Rubrik delivers cyber threat hunting in battle against ransomware

Now organizations can more accurately identify the last known clean copy of data to prevent reinfection and accelerate recovery.

  • 2 years ago Posted in

Rubrik has introduced new enhancements to its cyber resilience solutions to help better equip customers in the fight against ransomware. With this latest release, organizations can improve ransomware preparedness, respond with more intelligent and integrated tools, and recover from attacks faster. Now with simple UI support and API Driven integrations, including Palo Alto Networks’ Cortex XSOAR, the market-leading extended security orchestration, automation and response (SOAR) platform, security operations teams can recover from attacks faster and reduce the chance of reinfection.

 

According to IDC, more than one third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months. Of these attacks, only 13 percent of organizations attacked or breached reported not paying a ransom.*[1]

 

“Recently, organizations have been targeted more frequently by highly sophisticated cyber attacks that exploit vulnerabilities in legacy backup products, forcing a ransomware payment,” said Dan Rogers, President of Rubrik. “With these new advancements, IT and security teams are able to better protect their enterprise, cloud, and SaaS environments and more quickly recover from cyber attacks without paying the ransom.”  

 

Typically in the event of a cyberattack, organizations have been forced to scan their production systems for malware, which can be difficult, time consuming, and inaccurate. Now with Rubrik threat hunting, organizations can directly scan their backups for indicators of compromise, including ransomware. With this added intelligence, organizations can more accurately identify the last known clean copy of data in order to prevent reinfection during and after recovery. Additionally, Rubrik’s new threat hunting capabilities integrate with Cortex XSOAR threat hunting playbooks for easy identification of compromised data within backup snapshots during post-incident reviews and for simplified reporting to external regulatory agencies.

 

“As the rate and complexity of managing ransomware attacks continues to increase, companies need to leverage automated workflows to recover quickly without paying the ransom,” said Rishi Bhargava, Vice President of Product Strategy for Cortex at Palo Alto Networks. “Rubrik’s integration with Cortex XSOAR enables our joint customers to benefit from prebuilt threat-hunting playbooks to quickly identify new threat activity, recover from ransomware attacks faster, and prevent reinfection from happening during or after the recovery process.”

 

Rubrik’s latest release delivers new capabilities across Data Security, Cloud and SaaS, and Data Protection

 

New Data Security Capabilities

As legacy backup vendors struggle to meet the needs of ransomware protection and recovery, Rubrik continues to make its Zero Trust Data Security platform more robust. For example, Multi-Factor Authentication (MFA) can be globally enforced across the entire platform to help ensure that unauthorized users do not gain access to data.

 

Additionally, Rubrik is expanding its Sensitive Data Discovery service to roughly 60 pre-defined analyzers that can automatically identify and classify more data types, including certain types of Personal Identifiable Information (PII). The ability to discover sensitive business and customer information across environments without production impact can help reduce data risk, including assessing potential damage from an exfiltration attack.

 

New Cloud and SaaS Capabilities

Without Zero Trust Data Security, enterprise productivity tools and business applications in cloud and SaaS environments can be highly vulnerable as well. Rubrik continues to enhance cloud data protection with the following advancements:

 

●               Protection for Azure SQL with Fully-Managed SaaS Support: Expanded Rubrik coverage in Azure cloud ensures Azure SQL can be secured alongside other cloud and on-prem workloads for unified visibility and streamlined policy management.

●               Reduced Blast Radius with Archives for AWS S3: In the event of an AWS production account being compromised by ransomware, cloud data can be recovered through a bunkered account with new credentials. To maintain security, the new account has limited access and deletion rights. 

●               Optimized Cloud Economics: Low-cost daily snapshots for Azure VMs and AWS EC2 instances can save organizations up to 40%.

●               Enterprise-Scale Protection for Microsoft 365: With Rubrik protection for up to 100,000 users, Rubrik customers can recover more application data with restores for Microsoft Exchange contacts and calendars, SharePoint lists and Teams channel posts.

 

New Data Protection Capabilities

Rubrik’s data protection begins with a logical air gap to keep data online for rapid recovery while incorporating proprietary protocols so that attackers cannot discover customers’ data. Additionally, Rubrik’s append-only file system keeps data in an immutable state.

With this latest release, Rubrik is introducing: 

●               Expanded Protection for SAP Databases: Customers can now protect SAP HANA on IBM Power Systems, extending the ability to streamline protection and reduce the need for manual scripting and job scheduling across on-premises and the cloud. 

●               Faster Recovery of Oracle and SQL: Customers with large Microsoft SQL or Oracle databases that have a large number of files will now be able to recover even faster. SQL customers can see up to 3 times improvement in restores and Oracle customers can see up to 25 percent improvement for database recoveries.

●               Enhanced Data Protection with Quicker Backups for Nutanix AHV: Now for Nutanix AHV, users can select individual disks to exclude from their backup to quickly protect only the critical and needed pieces, which frees up time and storage. Also to optimize network bandwidth and provide an extra security layer, the entire Nutanix AHV backup connectivity can be sent over a separate and isolated iSCSI Data Services network. 

 

Customers Validate Rubrik’s Cyber Resilience Solutions 

 

●               “Rubrik is further distinguishing themselves as the leader in Zero Trust Data Security,” said Pankaj Govil, Executive Director, Global Storage Infrastructure of Estée Lauder. “With these new ransomware protection capabilities, it’s clear that they are prioritizing customers' data security and ability to quickly recover after an attack.”

 

●               “Ransomware is top of mind for every IT and security leader today,” said Ruddy Cordero, Senior Director, Infrastructure & Operations of Sesame Workshop. “With Rubrik’s latest ransomware recovery and cyber threat hunting capabilities, they’re continuing to instill confidence among customers that their data is recoverable and secure in the event of a cyber attack.”

 

●               “The reality is, no business is immune from ransomware,” said Rama Arumugam, IT Manager of Plymouth Poultry. “For this reason, it’s more important than ever to proactively prepare for a cyberattack and ensure you have the right data security solutions in place to quickly recover after an attack, and also minimize the chance of re-infection. With Rubrik’s latest product release, they continue to make critical advancements to their ransomware recovery solutions to give customers the ultimate peace of mind.”

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...