Barracuda Email Protection - Incident Response
Minimize email-attack damage with fast, automated response

Barracuda Products

Barracuda Email Protection - Forensics and Incident Response

Barracuda Email Protection, Incident Response, per User, 1 Year (minimum 25 users)

#EP-IR-Usr-1Y
List Price: ~~$46.80~~
Our Price: $44.46

Barracuda SaaS Premium Support

SaaS Premium Support, Subscription 1 Year

#SaaS-Premium-Support
List Price: ~~$2,880.00~~
Our Price: $2,736.00

Overview:

No email defense technology can protect against increasingly advanced email threats 100 percent of the time. Some advanced social engineering attacks like business email compromise will reach users’ mailboxes. And when they do, you need to respond quickly and accurately to minimize the scope and severity of damage.

Barracuda Forensics and Incident Response is a powerful SaaS solution that lets you remediate threats quickly and efficiently, by automating investigative workflows and enabling direct removal of malicious emails.

Automate incident response in attack scenarios.

The timing and effectiveness of your response are critical when your organization is under attack. Barracuda Forensics and Incident Response automates your response workflow to dramatically reduce the time to remediation and the impact of the threat. Search all delivered mail, create incidents, and delete emails from user inboxes with just a few clicks. Remediate threats within minutes, instead of hours or days.

Limit damage from email attacks.

Manual intervention can waste valuable time during attacks, allowing threats to spread and damage to escalate. Barracuda Forensics and Incident Response gives you immediate insight into users who have interacted with, forwarded, or replied to malicious messages, helping you contain threats faster. Forensics and Incident Response also enhances your web security by blocking malicious links for your entire organization.

Prevent future attacks with real-time forensic analysis and community threat intelligence.

Barracuda analyzes the source of inbound messages and identifies anomalies, giving you the insight needed to prevent future attacks. It also leverages community intelligence to alert of potential threats identified by other Barracuda customers. Continuous remediation ensures your users won’t be susceptible to new instances of threats you’ve previously remediated.

Reduce the impact and cost of email attacks.

When email-borne attacks evade security and land in your users’ inboxes, you need to respond quickly and accurately to prevent damage and to limit the spread of the attack. Responding to attacks manually is time-consuming and inefficient, which allows threats to spread and damages to increase.

Barracuda Incident Response automates these processes to ensure that you quickly identify the nature and scope of the attack, immediately eliminate malicious emails, and carry out remediation actions rapidly to halt the attack’s progress and minimize damages.

Respond faster and more effectively with:

Post-delivery threat removal
Notification of affected users
Fast click-through remediation
Security incident alerts
Automated response playbooks

Respond immediately to email-borne attacks.

When malicious email is reported to IT, Barracuda Incident Response lets you immediately search all delivered email, by sender or subject, to identify all internal users who have received it. You can then automatically remove all instances of the threat-bearing email. Automatic remediation will identify and remove email messages that contain malicious URLs or attachments post-delivery directly from user’s mailboxes without your involvement.

Automate your entire incident response process.

Incident response playbooks help outline effective response workflows but often include manual, repetitive tasks that can be time-consuming to complete. Our Automated Workflow functionality empowers you to build custom playbooks and completely automate your response to a variety of email events, across a range of solutions. Additionally, our public APIs allow you to integrate response data with your SIEM/SOAR/XDR platforms to streamline operations and further preserve IT resources.

Limit damage.

In addition to identifying who received the malicious email, Incident Response lets you identify the users who actually clicked on a malicious link. It can then automatically deliver instructions to update passwords or take other actions to limit the spread of the attack. These users can also be assigned enhanced security awareness training to prevent future incidents.

Gain insights to prevent future attacks.

Incident Response has powerful analytic capabilities that allow you to use insights gathered from analysis of delivered email to identify anomalies in email that’s already in your users’ inboxes. For example, you can review geographies where inbound email is coming from, and proactively identify malicious email from countries you don’t usually do business with. You can prioritize and uncover new threats using data on potential incidents related to ones already created by you or other Barracuda customers, and on threats that are currently circulating and have been identified by Barracuda intelligence. This insight will help your team to identify threats that otherwise go unnoticed.

Integrated domain-based phishing protection.

Barracuda Incident Response also has content-security capabilities to offer protection across email and web. It detects and automatically blocks malicious domains contained in phishing emails for all users using API integration. DNS phishing protection works seamlessly to provide a unified threat management response against advanced attacks. This feature is available to customers of Incident Response and Barracuda Content Shield.

Features:

Threat hunting

Threat reporting by employees

Outlook Add-in provides one-click threat reporting
Enable your users to act as the strongest line of defense

Threat identification with Barracuda Insights

Use Barracuda Insights to discover and identify threats
Identify anomalies in delivered email.
Get geo-IP threat insights

Locate potential incidents in Office 365 mailboxes:

Related Threats – Threats based on an incident you already created
Post-Delivery Threats – Based on Barracuda’s (community) intelligence on currently circulating threats that might already be present in your inbox

Uncovering malicious emails and preventing attack spread

Identify malicious emails based on geo-reporting
Block future emails coming from specific regions

Remediation

Advanced search with context and relevance

Search by user and incident

User behavior and compromised accounts

Review users who clicked on malicious links or forwarded or replied to malicious emails
Identify high-risk users that may require security awareness training

Create incidents

Search through delivered mail and create incidents

Malicious email deletion

Delete emails directly from user inboxes
Remediate threats within minutes

Automation

Automatic remediation

Automatically remove all messages that contain malicious URLs and attachments post-delivery

