Multi-layered ransomware defence

Druva has introduced a series of new capabilities designed to help organisations strengthen their business resiliency. As ransomware attacks surge, occurring as frequently as every 15 seconds and causing more than $11 billion in damages annually, Druva’s new cyber resiliency capabilities are designed to identify, respond and recover from malicious attacks with agility and confidence.

 

As digitisation continues to accelerate, the risk of ransomware only rises, so organisations must take a three-step approach to minimise such risks - detection, resilience, and recovery. In fact, according to Gartner, more than 50% of breaches are undetected for multiple months, which can lead to unrecoverable data corruption.* As the number of threats targeting data and applications continue to grow, reliance on prevention measures alone are insufficient. With the introduction of Druva’s new ransomware recovery features, customers have new and improved ways to prepare for and respond to incidents, including better visibility, automation and orchestration. When integrated with existing security information and event management (SIEM) and security orchestration, automation and response (SOAR) tools, Druva’s air-gapped backups become the foundation for rapidly and securely recovering from ransomware attacks with enhanced capabilities.

 

“Ransomware has become more sophisticated, evolving from encrypting data to deleting backups to now extracting copies of data, which increases the potential damage to your organisation,” said Stephen Manley, Chief Technology Officer, Druva. “Combating these new malicious attacks requires a comprehensive solution. Now, customers can leverage multi-layered ransomware protection and recovery to defend against data loss, accelerate incident response, and simplify recovery, so they can reduce downtime.”

 

To help businesses better secure their data, Druva’s new multi-layered ransomware capabilities include:

 

• Visibility and detection
• Access insights to gain visibility into and mitigate any unauthorized or non-compliant administrative access into the backup environment
• Unusual data activity alerts that leverage machine learning to detect potential ransomware activity and identify last known good snapshots for ransomware recovery
• Action
• Search and delete malicious files across all endpoint backups in your organisation to prevent re-infection, including bulk scanning for IOCs
• SOAR integration for centralized response and recovery via ransomware recovery playbooks
• Recovery
• Scanning for malware during recovery to prevent re-infection from hidden malware files
• Enhanced recovery features that enable orchestrated recovery, with flexible recovery options
• Automatically creates a recovery snapshot from the last known good snapshots at the backup and file level