New next-generation threat detection capabilities in Barracuda Advanced Threat Protection and LinkProtect

We are excited to announce a major leap forward in Barracuda threat protection capabilities with the integration of multimodal AI technology into our purpose-built sandbox engine. This enhancement allows Barracuda Advanced Threat Protection (ATP) and Barracuda LinkProtect to perform real-time, deep inspection of URLs and file artifacts, including documents, images, embedded links, and QR codes.

The new Barracuda capabilities deliver over three times the threat detection power at nearly eight times the speed. Our multimodal AI enhancements drive this performance boost and facilitate further innovations as we continue to improve our threat detection capabilities.

Purpose-built sandbox engine with multimodal AI

Multimodal AI enhances the detection of malicious files and URLs by analyzing multiple layers of data and media types - such as text, visuals, behavior and metadata - together. For files, it can inspect embedded scripts, file structure, visual elements like QR codes in PDFs, and behavior during execution to identify threats even if they’ve never been seen before. For URLs, it evaluates domain names, webpage content, redirects, screenshots, and hosting details to spot phishing or credential theft attempts. By combining these different modalities, multimodal AI improves accuracy, detects zero-day threats, and reduces false positives by understanding both the content and context of potential attacks. This capability further allows our products to detect advanced threats with higher accuracy compared to models previously available on the market.

Detecting malicious SVG (Scalable Vector Graphics) files with multimodal AI is a perfect example of how combining multiple data types helps uncover hidden threats. SVG files are XML-based and can embed scripts, links or obfuscated payloads, making them a sneaky attack vector.

Traditional scanning might miss SVGs that look clean on the surface but contain hidden threats. Barracuda’s multimodal AI combines code inspection, visual deception detection and sandbox behavior to catch sophisticated, evasive SVG-based attacks.

For example, the following image shows an SVG file that renders in a web browser of an impersonated Microsoft login site. The phishing target’s email is embedded in the file and will prefill the form:

PDF files are complex as they can embed scripts, images, links, and even executable code, making them a common vector for phishing and social engineering attacks.

Visually, the PDF could display a fake login form using spoofed branding to harvest credentials. Some may include embedded QR codes or links disguised as buttons. These threats are often obfuscated within the file’s structure. Multimodal AI uncovers these attacks by combining static code analysis, rendering the document to detect visual deception, and running it in a secure sandbox to monitor for suspicious behavior.

In another example, a PDF appeared as a secure document with 401k information, but it includes a QR code that links to a phishing page and impersonates HR. The QR code will direct the victim to a fake login portal that will attempt to steal login credentials. Traditional scanners often overlook QR codes, treating them as static images. Multimodal AI, however, renders the PDF, locates the QR code visually, decodes its contents, analyzes the destination for risk, and—if needed—executes the link in a sandbox to detect malicious behavior in real time. With 68% of malicious PDFs containing QR codes, the risk is too high to not have the right level of defense. 

These new capabilities improve detection by over three times the number of malicious threats at about eight times the speed. Because Barracuda ATP is shared throughout the Barracuda platform, all Barracuda security solutions will benefit from these enhancements.

Adaptive protection against evolving tactics

Threat actors have been using AI tools to build and deploy attacks since at least 2018. Custom GPTs and generative AI changed the game in 2023 and those attacks are only going to worse as AI gets better. Get more information on these threats in our free 2025 Email Threats Report.

Barracuda Advanced Threat Protection and Barracuda LinkProtect give companies multiple layers of protection against these attacks. With our new multimodal AI innovations, our threat detection is faster and more effective than ever before. Barracuda delivers the visibility, context and speed needed to defend against today’s most sophisticated and dangerous cyberthreats.