry’s most comprehensive partner‑first identity security stack. Together, the integrated platform will unify privileged access management (PAM), access control, identity protection, and identity threat detection – forming a complete identity‑driven cyber resilience foundation engineered for the speed, scale and sophistication of AI‑era threats.
Why identity security must change
Identity is now the new front door, and attackers are exploiting it at unprecedented speed. The IBM X-Force Intelligence Index reports a 71% year-over-year increase in attacks involving stolen credentials, underscoring a fundamental shift: attackers aren’t breaking in anymore – they’re logging in.
AI is accelerating this shift event further. Generative models now enable adversaries to craft highly convincing, personalized phishing messages at massive scale, lowering the barrier to entry for credential theft. At the same time, autonomous AI agents with broad infrastructure access are emerging across enterprise environments, introducing identity risks that traditional IAM tools were never designed to manage.
The problem is clear: existing identity solutions were built for a different era – one defined by employees logging into on‑premises systems with simple usernames and passwords. That world is gone. Today’s identity landscape is dynamic, distributed and increasingly machine‑driven, demanding modern identity security that can operate at the speed and sophistication of AI‑powered threats.
Attackers now use AI to automate credential‑stuffing, generate phishing emails that reference real projects and people, and even create deep-fake audio of executives requesting urgent financial actions. Human‑driven defenses cannot keep pace with attacks running at machine speed.
Once attackers obtain credentials, they immediately target admin rights. Even mature organizations are breached because admin accounts lack multifactor authentication (MFA). Standing administrative privileges remain target number one, making just‑in‑time privilege management essential.
Identity infrastructure has also become a primary ransomware target. Modern campaigns delete Entra ID users and groups to block recovery, while supply chain attacks steal OAuth tokens to pivot into downstream systems. Identity infrastructure itself must be protected – not just the users it manages.
Meanwhile, identity operations are overloaded. Roughly 50% of help desk tickets are access‑related: password resets, elevation requests, account lockouts. Without automation, identity becomes a bottleneck.
Barracuda + Evo Security: Built for the AI era
Evo Security’s IAM capabilities will extend BarracudaONE with integrated PAM and automated elevation – essential components of complete identity‑driven cyber resilience.
Just‑in‑time PAM eliminates standing privileges – the first thing attackers target – by making admin access temporary, audited and automatically revoked. Automated privilege elevation uses AI to evaluate access requests based on user behavior and context, approving routine needs while blocking suspicious elevation attempts. Together, these controls directly resolve one of the biggest operational burdens: half of all MSP help desk tickets are access‑related.
This shift is fueling rapid market expansion. The PAM managed services market reached $5.2 billion in 2024 and continues to grow at 12.6% annually, creating a significant and fast-moving opportunity for MSPs to deliver high-value, identity-centric security services.
Barracuda provides the broader security foundation MSPs and channel partners need to protect identities, users, data, and infrastructure – all delivered through BarracudaONE. Combined with Evo Security’s IAM capabilities, the platform will deliver a unified, identity‑centric security model designed for complete identity‑driven cyber resilience:
- Identity foundation (new with Evo): PAM‑powered secure authentication and access. Even if attackers obtain credentials, PAM prevents privilege escalation.
- Zero trust network access (ZTNA): Barracuda SecureEdge ZTNA enforces identity‑driven, least privilege access to internal apps – no broad network access.
- Identity protection: Barracuda Entra ID Backup protects identity infrastructure from ransomware, accidental deletion and malicious changes.
- Managed XDR: 24/7 threat detection correlating signals across endpoints, network, cloud, and identity. Barracuda Managed XDR will use Evo Security’s authentication logs and privilege changes to detect credential compromise, privilege escalation and lateral movement – even when attackers use valid credentials.
How Barracuda and Evo Security will work together
Consider a real-world scenario: an attacker compromises employee credentials and attempts to escalate privileges to deploy ransomware:
- PAM blocks privilege escalation – no standing admin rights exist.
- SecureEdge ZTNA restricts access to only authorized applications.
- Managed XDR detects anomalous authentication by correlating Evo logs with endpoint behavior.
- Automated response isolates the endpoint, revokes sessions and rotates passwords.
- Entra ID Backup restores identity infrastructure if attackers attempt destructive changes.
Each layer reinforces the next, creating a comprehensive, unified defense across authentication, access, protection, and detection – the essence of identity‑driven cyber resilience.
AI-ready identity security at machine speed
As AI reshapes both attacks and defenses, identity security must operate at machine speed – and it must be AI-ready. BarracudaONE and Evo Security together will deliver AI-infused identity protection that evaluates access requests, detects anomalies and responds to threats automatically, keeping pace with the speed and sophistication of AI-powered attacks.
Evo Security’s privilege elevation engine uses AI to assess access requests in real time, approving legitimate needs while escalating suspicious ones – giving users self‑service flexibility without weakening security. Managed XDR will extend this protection by applying behavioral analytics across identity, endpoint and network activity. By correlating Evo Security’s authentication and privilege signals with broader telemetry, Managed XDR will be able to surface credential compromise even when attackers are using valid credentials. When threats emerge, automated playbooks act instantly: revoking sessions, isolating endpoints, rotating passwords, and blocking network access – eliminating the delay of manual intervention.
This AI‑ready foundation is also built to protect non‑human identities, including emerging agentic AI systems that interact with infrastructure autonomously. As organizations adopt AI agents to perform operational tasks, just‑in‑time credentialing becomes even more critical. Temporary, scoped, automatically revoked access ensures agentic identities cannot be exploited, misused or escalated – providing the same level of protection for machine‑driven workflows as for human users.
Together, these capabilities give organizations of all sizes complete identity security through a single, unified platform – eliminating the complexity of stitching together multiple tools and delivering enterprise‑grade resilience that’s easy to adopt and operate.
For MSPs, the combined BarracudaONE platform and Evo Security capabilities consolidate identity and infrastructure protection while opening new revenue opportunities. MSPs can reduce vendor sprawl, strengthen customer defenses and deliver identity security as a profitable managed service. And with true multi‑tenant architecture, partners can manage hundreds of customer environments from a single dashboard, making identity‑driven cyber resilience both scalable and efficient.
Barracuda forward looking statement disclosure
The statements above are intended to outline our general product direction and may include forward-looking statements about Barracuda product plans, features, and/or functionality. This content is provided for informational purposes only and may not be incorporated into any contractual commitment. Any forward-looking statements are based on current expectations and beliefs and involve risks and uncertainties that may cause actual results to differ materially from those expressed or implied.
This document is not a commitment to deliver any specific feature or functionality. The development, release, and timing of any features or functionality described for Barracuda's products remains at the sole discretion of Barracuda. Actual results may vary due to various factors including, but not limited to, technological challenges, market changes, and economic conditions.
Forward-looking statements should not be relied upon in making purchasing decisions, and Barracuda is not obligated to update these statements to reflect subsequent events or circumstances.
2026 Email Threats Report
Learn how AI and phishing-as-a-service are reshaping the email threat landscape and how to stay protected
Subscribe to the Barracuda Blog.
Sign up to receive threat spotlights, industry commentary, and more.
The Managed XDR Global Threat Report
Key findings about the tactics attackers use to target organizations and the security weak spots they try to exploit