Analyst(s): Krista Case
Publication Date: January 29, 2025

Commvault integrates CrowdStrike’s Falcon Extended Detection and Response (XDR) platform into its Commvault Cloud Data Protection platform. The result is enhanced threat detection and intelligence alongside streamlined cyber recovery.

What is Covered in this Article:

• New Integration: Commvault has announced integration with CrowdStrike’s Falcon, enabling enhanced threat detection and faster recovery from cyberattacks.
• Enhanced Threat Visibility: The integration provides comprehensive visibility across endpoints, networks, and the data protection environment, allowing for earlier detection of threats.
• Streamlined Response: Alerts from CrowdStrike are integrated into the Commvault Cloud console, enabling administrators to quickly identify and recover from threats, minimizing downtime and data loss.

The News: Commvault has integrated CrowdStrike’s cloud-native, AI-driven XDR platform, Falcon, into the Commvault Cloud Data Protection platform. Falcon can detect suspicious and potentially malicious activities and events, complementing Commvault Threat Scan to offer comprehensive visibility and threat detection across endpoints, network, and the data protection environment. These alerts can be viewed in the Commvault Cloud console, and from there, administrators can quickly identify the most recent known-good state and recover data as needed.

Cyber Resilience Boosted: Commvault & CrowdStrike

Analyst Take: As the cyber landscape rapidly evolves, organizations are most focused on optimizing their resilience for business continuity, and to prevent their most critical data assets from being stolen or otherwise tampered with. Futurum’s Cybersecurity Decision Maker IQ data found that nearly 80% of organizations planning to add new cybersecurity vendors intend to do so to enhance their existing cybersecurity environment, with the ability to better address the evolving threat landscape being a dominant concern. Specifically, adopting more proactive and preventative measures, and optimizing time-to-recovery post-breach are top of mind. This is reflected in the fact that, in Futurum’s research, Data Protection decision-makers considering switching vendors are most focused on improving their ability to meet recovery point and recovery time objectives (RPOs/RTOs).

Commvault, in addition to a number of its peers, is embracing an evolution from data protection to cyber-resilience. Its partnership with CrowdStrike brings a number of capabilities that support this end.

Falcon can detect and prevent suspicious and potentially malicious activities and events across endpoints and networks. It uses AI as well as visibility into known Indicators of Compromise, for example, analyzing behavioral data and system telemetry for evidence of malware attacks. In this regard, it helps to identify threats earlier, while also facilitating more comprehensive visibility by complementing Commvault’s Threat Scan capability, which scans the backup environment for signs of malicious compromise such as malware.

Alerts can be viewed in the Commvault Cloud console, and from there, administrators can quickly identify the most recent known-good state and recover data as needed. The combined approach helps to minimize downtime and data loss by allowing administrators to respond to and mitigate threats more quickly.

What to Watch:

• Demand for integration between data protection software and the myriad of XDR and other threat detection and response tools that customers are using will continue to grow, as an important component of streamlining response to vulnerabilities and incidents.
• The ability to provide more comprehensive visibility and a more unified and streamlined workflow stands to support the budding collaboration between SecOps and ITOps. Where previously these teams have operated in a siloed manner, their collaboration is crucial to optimizing resilience against cyber-attacks.
• Dell, the combined Cohesity and Veritas entity, and Rubrik are among Commvault’s peers to also collaborate with CrowdStrike. For Commvault, leaning into faster recovery times that prioritize the most critical data and business services could support its differentiation – as could tie-ins with its data services including data classification and encryption, and its expanding support of modern multi-hybrid cloud workloads. Additionally, Futurum notes that customers will be looking for integration with CrowdStrike to be as seamless as possible.

See Commvault’s complete Press Release for more information.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other insights from The Futurum Group:

Commvault Streamlines Active Directory Recovery

Commvault Continues to Beat Guidance, Driven by Multi-Hybrid Cloud Cyber Resilience

Commvault’s Shift to Cloud-First Resilience: A Strategic Move

Author Information

Krista Case

Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.