VeeamON 2024: From Backups to Cyber-Resiliency and Incident Response

VeeamON 2024: From Backups to Cyber-Resiliency and Incident Response

The News: Veeam hosts its tenth annual VeeamON, its annual customer and partner event, in Hollywood, Florida. Its announcements can be found at

VeeamON 2024: From Backups to Cyber-Resiliency and Incident Response

Analyst Take: Veeam has been steadily extending from its virtual machine backup roots for a number of years, and the 2024 VeeamON conference was a culmination of those efforts. Given the onslaught of cyberattacks, the data protection market as a whole is embracing a focus on cyber resiliency – and Veeam is no exception.

This is evidenced in the expansion of Veeam’s product strategy, which has always centered on three core “pillars” of data backup, data recovery, and data freedom. This strategy has been expanded to include data security and data intelligence.

Data Backup includes facilitating the ability to back up the variety of infrastructures and applications in use by enterprises today. It also includes embracing as-a-service delivery of Veeam’s technologies, with Veeam’s acquisition of CT4 in October 2023 enabling Veeam to expand into delivering first-party backup-as-a-service. To the latter point, VeeamON 2024 saw the release of Veeam Data Cloud Vault, a preconfigured and Veeam-managed, Microsoft Azure-hosted cloud storage service for immutable, encrypted and logically air-gapped data copies that can be used for recovery from ransomware or other cyber-attacks in the event that the primary backup copy is compromised. Also announced was Lenovo TruScale Backup with Veeam, which delivers Veeam Backup and Replication (VBR) and Veeam ONE via Lenovo TruScale services, for a scalable, cloud-like experience on-premises.

Data Freedom and Data Recovery are closely interrelated, and encompass the ability to use Veeam’s proprietary, portable data format to recover or otherwise move data from any platform, to any platform. This is especially important for Veeam today, given the level of unrest amongst the VMware ESXi hypervisor customer base, in which Veeam is heavily entrenched. VMware customers are expecting substantial price increases following VMware’s acquisition by Broadcom, and they are exploring opportunities to migrate their workloads to other platforms. Veeam can not only assist customers with any migration projects – it can also allow them to test running these workloads on other platforms. This strategy is also useful when it comes to recovering from cyber-attacks, as the recovery may need to occur to an alternate location, for example as forensics are conducted on the compromised environment.

Data Security covers capabilities such as antivirus protection, inline scanning for malware, and anomaly detection that alerts the administrator on suspicious file activity. It also includes the Veeam Incident API that was introduced in Veeam Backup and Replication 12.1 to allow external tools to notify a backup server of infections earlier.

Data Intelligence covers the artificial intelligence (AI) that Veeam is building into its platform, including AI-powered threat detection, diagnostics, and digital assistant capabilities. Veeam demonstrated on-stage the Copilot it has developed jointly with Microsoft to provide backup administrators with insights and automated actions to make their jobs easier and accelerate responsiveness. For example, it can quickly provide a view into SharePoint sites with high change rates that could indicate nefarious activity and trigger a recovery, or it can identify unprotected users and suggest the appropriate protection policy. Veeam is not over-rotating on AI, and in fact is arguably touting its capabilities less-so than competitors. However, it is introducing them in a thoughtful way that will lead administrators down a path of trusting them and utilizing them for a meaningful impact.

Arguably Veeam’s most notable stake in the ground when it comes to cyber-resiliency is its April 2023 acquisition of incident response firm Coveware. Through Coveware, Veeam has acquired services capabilities that include:

  • Assessment
  • Understanding the impact to the client via forensic analysis.
  • Identifying the particular ransomware strain and its impact on the client’s organization.
  • Identifying and providing data on the particular threat actor.
  • Negotiation with cyber-criminals.
  • Handling of settlement transactions.
  • Remediation and any required incident documentation.

It also has acquired a research arm that provides continuous visibility into ransomware variants, attack vector analysis, attack footprints, and recovery options.

In sum, Veeam is taking the necessary steps to innovate around its core backup competencies, and to protect its healthy, existing installed base. It is also putting bold stakes in the ground to provide additional support around cyber-resiliency and incident response. Given initiatives, the company’s steady embrace of cloud services, and its foray into value-add AI capabilities, Veeam is checking off all of the critical boxes that customers are looking for as they navigate their Board-level cyber-resiliency priorities.

Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.

Other Insights from The Futurum Group:

Veeam Analyst Summit 2023 Highlights

Veeam Showcases Data Resiliency Developments

Veeam Strengthens Its BUaaS Play with Cirrus

Author Information

With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately a decade of experience providing research and advisory services and creating thought leadership content, with a focus on IT infrastructure and data management and protection. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Prior to joining The Futurum Group, Krista led the data center practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.

Krista holds a Bachelor of Arts in English Journalism with a minor in Business Administration from the University of New Hampshire.


Latest Insights:

The Six Five team discusses senior leadership change at Lenovo.
The Six Five team discusses CEO change at Lattice Semi.
The Six Five team discusses US investigates NVIDIA, Microsoft, and OpenAI.
The Six Five team discusses SAP Sapphire Orlando 2024.