Cohesity Expands Security Capabilities by Empowering Enterprises – For the First Time – to Uncover Vulnerabilities and Cyber Exposures Using Backup Data
August 5, 2019Cohesity today expanded its security offerings with the release of Cohesity CyberScan, a new application that is the first and only solution that leverages backup data to assess the vulnerabilities, or risk posture, of an enterprise’s IT environment. This is significant because vulnerabilities often lead to cyberattacks – such as ransomware attacks or data breaches – and discovering these exposures is the first step in defending against online criminals.
Identifying and addressing vulnerabilities has become a major challenge for enterprises today. According to a recent survey, the majority of organizations that suffered a data breach in the past two years say it was caused by a known vulnerability that had not been patched. The survey also found that 37 percent of organizations say they don’t even scan for vulnerabilities.
The Cohesity CyberScan application makes it easy to assess systems for vulnerabilities. Available on the Cohesity MarketPlace, the application works by scanning backup copies on Cohesity DataPlatform (instead of the live production copy) to identify any vulnerabilities across an organization’s IT environment, including the operating system, computer, network devices, and configurations. The application gives a global view of all vulnerabilities through an easy-to-read security dashboard along with actionable recommendations on how to address exposures before hackers exploit them.
This application utilizes Tenable.io for vulnerability management in the Cloud to locate exposures against regularly published entries within the public Common Vulnerabilities and Exposures (CVE) database. The application also takes advantage of Cohesity’s unique architecture. This architecture allows organizations to run applications directly on the Cohesity cluster, where the data sits, rather than moving data to a separate application environment.
“This is the first application we’ve seen that focuses on assessing systems for exposures, such as vulnerabilities, within backup data,” said Ray Komar, vice president of technical alliances, Tenable. “We believe this innovative approach provides enterprises with a novel and cutting-edge way to harden and improve their security posture across their IT environments.”
“The Cohesity CyberScan application offers a much more efficient way for us to discover vulnerabilities by scanning backup data within Cohesity rather than drawing resources from our production environment,” said Mike O’Rourke, Director of IT, Lighthouse Resources Inc. “Our disaster recovery is also more dependable now with this new ability to easily identify which backups are potentially compromised and which we can trust for instant recovery.”
Additionally, the application helps IT professionals perform backup verification, ensuring that a given backup snapshot is recoverable. It also eliminates the risk of re-injecting known or previously addressed vulnerabilities back into the production environment when performing a recovery job.
The application also gives organizations the ability to run scans on backup data on a frequent basis, instead of waiting for weeks or months to schedule scans in the production environment, which further reduces opportunities for data breaches. This process does not impact production performance or require that scans be run during a maintenance window.
“Businesses today need an IT environment that runs 24-7 and want to avoid recovering VMs with known vulnerabilities,” said Raj Rajamani, vice president of product management, Cohesity. “While we are focused on empowering customers to make backup data more productive, we are also proud to introduce an industry-first solution that helps customers easily identify exposures, such as vulnerabilities and misconfigurations, without putting any additional burden on their mission-critical operations.”
“IT is measured by SLAs and with this new capability, Cohesity has addressed key obstacles to help organizations meet their security and recovery objectives,” said Phil Goodwin, research director, cloud data management for protection, IDC. “The Cohesity CyberScan application leverages backup copies to provide important visibility into production systems, performs backup verification for ensuring recoverability, and helps IT avoid re-injecting vulnerabilities while recovering from any backup snapshot, all with no impact to their production environment or data.”
Using Backup Data to Protect Across Multiple Fronts
This latest release builds on existing Cohesity security capabilities to protect across multiple fronts including vulnerability scans, a comprehensive anti-ransomware solution, and antivirus applications.
- Comprehensive Defense Against Ransomware: Cohesity uniquely empowers organizations to prevent backup data from becoming a target while detecting and responding to ransomware attacks using its immutable file system, anomaly detection, and instant mass restores. Customers can access Cohesity’s anti-ransomware capabilities from the same security dashboard that houses the vulnerability scan, giving customers visibility and insights into “blind spots” within their IT environment.
- Antivirus Applications Without Parallel Infrastructure: Cohesity customers can defend their file infrastructure against attacks by running the ClamAV open-source application directly on file data stored on the Cohesity DataPlatform, instead of copying the data onto parallel infrastructure for analysis. SentinelOne, which is also available in the Cohesity MarketPlace, provides up-to-date virus libraries based on machine-learning algorithms directly on the Cohesity DataPlatform.
The Cohesity CyberScan application is generally available to all Cohesity customers as part of the latest Pegasus 6.4 software release.