Product

Druva Managed Data Detection and Response (MDDR): The early warning ransomware smoke-detector

Matt Tyrer, Director of Competitive Intelligence

When it comes to ransomware and other cyber threats, the earlier you know about the attack the faster you can respond and mitigate the damage. This is sometimes also referred to as “shifting left” in terms of the moving up in the timeline for incident response and recovery (IRR). Regardless, it’s just common sense that the sooner you know about a problem the faster you can react to it and resolve the issue. For ransomware, this can mean limiting the number of impacted systems, reducing the amount of corrupted data in your environment, and ultimately expediting your return to regular business operations.

What’s a smoke detector have to do with it?

Picture it: Saturday night, you’re all cozy in bed when suddenly you’re woken by the sound of your smoke detector, you rush downstairs and find that you’d left a candle burning and it had fallen over and caught one of your favourite books on fire. You quickly put out the small fire, clean up, and order a replacement book online (it is your fav after all). The smoke alarm alerted you to the incident and you were able to respond before things got out of hand.

Now, imagine that you didn’t have that smoke alarm – now you’re jolted awake by the sounds of things crashing and a roaring sound. Downstairs you find that the entire living room is up in flames! You grab your phone and call the fire department. When they show up the fire has spread to the kitchen and dining rooms, but the fire department is able to put it out. You call our insurance provider to start the difficult task of trying to replace all the lost possessions – if only you’d been alerted earlier, you could have avoided this disaster.

Druva Managed Data Detection and Response (MDDR): Your Ransomware “Smoke Detector”

Yes, Druva’s Managed Data Detection and Response (MDDR) service IS that early warning solution! Druva MDDR provides threat detection services where Druva actively monitors the security posture of your backup environment, sends alerts to notify you of any potential issues, and assists with the incident response and recovery to accelerate your return to normal operations.

As part of the MDDR service, Druva delivers the following benefits for customers:

  • 24x7x365 monitoring of backups for early threat detection

  • Expert analysis by Druva Incident Response to provide data insights for any anomalous behavior

  • Pre-built response runbooks and automatic lock down of backups to safeguard data 

  • Expedited support and expert assistance to customer IR, backup teams during cyber recovery

How is Druva’s MDDR different from the rest?

While Druva may not be the only vendor in the market that offers something like this, there is one major difference between what we offer and the rest: Druva MDDR is included with your backups. That’s right, currently it’s included for all of our public cloud customers.

Other similar services in the market come with a premium price ranging from tens of thousands of dollars a month (per site!) to $100k+ depending on the vendor and the service. Further to that, when you read the service descriptions from other vendors on the market you’ll find that these monitoring services tend to be focused on just their own operational performance, and alerting on break/fix type activities. No proactive ransomware detection services from them – those “threat hunts” fall on the customers’ shoulders to perform. 

They say a picture is worth a thousand words, so the table below compares Druva’s MDDR services against the available options from other backup vendors in the market:

 

Druva MDDR

Rubrik

Commvault

Cohesity

Veeam

PROACTIVE MONITORING

Threat Detection

Services

 

⚠️$$$

⚠️$$$

🆇 

🆇

Global Threat Intelligence

🆇 

🆇 

🆇 

🆇

INCIDENT RESPONSE

Investigation & ContainmentServices

 

⚠️Separate consulting services

⚠️Separate consulting services

🆇

⚠️Separate consulting services

Recovery

Services

 

⚠️$$$

⚠️$$$

⚠️$$$

⚠️$$$

With Druva MDDR, you get ACTIVE ransomware early warning detection, monitoring, alerting, and response, and these premium services are included - just for being one of our amazing customers! Isn’t it time you looked to the cloud? The Druva Data Security Cloud, that is.

Example MDR timeline