This blog post is part of our series centered around RSAC 2024. While there, we invite you to meet with Cohesity experts in our booth (# N-4429). You can also book a meeting with Cohesity.
Earlier this year, we opined on the growing importance of integrating your favorite DSPM vendor with your Cohesity deployment. Our CEO, Sanjay Poonen, provided more context on why choice matters for enterprise leaders, given the evolving DSPM market.
And today, ahead of RSAC, we’re pleased to announce our GA integration with Cyera. Cyera, fresh off a $300M round of VC funding, is one of the top modern DSPM options in the market today.
Cohesity and Cyera integration details
Users of Cohesity Data Cloud and Cyera can now benefit from a new integration between these two systems. Practitioners can use Cyera’s continuous, agentless scanning capabilities across multiple data sources to discover and classify sensitive data, e.g. PII. Some of this data is likely protected by Cohesity Data Cloud and existing backup policies. But it’s also likely that significant volumes of sensitive data aren’t protected. This is where the integration kicks in. Users can easily examine gaps in protection and then take steps to add these data sources to their backup policies. The end result: an improved security posture and lower risk.
A few other nifty things users will enjoy with this integration:
- Automated, continuous classification, context and risk assessment of data contained within on-premises and cloud-based datastores, improving accuracy to at minimum 95% precision while improving operational resilience of resources by over 90% of current methods.
- Optimized frequency of backups and retentions based on the criticality of data within datastores backed up by Cohesity.
- Prioritized restoration of data based on business criticality of data.
- “Just in time” analysis of data-related incident evidence, which streamlines the IR process (and therefore improves incident response times).
Here’s a look at the integration at the conceptual level and what’s happening step-by-step:
And here’s what the integration looks like in practice via the Cohesity Security Center. Note the updated DSPM tags and the protection status of each resource:
Want to learn more? Visit the integration page in our marketplace.
Win with DSPM integrations via open APIs
Open standards tend to win in this era of modern computing. That’s not exactly a hot take—it’s conventional wisdom for most. Yet, in the world of data security and management, it’s worth emphasizing its importance. The open API model is the winning choice for most enterprise scenarios for two reasons:
- A community can interact with common building blocks to integrate technologies faster.
- Enterprise leaders and practitioners can use their preferred tools, without compromise.
These points are playing out when it comes to securing and protecting secondary data. We’ve long believed that “security is a team sport.” In fact, we designed Cohesity Data Cloud from the ground up to support multiple integrations with the industry-leading security providers as part of our Data Security Alliance. (Browse the API docs if you’re curious.)
Further, it’s been proven time and again that InfoSec leaders want to deploy “best of breed” products to ensure they use the best possible tech to protect and secure enterprise data. This is exactly what’s playing out in the DSPM category. Cohesity is working with the DSPM ecosystem on two key integration use cases:
- Identify and protect sensitive data rapidly. Use Cohesity’s API to identify unprotected sensitive data and swiftly implement robust protection measures.
- Deliver industry-first cyber recovery compliance reports. Utilize the API to generate comprehensive CyberRecovery Compliance reports, setting industry benchmarks and ensuring compliance with the highest security standards.
The anatomy of a DSPM Integration
It’s instructive to see how this all works “under the hood,” as it shows the power and flexibility of Cohesity’s APIs. The integration between Cohesity Data Cloud and tools like the Cyera Platform follows our structured open API workflow, facilitating smooth communication and data exchange. Here’s a high-level overview:
Let’s step through each of these API calls.
First, the Cyera admin will log in to start the process using the Authorization API for Cohesity Data Cloud. (To obtain your API key, simply log in to the Cohesity Helios console and generate the API key.)
Second, Cyera invokes Cohesity Data Cloud’s Protection Info API and a list of supported workload objects, along with their protection information, will be sent to the Cyera platform as part of the API response. The API also supports various filters for tailored search queries. In this case, the list is sent to the caller, Cyera.
Cyera proceeds to tag those object in the Cohesity Data Cloud console with the associated status as follows:
- Create Tag API: A new tag (“Cyera Confidential,” “Cyera Restricted”) to associate with objects or snapshots, enhancing organization and management capabilities.
- Tags Actions API: This API enables the addition or removal of tags on objects or snapshots, providing flexibility in managing data attributes.
Security is a team sport—assemble the best team you can
There’s so much innovation happening in DSPM, and modern security. Vendors that embrace open APIs and the power of ecosystems are your best options for improving your organization’s security posture today and tomorrow.
Ready to learn more about Cohesity and our integration with innovators like Cyera?
- Visit our marketplace and browse our growing library of integrations.
- Come see us at RSAC in San Francisco, May 6-8.
- Sign up for a free trial of Cohesity Cloud Services.
