The acquisition expands the BarracudaONE platform with identity protection giving partners a single platform to secure customers and grow recurring revenue.
Barracuda Networks is expanding its push into identity security with the acquisition of Evo Security, bringing together privileged access management (PAM), identity protection, access control, identity threat detection and response into a single platform for MSPs.
“Before talking about why Evo, you really have to start with why identity,” Rohit Ghai, CEO of Barracuda, told CRN in an interview. “What we’ve learned from customers and partners is that identity has become the center of cybersecurity. Attackers today aren’t breaking in, they’re logging in. That’s fundamentally changed the way organizations need to think about protection.”
Terms of the deal were not disclosed.
Ghai said the Campbell, Calif.-based cybersecurity vendor, whose partner program received a 5-Star award in CRN’s 2026 Partner Program Guide, had already built identity capabilities into its BarracudaONE platform but saw a major gap in the market.
“When we looked around, we saw identity solutions that were either incredibly complex, too expensive or simply point products that weren’t part of a broader security platform,” he said. “Partners kept telling us they were tired of stitching together multiple tools that don’t naturally work together. This acquisition fills that gap. It allows us to offer a complete identity security platform that’s purpose-built for MSPs, easy to deploy, easy to operate and integrated into a broader cyber resilience platform instead of existing as another standalone product.”
Barracuda plans to integrate Evo’s technology into BarracudaONE while allowing current Evo partners to continue operating without disruption.
Ghai, who left as CEO of RSA to assume the top job at Barracuda last fall, said Barracuda is not trying to become a cybersecurity “supermarket” filled with disconnected products. Instead, he said the company is focused on building an integrated platform where identity, email and network data work together to strengthen threat detection, response and overall security outcomes. The value, he said, comes from making those technologies operate in connection to deliver stronger protection for customers and better business opportunities for partners.
For Evo Security founder and CEO Michael Roth, who will remain with Barracuda as vice president of identity product management, joining Barracuda accelerates what his company set out to accomplish.
“This became a pretty obvious decision once I got to know Rohit and the Barracuda team,” Roth told CRN. “From day one, Evo was built entirely around MSPs. Everything we created—from our multi-tenant architecture to privileged access management and help desk verification—was designed around how MSPs actually operate. But as an earlier-stage company, you’re always balancing priorities because resources are finite.
“Now we’re combining that MSP-first technology with Barracuda’s global scale, engineering resources, partner ecosystem and support organization,” he added. “That means we can move faster, build more, reach significantly more partners and ultimately deliver on the full vision we’ve had for identity security.”
For partners, it’s not just about stronger cybersecurity tools, but a chance to increase profitability as well.
“This is one of the clearest market opportunities we’ve seen,” Ghai said. “Customers are actively asking for simpler identity security, and partners need solutions they can sell, deploy and support efficiently. We think this creates a genuine win for customers, a win for our partners and a win for Barracuda.”
For Barracuda partner Michael Goldstein, the addition of privileged access capabilities fills one of the last major gaps in Barracuda’s security portfolio.
“Barracuda has a great product line but these pieces—technician elevation, end-user elevation, all those privileged access capabilities—were definitely missing,” Goldstein, market president, Southeast Florida, for Fort Myers, Fla.-based Entech, told CRN. “By bringing those capabilities into the platform, organizations can eliminate the need for separate third-party tools while strengthening a critical layer of their security posture.”
He views the acquisition as not just another feature release but a strategic addition that closes a significant security gap, helping partners reduce complexity by consolidating capabilities.
“If you look at some of the bigger Las Vegas breaches that we saw a few years ago, they came in through help desk calls,” he said. “As little as it seems, it’s really a big piece that Barracuda just filled.”







