What’s New - Q1 2025

Advanced Threat Protection (ATP) improvements

• More effective in detecting malicious HTM(L) artifacts/attachments detection.
• Added support for SVG files.
• Improved scan time for links and documents.

Expanded ML models

Improved classifiers for phishing, extortion, Business Email Compromise (BEC), and DocuSign lookalikes.

Enhanced Email Threat Scanner

New filters allow scanning threats from 30 to 365 days, reducing false positives.

Account takeover prevention

Strengthened detection with phishing classifier integration.

Email spoofing protection

150% increase in spoofing detections with new fraud weight signals.

Deepfake benchmarking campaign

Security Awareness Training (SAT) holds a free AI deepfake phishing simulation for customers in April.

SVG file scanning

New ATP feature detects threats in weaponized SVG files used for phishing.

Scheduled reports for Email Gateway Defense (EGD)

Customers can now automate report generation and email delivery.

New Incident Response reports

Offering actionable security recommendations to prevent future attacks.

Updated reported email tracker

Customers now receive feedback on incorrectly blocked/delivered emails.

Sender authentication improvements

EGD now prioritizes Barracuda headers over Microsoft for more accurate authentication results.

Allowed senders exemptions

Impersonation Protection (IP) and Incident Response (IR) now support better whitelisting controls.

Encrypted email recall

Admins can now retract encrypted emails mistakenly sent to wrong recipients.

EGD now live in India

Expansion into AWS regions to serve global customers.

Microsoft 365 inline deployment

New mail flow rules allow EGD deployment without MX record changes.

Enhanced filtering for Microsoft 365

Aligning with Microsoft's best practices for better email security integration.

Unified admin UI

The new interface is now the default for new customers, streamlining all email security products.

EGD login experience update

A modernized authentication process with a smoother workflow.

Simplified EGD/IP/IR navigation

Improved message log layout and condensed filters for better usability.

Email warning banners

Now available in open beta for all customers, improving threat awareness.

EGD end-user UI

Fully rolled out to all customers, replacing the legacy interface.

Threat intelligence integration

When a threat is confirmed by a human reviewer or labeler, IR now automatically removes the corresponding emails from all tenants, ensuring rapid remediation across the board.

SOC/XDR integration

Through the IR API, we’ve integrated with Security Operations Center (SOC) and Extended Detection and Response (XDR) platforms, enabling security teams to remediate emails directly within the XDR UI (SKOUT), streamlining response workflows.

Barracuda Backup: Scalable appliances

BBS 3004 appliance is designed to provide seamless scalability and flexibility to enable comprehensive data protection with rapid recovery if an event occurs.

Barracuda Cloud-to-Cloud Backup: Entra ID backup

Backup and protect the User, Group, Role, and Administrative Unit object types from Microsoft Entra ID.

Barracuda Cloud-to-Cloud Backup

Malware scanning on restore leverages ATP to detect malware with 16.1 million items scanned to date that have uncovered over 1,700 malicious items.

Alert enrichment

Context within alerts is enhanced with Barracuda AI to provide clarity on what is happening and why you are being alerted. This powerful integration significantly reduces alert response times and optimizes SOC resource utilization.

Microsoft Defender support

Integration with Microsoft Defender allows XDR to incorporate feeds for single and multi-tenant applications.

Automated Threat Response (ATR)

Automatically contain and block threats from malicious traffic. Support was added for feeds from Cisco Meraki, Fortinet FortiGate, and SonicWALL, Microsoft 365, Palo Alto Firewalls, and Sophos XGS.

Microsoft 365 Anomalous Login and Impossible Travel Detection

A proprietary machine learning model now enhances the detection of anomalous Microsoft 365 logins for improved alert accuracy and optimized alert volume by analyzing 30 distinct features associated with potential user compromise events.

Barracuda SecureEdge Access

• New onboarding wizard that rapidly guides customers through the major steps required to set up and start seeing value from Zero Trust Network Access (ZTNA).
• SecureEdge Access now has the option to work with local users and groups without the need to integrate with centralized user directories/identity providers.
• SecureEdge Manager allows administrators for mass enrollment for SecureEdge Access with their respective devices. You can now enroll multiple groups and users at the same time.
• A new SecureEdge Access dashboard was created to enable administrators to visualize the management of traffic information and status for connected users, resources, and custom applications.

Barracuda SecureEdge enhancements

• SecureEdge Access Global and User Settings improvements ensure that the system is tamper proof, ensuring users cannot disable the access agent or unenroll from the system. Users can now also enroll multiple devices using the same enrollment link. Administers can limit the number of devices that each user can leverage.
• SecureEdge Identity management improvements enable extensive integrations with popular identify providers and user directories.
• Secure Internet Traffic from LANs. Administrators can configure Secure Internet Traffic from LANs on the Private Edge Service, meaning administrators can secure Internet Traffic from the LANs of downstream Sites and downstream Private Edge Services on a Private Edge Service and can choose to backhaul and secure all Internet traffic from the downstream Site's LAN networks.
• SIP Proxy Support: The Barracuda SecureEdge Manager now allows administrators to enable/disable the SIP Proxy feature for all connected infrastructures with respect to an individual workspace. 

Barracuda SecureEdge Connector

An enhanced SecureEdge Connector is now available. The Barracuda SecureEdge Manager allows administrators to configure the SecureEdge Connector to keep your devices secure by redirecting their traffic through a secure VPN connection. You can now deploy the Connector in Routed mode. This requires Routed mode to be activated. You can also use the Connector for app-to-app communication between Connectors or between a Connector and the SecureEdge environment.

Barracuda SecureEdge Agent improvements

Many improvements have been made to the SecureEdge Agent, including link less enrollment for large scale deployments, support for device pre login, ability to silently block websites, support for dynamic DNS updates with Active Directory and additional languages support.

Support for Barracuda SecureEdge Access with MSP App

Managed Service Providers can now manage their SecureEdge (SE) Access seats via the MSP app.

Web Security Gateway (WSG) migration tooling

WSG customers can now seamlessly migrate their existing web security policies over to SecureEdge, enabling customers to benefit from the strong and more modern web security capabilities in SecureEdge.

Cross-Regional Load Balancing (XRLB)

New support for Global Static IPs through Azure Cross-Regional Load Balancing, enabling DNSSEC-dependent customers to migrate from Legacy DC to Azure WAFaaS. This addresses the limitations of DNS CNAME-based solutions while maintaining regional redundancy.

Intelligent login page security

Automatic detection of application login pages with targeted security policies against common attack vectors. Implements protection against:

• Brute Force – Blocks repeated unauthorized access attempts to web applications.
• Credential Stuffing – Prevents access using stolen username/password combinations.
• Credential Spraying – Blocks attempts using common passwords with valid usernames.

Advanced GenAI bot protection

Enhanced Advanced Bot Protection now detects and blocks AI-powered bots in near real-time, protecting proprietary content and maintaining competitive integrity. Leverages machine learning models and crowd-sourced intelligence with visibility through the ATI dashboard.

Enhanced API discovery

Improved API identification and cataloging system that provides faster discovery and real-time monitoring of APIs across your environment. Helps maintain security posture by reducing unauthorized access risks and enabling better vulnerability management