ensure safe and predictable recovery banner

Ensure Safe and Predictable Recovery with Cohesity

girish krishnamurthy

By Girish Krishnamurthy • August 14, 2020

The cybersecurity landscape is ever-changing. Researchers discover new vulnerabilities and exposures every day. In a recent data breach survey, one in four participants had their organization’s data breached because of a known vulnerability. Moreover, an INTERPOL report shows that cyber attacks are increasing at an alarming rate since the onset of the COVID-19 pandemic. Major corporations, governments and critical infrastructure seem to be the primary targets.

It is becoming increasingly imperative for organizations to have a robust vulnerability management strategy, spanning all arms of cloud and IT operations. In case of backups, admins do not have deep visibility to assess whether backup snapshots have any common vulnerabilities and exposures (CVEs). Vulnerable snapshots used to restore data can re-inject and compromise the IT production environment. So, we asked the question: how can we ensure backups are safe to recover from?

Cohesity is architected to incorporate the myriad security and protection needs in the world of data management. Cohesity customers have already unlocked the immense potential of their data on Cohesity by leveraging apps in the Cohesity Marketplace. One such app addresses this growing cybersecurity concern.

Recover with Confidence

Enter Cohesity CyberScan—an app that assesses the health and security posture of backup snapshots. We built it out in partnership with Tenable, the industry’s leading vulnerability management vendor. The app boots up backed up snapshots (whether it is Linux VMs or Windows VMs) within the Cohesity runtime environment and runs a scan to check for vulnerabilities against the CVE database. It’s all done within the Cohesity application infrastructure; completely independent of your IT production environment.

figure 1 snapshot scans

figure 1: Snapshot Scans

Customers can now run scheduled or on-demand scans on their backup snapshots to ensure no vulnerabilities are re-injected while restoring. Say, for example, a vulnerability was detected and patched on production by an infrastructure admin. When the data needs to be recovered from a snapshot, the admins are unaware of the risk posture of the snapshots. CyberScan would help backup, infrastructure and security admins immediately understand what vulnerabilities can get re-introduced as part of the data restore process, and get prepared to patch them post recovery. While initiating a restore operation, a customer can see a snapshot’s vulnerability index along with actionable recommendations to address any existing vulnerabilities. What’s more, scan data feeds into a threat dashboard that gives a global view of all vulnerabilities.

 

figure 2 security dashboard

Figure 2: Security Dashboard

Cohesity CyberScan is a one-of-a-kind solution that helps you leverage backup data to assess risk posture. It is testament to our platform’s ability to turn your data from an insurance policy to a competitive advantage. 

Getting this app is super simple. Cohesity customers can download and install this app via the Cohesity Marketplace in just a few minutes. Customers can use their own Tenable.io licenses to begin running scans. This app works with Linux as well as Windows VMs. For more information, head over to the Cohesity Marketplace, and for step-by-step instructions, check out our Product Documentation.