The News: Veeam announces cyber-resiliency-related updates to the Veeam Data Platform, including the 12.1 release of Veeam Backup & Replication (VBR), as well as its new Veeam Threat Center and Cyber Secure Program, at its VeeamON Resiliency Summit. Additional details are available in Veeam’s press release.
Veeam Showcases Data Resiliency Developments
Analyst Take: With backups serving as the critical last line of defense against cyberattacks, having backup copies that are clean and available and taken as close as possible to the data breach is critical for cyber-resiliency. Equally important is fast time-to-resolution – which, in the data protection space translates into data recovery – to minimize business downtime.
In a market growing ever more security washed, Veeam remains unabashedly committed to its backup roots and helping customers with fast recovery times. That being said, Veeam continues to evolve its flagship backup software offering, VBR, to address cyberattack concerns. To VBR, Veeam is adding AI-based malware detection based on inline analysis of entropy and file extensions, alongside an I/O Anomaly Visualizer. This new capability, which takes place during as opposed to after the backup process, allows for faster attack detection and can help to reduce data loss.
Once uncovered, anomalies feed into ServiceNow or another security information and event management (SIEM) tool for triage and faster incident response time. Notably, integration with the Veeam Incident application programming interface (API) facilitates direct communication between VBR and the SIEM tool, which helps to avoid reinfection by allowing for restore points to be marked as infected. It can also allow for backups to be triggered in response to an ongoing attack so that any good data changes can be preserved and to be used for post-attack forensic analysis.
In addition to helping customers become more reactive to cyberattacks, Veeam continues adding capabilities to safeguard the backup copies themselves. The Futurum Group views the addition of two-person concurrence (also called four-eyes authorization) – that is, the need for a second administrator to approve potentially destructive activity such as deleting an entire backup set – as arguably the most notable from this standpoint, with the VBR 12.1 release.
Identifying critical threats and areas of vulnerability is not easy, as data has sprawled across multi-hybrid cloud environments. To help, Veeam is introducing the Veeam Threat Center, which is based on its Veeam ONE IT monitoring and analytics software product, and which helps customers to identify threats and other risk factors as well as to obtain a security score for their environment. In The Futurum Group’s conversations with customers, the question of “How do I know that I’m doing enough?” comes up frequently in the context of securing the storage and data protection environments. Veeam’s Threat Center as well as its new Security and Compliance Analyzer, which automatically scans the environment for comparison to Veeam-established best practices, aim to help with this question. From this standpoint, it is also notable that, in early 2024, Veeam will be introducing a Cyber Secure Program, which will provide design, implementation, and onboarding services; quarterly health checks; and other incident recovery capabilities.
Conclusion
The market is becoming increasingly muddled as a variety of data protection vendors lean into security-focused messaging, adding to customer confusion, but Veeam’s positioning is clear. Although backups remain the core of Veeam’s product strategy and market positioning, the company continues moving toward complementary capabilities around data resiliency, as evidenced by the 12.1 VBR launch. VBR’s enhanced threat identification capabilities will assist customers as they seek to become more proactive, as opposed to strictly reactive, in data protection and resiliency strategies. Meanwhile, its enhanced SIEM integration is a very important addition as customers seek to consolidate threat intelligence across their IT environments, increase collaboration between security and IT operations teams, and mitigate the amount of data loss and downtime that they suffer as a result of cyberattacks. Keeping up with the pace of cybersecurity-related innovation and best practices is not an easy feat for customers, and it is notable that Veeam is offering support with investment in areas like its Threat Center, Security and Compliance Analyzer, and the upcoming Cyber Secure Program.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other insights from The Futurum Group:
Veeam Strengthens Its BUaaS Play with Cirrus
What Is Comprehensive Cyber-Resiliency? — Infrastructure Matters, Episode 4
Author Information
Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
