The News: Veritas Technologies adds several new capabilities for cyber resiliency and offers its Veritas 360 Defense extensible reference architecture for integration with partners’ technologies, including Microsoft Defender. Additional details are available in the Veritas announcement and Microsoft partnership press releases.
Veritas 360 Defense: A Blueprint for Cyberattack Detection and Data Recoverability
Analyst Take:
Based on The Futurum Group’s research and conversations, extended time-to-detection and recovery are among customers biggest challenges when it comes to cyberattacks. The problems stem from several factors. First, attackers are continually innovating and adapting their approaches for maximum effectiveness and damage. At the same time, data is sprawling across an increasingly wide, fragmented, and diversified range of applications and infrastructure, both on-premises and in the cloud ― creating multiple potential vulnerabilities and areas of exposure to malicious actors. Compounding this complexity, most enterprises are using three, four, or even more data protection tools ― and yet that is nothing compared to the total number of security tools in use. Adding yet another layer of fragmentation, IT Operations and Security teams historically have led a very siloed existence with little regular collaboration with other aspects of IT.
Veritas has a longstanding history in data backup and recovery, disaster recovery, and data governance and compliance. It has been increasingly adding security capabilities to bolster customer cyber resiliency. Furthering this strategy, the company is expanding malware scanning capabilities for additional workloads, including Kubernetes-based environments, as well as its anomaly detection, adding support for administrative actions to existing data entropy detection to catch potentially nefarious activity. Arguably most significantly, it is introducing the requirement for multi-person authorization for critical operations to avoid not only malicious but also accidental destructive actions such as the deletion of entire backup storage volumes.
Veritas 360 Defense represents a flexible reference architecture for integrating Veritas’ various capabilities with the technology of key security vendor partners, with CrowdStrike, CyberArk, Qualys, Semperis, and Symantec being specifically noted at launch. In addition to speeding time-to-implementation and deployment for customers, it helps to provide validation that the technologies will work well with one another to close gaps that attackers might otherwise exploit. In addition to providing documented integrations, reference architectures are tested against real-world ransomware variants in the Veritas REDLab, which is not something that most customers would be able to feasibly handle on their own. For example, Veritas tested and validated Microsoft’s Defender for Endpoint solution with Veritas’ Alta and NetBackup data management and protection offering.
Conclusion
Given growing ransomware attacks and other cybercrime, enterprises are leaning on a larger number of security and data protection tools than ever before. The problem is that the complexities of managing multiple tools and points of less-than-optimal integration are lengthening the time to uncover and recover from attacks. With IT typically accountable as the starting point for recovery when a data breach occurs, cyber resilience poses a major challenge for IT Operations teams.
Best practices for cyber recovery are beginning to emerge, but enterprise IT shops have had to figure out a lot of integration work on their own. Veritas 360 Defense looks to reduce this effort and speed time-to-recovery by offering reference architectures that have been hardened not only for interoperability, but also for an ability to withstand real-world ransomware attacks. In an important note, IT Operations does not need to add another interface with Veritas 360 Defense; they simply provide the credentials for the third-party security software. Streamlining the path to integrating data protection and security tools and increasing confidence in IT’s ability to detect and allow the enterprise to recover from an attack, is very valuable. This is especially true as attacks evolve from data ransom to data extortion, in which demands can be doled out over periods of time.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other insights from The Futurum Group:
Kyndryl and Veritas Launch Managed Services for Ransomware Risk Assessment and Recovery
The Environmental Impact of IT: Veritas Environmental Study Highlights Importance of Data Management
Microsoft and Partners will Strengthen Microsoft 365 Data Protection
Author Information
With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.
