Barracuda Uses AI ‘Sentinel’ to Combat Spear Phishing

Barracuda Networks this week launched Sentinel, a cloud-based artificial intelligence (AI) platform that stops spear phishing and other types of email fraud.

Unlike typical phishing scams in which attackers cast a wide net hoping to catch many victims, spear phishing is highly targeted. Usually, this type of attack focuses on a specific individual or group of users within an organization.

In spear phishing scams, emails may appear to come from a colleague or another internal user. Believing a request for login information or embedded links are legit, targets often let their guard down, inadvertently providing hackers with a foothold on their networks.

Barracuda Sentinel employs a real-time AI system to keep a vigilant and critical eye on email accounts to stop spear phishing attempts, explained Asaf Cidon, vice president of Content Security Services at Barracuda Networks.

“Sentinel uses an AI engine to detect and block spear phishing attacks based on knowledge of unique communication patterns of an organization. Within an organization, Sentinel evaluates and analyzes each and every aspect of a message, including the metadata of the message, the content and the tone,” Cidon said.

Although spear phishing attempts can be very convincing, Barracuda’s new detection technology isn’t easily fooled.

“The AI engine looks for anomalies, based on the historical patterns of communication,” Cidon added. “For example, if the CEO and CFO have communicated thousands of times in the past using certain corporate emails and a certain tone, if a certain message seriously deviates from the normal patterns, it would be a likely spear phishing candidate.”

Further, using Barracuda Sentinel’s Domain-based Message Authentication Reporting and Conformance (DMARC) capabilities, businesses can combat domain spoofing, another tactic used by scammers to lure in unsuspecting victims.

A telltale sign of a phishing email is a sender address from an unknown or unofficial domain. Spear phishing attempts often use a spoofed domain, giving the appearance that they originate from within a user’s own organization.

And all this added protection comes with a minimum of IT management overhead, assured Cidon.

“Barracuda Sentinel is completely effortless from an IT perspective. It takes two minutes to set up, and it does not require any appliances or installing any software, and has zero impact on the network,” he said. “It is also compatible with any underlying email security gateway.”

Once organizations deploy the product, “it automatically learns the company’s communication patterns and automatically starts blocking spear phishing attacks in real-time,” Cidon said. “IT does not need to set any manual rules or policies. Once a spear phishing attack is intercepted, the user as well as IT are notified. Barracuda Sentinel has a dashboard where IT can monitor intercepted attacks, at-risk employees and spoofed domains.”

Barracuda Sentinel is available now. More information is available here.

Pedro Hernandez
Pedro Hernandez
Pedro Hernandez is a contributor to eSecurity Planet, eWEEK, and the IT Business Edge Network. Previously, he served as a managing editor for the network of IT-related websites and as the Green IT curator for GigaOM Pro.

Top Products

Top Cybersecurity Companies

Cybersecurity is the hottest area of IT spending. That's why so many vendors have entered this lucrative $100 billion+ market. But who are the...

Top CASB Security Vendors for 2021

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. After carefully surveying the...

Top Endpoint Detection & Response (EDR) Solutions for 2021

Endpoint security is a cornerstone of IT security, so our team put considerable research and analysis into this list of top endpoint detection and...

Top Next-Generation Firewall (NGFW) Vendors

Cybersecurity is getting more complicated, and so are security products. NGFWs are no exception, and IoT devices and the work-from-home craze that began in...

Related articles