Barracuda has added identity and access management capabilities to its cyber resilience platform through the acquisition of Evo Security, a vendor specializing in tools for managed service providers. The deal aims to simplify identity operations for MSPs grappling with credential-based attacks and the expansion of non-human identities in customer environments.
The integration targets a core challenge for MSPs: managing access across multiple customer tenants without creating operational debt. Evo Security’s technology focuses on privileged access management, identity protection, and threat detection—areas where traditional enterprise IAM tools often fall short for service providers handling diverse environments with varying policies and exceptions.
Platform consolidation
Barracuda plans to fold Evo Security’s tools into BarracudaONE, its broader platform for MSPs. The combined offering includes four layers: access control, privileged account management, identity-driven threat response, and backup for Microsoft Entra ID. Barracuda SecureEdge ZTNA will enforce least-privilege network access, while Barracuda Entra ID Backup protects against accidental or malicious disruptions to user groups and policies.
Background: Managed service providers (MSPs) secure and manage IT infrastructure for multiple clients, often requiring multi-tenant tools to handle diverse access policies and user bases. Identity and access management (IAM) systems control who can access what resources, while privileged access management (PAM) focuses on high-risk accounts with elevated permissions.
The acquisition arrives as MSPs face pressure to deliver more security services with limited staff and tight margins. Barracuda’s pitch centers on reducing complexity—consolidating identity controls into a single platform rather than forcing MSPs to stitch together disparate enterprise tools. However, the success of this approach will depend on execution: whether the integration preserves Evo’s MSP-focused design or introduces new workflow disruptions.
AI and identity risks
Barracuda CEO Rohit Ghai framed the deal as a response to the "agentic AI era," where both human and machine identities require governance. This reflects a broader industry shift: service accounts, API access, and automation agents are expanding the attack surface beyond traditional user authentication. Yet managing non-human identities presents technical hurdles, as permissions are often embedded in scripts, CI/CD pipelines, or third-party integrations where visibility is limited.
For professionals: MSPs should evaluate whether the integrated platform reduces policy drift and operational overhead compared to existing tools. Customers should ask providers about privilege policies, Entra ID recovery processes, and how identity controls are enforced across hybrid environments.
The acquisition also highlights a market trend: attackers increasingly target identity infrastructure rather than attempting to bypass it. Microsoft Entra ID, a central component of many organizations’ access models, has become a high-value target. Backup and recovery capabilities for Entra ID configurations are now critical, as disruptions can halt operations or enable attackers to move laterally with legitimate credentials.
Channel dynamics
For MSPs, the deal offers potential benefits—simplified procurement, reduced training friction, and a platform designed for multi-tenant operations. However, the outcome hinges on Barracuda’s ability to maintain Evo’s MSP-centric approach during integration. Key questions remain unanswered: which Evo features will remain standalone, how pricing will change, and whether workflows will adapt to non-Barracuda environments.
The acquisition also underscores a power shift in the channel. MSPs increasingly favor vendors that offer automated, scalable security stacks over those requiring enterprise-style administration. Barracuda’s challenge is to prove that Evo’s identity-first model can scale globally without losing its MSP-specific advantages.
Companies mentioned
Automated pipeline · Business
Synthesized from 1 industry feed on 8 Jul 2026. Passed independent editor verification (score 92/100) before publication. Style guide v1.4.
Sources
Decision trail
- Checking for duplicates — New story No recent or in-pipeline article covers Barracuda's acquisition of Evo Security.
- Checking for duplicates — New story pre_write:; No recent or in-pipeline article covers Barracuda's acquisition of Evo Security.
- Writing the article — Draft created article_id=297 slug=barracuda-acquires-evo-security-to-unify-msp-identity-stack
-
Editor review — Approved
- Score: 92/100
- Factual grounding: The draft states 'Barracuda Entra ID Backup protects against accidental or malicious disruptions to user groups and policies' — the source text specifies 'users, groups, policies and configurations' (plural 'configurations' is omitted).
- Style compliance: The Background block exceeds the 2-4 sentence limit (5 sentences).
- No copied phrasing: The phrase 'identity sprawl becomes operational debt very quickly' is closely echoed from the source ('Identity sprawl becomes operational debt very quickly'). Restructure to avoid resemblance.
- Style compliance: The 'For professionals' callout includes 'Customers should ask providers...' — the source uses 'Customers should examine...' and 'ask MSPs'. The draft should align with the source's phrasing for consistency.
- Generating reader Q&A — Generated 5 items
- Assigning hero image — Reused library image reused image #96
- Linking related stories — Linked 1 relations from 243 candidates
- Publishing — Published barracuda-acquires-evo-security-to-unify-msp-identity-stack
- Mastodon — Posted https://mstdn.social/@hostingpaper/116882327569649305


Discussion · coming soon
Be the first to join the thread when community discussion launches.