Press Release

Druva Introduces New Multi-Layered Ransomware Defense to Combat Rising Threats

Advanced ransomware recovery enhancements and technology integrations bring ability to identify, respond at scale and recover with confidence

SUNNYVALE, Calif. ‒ DxP 2020 ‒ November 17, 2020 ‒ Druva Inc., the leader in Cloud Data Protection and Management, today announced a series of new capabilities designed to help organizations strengthen their business resiliency. As ransomware attacks surge, occurring as frequently as every 15 seconds and causing more than $11 billion in damages annually according to research by Cybersecurity Ventures, Druva’s new cyber resiliency capabilities are designed to identify, respond and recover from malicious attacks with agility and confidence.

As digitization continues to accelerate, the risk of ransomware only rises, so organizations must take a three-step approach to minimize such risks – detection, resilience, and recovery. In fact, according to Gartner, more than 50% of breaches are undetected for multiple months, which can lead to unrecoverable data corruption.* As the number of threats targeting data and applications continue to grow, reliance on prevention measures alone are insufficient. With the introduction of Druva’s new ransomware recovery features, customers have new and improved ways to prepare for and respond to incidents, including better visibility, automation and orchestration. When integrated with existing security information and event management (SIEM) and security orchestration, automation and response (SOAR) tools, Druva’s air-gapped backups become the foundation for rapidly and securely recovering from ransomware attacks with enhanced capabilities.

“Ransomware has become more sophisticated, evolving from encrypting data to deleting backups to now extracting copies of data, which increases the potential damage to your organization,” said Stephen Manley, Chief Technology Officer, Druva. “Combating these new malicious attacks requires a comprehensive solution. Now, customers can leverage multi-layered ransomware protection and recovery to defend against data loss, accelerate incident response, and simplify recovery, so they can reduce downtime.”

To help businesses better secure their data, Druva’s new multi-layered ransomware capabilities include:


  • Visibility and detection


    • Access insights to gain visibility into and mitigate any unauthorized or non-compliant administrative access into the backup environment
    • Unusual data activity alerts that leverage machine learning to detect potential ransomware activity and identify last known good snapshots for ransomware recovery


  • Action


    • Search and delete malicious files across all endpoint backups in your organization to prevent re-infection, including bulk scanning for IOCs
    • SOAR integration for centralized response and recovery via ransomware recovery playbooks


  • Recovery


    • Scanning for malware during recovery to prevent re-infection from hidden malware files
    • Enhanced recovery features that enable orchestrated recovery, with flexible recovery options
    • Automatically creates a recovery snapshot from the last known good snapshots at the backup and file level

Over the last several months, Druva has developed a series of technology integrations designed to help customers strengthen their cyber resilience and overall security posture. In June, Druva announced an API integration with FireEye, extending visibility and control over endpoint backup data to monitor, analyze, detect and respond to data breaches. The company has also introduced security orchestration, automation and response integrations category leader Palo Alto Networks, releasing a recovery playbook to automate recovery operations with Cortex XSOAR to ensure rapid recovery from malware attacks.


About DxP 2020

The DxP 2020 virtual summit hosted by Druva provided industry professionals with the opportunity to learn from engaging keynotes by industry leading thought leaders, technology vendors and trailblazers of today’s cloud disruption. The summit explored educational in-depth breakout tracks, product demonstrations, real-life examples, case studies and practical techniques applicable to your work right away. Keynotes and sessions from the event are available on-demand at



Ransomware recovery will be generally available the first half of 2021.

*Gartner, Avoid Ransomware Disasters With a Better Backup and Recovery Strategy, Doc # G00392054. Published: July 2019.

About Druva

Druva is the leading provider of data security solutions, empowering customers to secure and recover their data from all threats. The Druva Data Security Cloud is a fully managed SaaS solution offering air-gapped and immutable data protection across cloud, on-premises, and edge environments. By centralizing data protection, Druva enhances traditional security measures and enables faster incident response, effective cyber remediation, and robust data governance. Trusted by over 6,000 customers, including 65 of the Fortune 500, Druva safeguards business data in an increasingly interconnected world. Visit and follow us on LinkedIn, Twitter, and Facebook.

Media Contact:

Justin Augat VP, Product Marketing & Communications Druva Inc. +1.508.846.7518