Automatic User Alerts

Send alerts automatically to all users who received malicious email

Domain-based phishing protection

Detect and automatically block access to malicious domains and URLs in phishing emails
Seamlessly leverage APIs to share info with Barracuda Content Shield

Continuous remediation

Delete copies of malicious emails that arrive after the initial remediation

Automated workflows

Create and enable custom response playbooks

API integration

Export event data to SOAR/SIEM/XDR platform

Deployment and availability:

Available to Microsoft Office 365 users worldwide

100 percent cloud-based

No hardware or software required to install or maintain

Works alongside any email security solution

Barracuda Essentials—email security, archiving, and backup for Office 365
Sentinel—AI-powered phishing detection and protection
PhishLine—advanced computer-based securityawareness training
Microsoft Exchange Online Protection (EOP)
Other email security gateway solutions

API-based architecture

Direct connectivity to Office 365
Zero impact on network performance or user experience
Fast, easy setup

Plans:

Incident Response is included as part of Barracuda Email Protection Premium and Premium Plus. Find the plan that's right for you.

Combine email gateway and artificial intelligence to block threats.
Ensure protection against all 13 email threat types.
Automatically remediate post-delivery email threats.

Includes everything from Advanced.
Protect your brand from domain fraud.
Make web browsing safe for your users.
Automate post-delivery threat hunting and response.

Includes everything from Premium.
Improve user security awareness.
Protect and restore your Office 365 data.
Discover sensitive data and undetected stored malware.
Demonstrate compliance with regulatory requirements.

Capabilities	Advanced	Premium	Premium Plus
Spam and Malware Protection Identify and block spam, viruses, and malware delivered via email messages. Using virus scanning, spam scoring, real-time intent analysis, URL link protection, reputation checks, and other techniques, Barracuda scans email messages and files.
Attachment Protection Barracuda combines behavioral, heuristic, and sandboxing technologies to protect against zero-hour and targeted attacks. A sandbox environment is used to detonate and observe behavior of suspicious attachments.
Link Protection Link Protection automatically rewrites URLs so that Barracuda can sandbox the request at click time to block malicious links.
Email Continuity In the event of a mail server outage or loss of connectivity, an emergency mailbox lets users continue to send and receive emails, staying productive until your primary servers are back online.
Email Encryption Secures your mail by encrypting it during transport to the Barracuda Message Center, encrypting it at rest for storage in the cloud, and providing secure retrieval by your recipients through HTTPS web access. Create a policy to automatically encrypt emails based on their sender, content, and other criteria.
Data Loss Prevention Create and enforce content policies to prevent sensitive data, including credit card numbers, Social Security numbers, HIPAA data, customer lists, and other private information, from being sent by email. Policies can automatically encrypt, quarantine, or block certain outbound emails based on their content, sender, or recipient.
Phishing and Impersonation Protection Automatically detect and prevent impersonation, business email compromise, and other targeted attacks. Barracuda’s AI engine learns each organization's unique communication patterns and leverages these patterns to identify anomalies and prevent socially engineered attacks in real time.
Account Takeover Protection Stop phishing attacks used to harvest credentials for account takeover. AI detects anomalous email behavior and alerts IT, then finds and removes all fraud emails sent from compromised accounts.
Automatic Remediation All user-reported messages are automatically scanned for malicious URLs or attachments. When a threat is detected, all matching emails are automatically moved from users' mailboxes into their junk folders.
Threat Hunting and Response Quickly identify and efficiently remediate post-delivery threats by automating investigative workflows and enabling direct removal of malicious emails.
Automated Workflows Build custom playbooks to completely automate your incident response process. Admins at any technical level can create a workflow by defining a trigger, determining conditions, and assigning the desired actions through a simple user interface.
SIEM/SOAR/XDR Integration Orchestrate incident response cross-product with RESTful API (beta) and syslog integrations. Remotely administer and configure incident response capabilities and store your event data for tracking, analysis, and troubleshooting.
Domain Fraud Protection Prevent email domain fraud with DMARC reporting and analysis. Barracuda provides granular visibility and analysis of DMARC reports and helps you minimize false positives, protect legitimate email, and prevent spoofing.
DNS Filtering Protect users from accessing malicious web content with advanced DNS and URL filtering.
Cloud Archiving A cloud-based, indexed archive allows for granular retention policies, extensive search, role-based auditing/permissions, legal hold, and export. Easily comply with e-discovery requests and regulatory or policy-retention requirements.
Cloud-to-Cloud Backup Get data protection and cloud backup for Office 365 data, including Exchange Online mailboxes, SharePoint Online, OneDrive for Business, and Teams. Fast point-in-time recovery in the event of accidental or malicious deletion.
Data Inspector Automatically scan your OneDrive for Business and SharePoint data for sensitive information and malicious files containing malware. Use it to develop policies that comply with GDPR, CCPA, and other data privacy regulations.
Attack Simulation Simulated phishing attacks are constantly updated to reflect the most recent and most common threats. Simulations are not limited to email, but also include voice, SMS, and portable-media (USB stick) attacks.
Security Awareness Training Get access to advanced, automated education technology that includes simulation-based training, continuous testing, powerful reporting for administrators, and active incident-response awareness.

Documentation:

Download the Barracuda Incident Response Datasheet (PDF).

Pricing Notes:

Pricing and product availability subject to change without notice.