New App Uses Backup Data to Combat Cyber Threats
Identifying and addressing cyber exposures and vulnerabilities has become a major challenge for enterprises today. According to a recent survey, the majority of organizations that suffered a data breach in the past two years say it was caused by a known vulnerability that had not been patched. The survey also found that 37 percent of organizations say they don’t even scan for vulnerabilities.
To address this challenge, organizations need a solution that leverages backup data to discover cyber exposures and vulnerabilities within their IT production environment and assess the risk posture of their IT environment. Cyber exposures often lead to cyberattacks — such as ransomware attacks or data breaches — and discovering these cyber exposures is the first step in defending against online criminals.
The new Cohesity CyberScan application makes it easy to scan for cyber exposures. Available now on the Cohesity MarketPlace, the application works by scanning backup copies on Cohesity (instead of the live production copy) to identify any cyber exposures across an organization’s production IT environment. This includes the operating system, computer, network devices, and configurations. The application gives a global view of all vulnerabilities through an easy-to-read security dashboard along with actionable recommendations on how to address exposures before hackers exploit them.
This is done through Cohesity’s unique architecture that boots the snapshot within the Cohesity run-time environment and runs a scan to locate vulnerabilities against regularly published entries within the public CVE database. This process does not impact production performance or require that scans run during a maintenance window.
Additionally, the application helps IT professionals perform backup verification, ensuring that a given backup snapshot is recoverable. It also eliminates the risk of re-injecting known, or previously addressed, vulnerabilities back into the production environment when performing a recovery job or while leveraging backup copy for dev/test.
The application also gives organizations the ability to run scans on backup data on a frequent basis, instead of waiting for weeks or months to schedule scans in the production environment. This further reduces opportunities for data breaches.
- Addresses the need from IT to have an environment that runs 24-7.
- Provides predictable recovery by ensuring backup copy is recoverable and does not re-infect known vulnerabilities during the recovery process
- Identifies vulnerabilities and misconfigurations without putting any additional burden on their mission-critical operations.
Using Backup Data to Protect Across Multiple Fronts:
The Cohesity CyberScan application builds on existing Cohesity security capabilities to protect across multiple fronts, including a comprehensive anti-ransomware solution and antivirus applications.
- Comprehensive Defense Against Ransomware: Cohesity uniquely empowers organizations to prevent backup data from becoming a target while detecting and responding to ransomware attacks using its immutable file system, anomaly detection, and instant mass restores. Customers can access Cohesity’s anti-ransomware capabilities from the same security dashboard that houses the vulnerability scan, giving customers visibility and insights into “blind spots” within their IT environment.
- Antivirus Applications Without Parallel Infrastructure: Cohesity customers can defend their file infrastructure against attacks by running the ClamAV open-source application directly on file data stored on the Cohesity DataPlatform, instead of copying the data onto parallel infrastructure for analysis. SentinelOne, which is also available in the Cohesity MarketPlace, provides up-to-date virus libraries based on machine-learning algorithms directly on the Cohesity DataPlatform.