HomeMalware & ThreatsBarracuda Acquires Evo to Develop SMB Identity Resilience Platform

Barracuda Acquires Evo to Develop SMB Identity Resilience Platform

Published on

spot_img

Barracuda Expands Identity Security Offerings with Acquisition of Evo Security

Barracuda Networks, a prominent player in the SMB security arena, has made a significant move by acquiring Evo Security, a startup founded by a former private equity leader, to enhance its identity security platform for managed service providers (MSPs) and small to medium-sized business (SMB) clients. This acquisition is seen as a strategic effort to fill a critical gap in identity security offerings specifically designed for smaller organizations, which often find enterprise-level solutions too complex and costly.

CEO Rohit Ghai articulated the rationale behind the acquisition, emphasizing that existing enterprise identity solutions tend to cater to larger organizations equipped with specialized security teams. As a result, these solutions are often overly elaborate and financially unfeasible for smaller businesses. Barracuda aims to bridge this divide by leveraging Evo’s technology to create what it believes to be the "first and only complete identity resilience platform" specifically tailored for MSPs. Ghai noted that this platform is unique in being "partner-first" and purpose-built, a significant evolution in the identity security domain.

Evo Security, based in Austin, Texas, was founded in 2018 and has since grown to employ 41 individuals, raising over $16 million in funding, with its most recent Series A round being completed in May 2024. Michael Roth, the company’s founder and current CEO, brings a wealth of experience, having previously led a boutique private equity fund as well as holding a managerial position at Encana Corporation.

Enhancing Barracuda’s Identity Security Portfolio

The integration of Evo’s functionalities into Barracuda’s existing identity security suite represents a notable expansion. Until now, Barracuda had invested in various identity security services including identity security posture management, identity threat detection and response, and Microsoft Entra ID backup capabilities. The acquisition adds key features, namely privileged access management (PAM), multifactor authentication (MFA), and single sign-on (SSO). These additions are crucial for providing comprehensive identity protection that covers the entire lifecycle of customer identities instead of being segmented into isolated security functions.

Rohit Ghai shed light on the innovative nature of Evo’s capabilities, specifically its just-in-time privileged access management system. This system is designed to deliver the necessary permissions only for the time required, following the principles of a zero-trust or least-privileged model. This approach not only enhances security for MSPs but also aims to provide "the Goldilocks level of privilege," ensuring that technician identities remain secure while they perform their functions.

For SMBs, which often operate with limited IT teams or outsource their IT functions completely to MSPs, the need for security solutions that are both cost-effective and easy to use is paramount. Ghai emphasized that the ideal products for these businesses are those that are simple to purchase, deploy, and manage—without necessitating dedicated identity specialists. He reiterated that offerings designed for enterprise environments cannot simply be scaled down to suit the SMB market because their foundational assumptions about resources and capabilities do not apply.

Understanding Multi-Tenant Architecture

Ghai noted that MSPs face the dual challenge of managing their own identities while simultaneously administering various customer environments through a single platform. To meet these demands, he and Roth underscored the necessity of a robust multi-tenant architecture designed from the ground up. Many enterprise vendors struggle to adapt their products to fit this model, which complicates virtually every architectural decision.

Roth pointed out that building a platform with multi-tenancy in mind from the outset leads to a more user-friendly design that facilitates deployment and management, a critical requirement for organizations aiming for operational efficiencies.

The Importance of Just-in-Time Access

To bolster security further, Evo’s framework ensures that MSP technicians are granted only the permissions needed to complete specific tasks, and only for the required duration. Roth highlighted that this capability significantly enhances security across all customers serviced by the MSPs, as it minimizes the chances of administrative privilege misuse.

Ghai noted that the market for identity management is evolving rapidly, underscored by signals such as Palo Alto Networks’ acquisition of CyberArk. This trend indicates a growing acknowledgment that identity-related functionalities need to be integrated into broader cyber resilience platforms, a crucial consideration particularly for smaller businesses.

Moreover, as MSPs manage millions of identities spread across a multitude of customer environments, manual identity administration has become impractical. Ghai argues that the integration of artificial intelligence into identity platforms is increasingly vital for automating workflows, detecting anomalies, and simplifying management tasks across diverse customer setups.

Looking Ahead in the PAM Market

Both Ghai and Roth express optimism regarding the growth potential of the privileged access management sector, which is estimated to be a $5.2 billion market, expected to expand nearly 13% annually. They perceive a substantial unmet need for PAM solutions within the MSP segment, which has historically lacked adequate offerings.

In summary, Barracuda’s acquisition of Evo Security marks a significant step in redefining identity security solutions for the SMB sector. By focusing on usability, cost-effectiveness, and advanced functionalities, the new platform aims to meet the unique security needs of smaller businesses and their managed service providers, ensuring that they are equipped to navigate a rapidly evolving cybersecurity landscape.

Source link

Latest articles

ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust and 17 Additional Stories

The Hidden Dangers of Neglected Security Practices: A Comprehensive Overview of Threats This Week The...

Microsoft Unveils GigaWiper: A Backdoor Engineered for On-Demand Destruction

Unveiling the Capabilities of GigaWiper: A New Threat in Cybersecurity Recent findings have shed light...

The Business Case for Addressing Security Debt: A Practical Approach for CISOs

In recent discussions among Chief Information Security Officers (CISOs), a significant shift has emerged...

Iran-Linked MuddyWater Espionage Campaign Targets Organizations Worldwide

A recent threat intelligence report released by WatchGuard has raised alarms about an espionage...

More like this

ThreatsDay: Cloud Bucket Hijacking, Windows LPE Chain, Global Fraud Bust and 17 Additional Stories

The Hidden Dangers of Neglected Security Practices: A Comprehensive Overview of Threats This Week The...

Microsoft Unveils GigaWiper: A Backdoor Engineered for On-Demand Destruction

Unveiling the Capabilities of GigaWiper: A New Threat in Cybersecurity Recent findings have shed light...

The Business Case for Addressing Security Debt: A Practical Approach for CISOs

In recent discussions among Chief Information Security Officers (CISOs), a significant shift has emerged...