He ran Barracuda for four years, sat in its COO chair before that, and managed its security business before that. Ten years, three titles, one platform pivot - and now a fresh seat on Corelight's board.
The pattern is easier to see than the person. Hatem Naguib spent his most public decade at Barracuda Networks - first running the security business unit, then as Chief Operating Officer, then as CEO. Before Barracuda he was a vice president at VMware, where he helped turn NSX into the company's headline software-defined networking and security product. Before VMware he passed through CenterRun, Sun Microsystems, GE, The Walt Disney Company and Accenture. The titles change. The neighborhood doesn't.
Cybersecurity is a noisy category full of executives who arrive, restructure, and exit before the second product cycle ships. Naguib didn't do that. He showed up at Barracuda in May 2016 as Senior Vice President and General Manager of the security business. He left in September 2025 as the company's Chief Executive Officer, having lived through a private-equity ownership transition that handed the company from Thoma Bravo to KKR in 2022 and then a platform pivot that culminated in BarracudaONE, an AI-assisted cybersecurity platform aimed at the kinds of customers most analysts pretend don't exist - small and mid-sized businesses, and the managed service providers who serve them.
Eight months after stepping down he turned up on Corelight's board of directors. The press release went out on 6 May 2026. Corelight makes network detection and response tools - which is to say, the company sells the kind of high-fidelity packet evidence that AI-driven security operations centers keep claiming they need. Naguib's appointment was framed as a vote for that thesis: more data, more provenance, more signal, less hand-waving.
When Naguib arrived at Barracuda in 2016, the company was best known for its appliances. Email security gateways. Backup boxes. The kind of physical-or-virtual products that IT directors at mid-market firms had bought for years. Useful. Profitable. Increasingly mismatched with where customers were actually running workloads, which was somewhere between AWS, Microsoft 365 and an unknowable number of SaaS tabs.
His brief, expanded over three promotions, became simple to state and complicated to execute: turn the appliance company into a platform company. The work was incremental for a long time. Cloud-delivered email protection. A managed XDR offering. Integrations with the MSP channel, because mid-market customers rarely run their own SOCs. By 2025 the work had a name - BarracudaONE - and a tagline about AI-powered cybersecurity. By the time the platform was on stage, Naguib had handed the company to Rohit Ghai, an industry veteran whose previous job was running RSA.
What Naguib left behind looked structurally different from what he found. The center of gravity had moved from devices to subscription services. Managed XDR was no longer the side project. Partners weren't bolted on; they were the distribution model. The brand was still Barracuda. The business model was not.
approximate, public-record tenures
Naguib joined VMware in 2006 and stayed roughly a decade. The headline tour of duty was Vice President of Networking and Security, where he ran product, technical marketing and business development for VMware NSX. NSX was VMware's bet that software-defined networking and micro-segmentation belonged on the same data-center platform as the hypervisor. The bet looked obvious in retrospect and contentious in real time.
By the public accounting of his Corelight board announcement, NSX scaled past $600 million in roughly three years on his watch. That is the kind of number that opens doors to CEO seats. He also, during the VMware years, managed global partnerships with Cisco, EMC and HP - the kind of three-letter accounts where one mishandled QBR costs a quarter.
Skim past it and a pattern repeats: in every job he's had, the work has been about gluing the network plane to the security plane and selling the result to operators who already had too many vendors.
Most cybersecurity CEOs treat AI as a marketing problem. Naguib has tended to treat it as a tooling problem. In conversations with the trade press he repeatedly returned to a narrow, specific observation: large language models pushed phishing email quality up, and the people writing those emails didn't need to be fluent in English anymore. The economics of bad email had changed. Everyone else's defensive posture hadn't.
His framing of the opportunity, as articulated in the Corelight announcement, is more interesting than the warning. He thinks the next generation of security operations centers will be defined less by the cleverness of detection algorithms and more by the fidelity of the underlying data. If you don't have trustworthy network evidence to feed a model, the model will produce confident nonsense. If you do, you can finally automate the boring parts of triage. That is, in three sentences, the case for joining Corelight's board.
It is also worth noting what he hasn't done. He hasn't reinvented himself as a generative-AI thought leader. He hasn't pivoted his public commentary into "AI-first" anything. The Barracuda blog posts under his byline read like operator notes: what threats are showing up in customer telemetry, what MSPs are asking for, what to do about it. The tone is the tell.
"As security operations become increasingly AI-driven, the quality and fidelity of underlying network evidence will only become more important."
- Corelight board announcement, 2026
"Leading Barracuda through a period of extraordinary transformation has been one of the most rewarding experiences of my career."
- on stepping down, September 2025
"After the release of OpenAI, there's a notable improvement in the quality of phishing emails."
- on AI-driven threats
"Barracuda has never been in a stronger position to take advantage of the opportunities ahead of us."
- on taking the CEO seat, 2021
Long tenures at VMware and Barracuda in an industry where CEOs are routinely flipped after 18 months. Patience is itself the strategy.
Posts on the Barracuda blog under his own byline, not just polished essays. Operator notes, not keynote slides.
Joined Corelight specifically because of the quality of the network evidence, not the dashboard. That's a tell about what he thinks wins.
Ran Barracuda's security business unit before being asked to run the whole company. Internal climbs under PE ownership are unusual.
Built much of Barracuda's growth through MSPs - the kind of channel that pays slowly and quietly compounds.
Brought in Rohit Ghai - a peer-level industry CEO - and stepped aside. Few founders or long-tenured CEOs manage that gracefully.