Quarterly Product Pulse: January to March 2025 Product Updates

At Druva, innovation drives everything we do. This quarter, we’re introducing powerful enhancements and integrations to strengthen your organization’s cyber resilience. From advanced security tools and expanded Microsoft support to major Druva GovCloud updates, these features help safeguard critical data, ensure compliance, and streamline operations. For more details and information on additional features not covered here, check out our product documentation. Now, let’s explore what’s new.

Druva Integration with Microsoft Sentinel 

Druva's new integration with Microsoft Sentinel enables organizations to better manage ransomware detection, response, and recovery through seamless collaboration between IT and SecOps tools. Here are the key highlights:

• Druva events data connector: Stream Druva security and operational events directly into Microsoft Sentinel. Gain real-time alerts for suspicious admin activity, data anomalies, unusual access events, and backup policy changes. 

• Bidirectional synchronization: Execute a Druva action directly from Sentinel. Streamline threat response, automate workflows, and accelerate recovery, benefiting MSSPs with simplified co-managed SIEM services. 

• Microsoft Security Copilot integration: Druva offers the first Microsoft Security Copilot plugin for data security. It leverages AI to enhance threat detection, reduce investigation time, and improve compliance efforts.

• Seamless automation in Microsoft Sentinel: Druva’s integration includes pre-built data connectors and five exclusive playbooks, offering automated and scalable responses to security threats. 

• Enhanced visibility and compliance: Centralized management in Sentinel, coupled with Druva's data protection insights, helps streamline audits, threat hunting, and compliance reporting, and enables proactive threat mitigation.

With Druva and Microsoft Sentinel, you gain a unified solution to simplify security processes while bolstering system resilience. More information.

Druva’s Curated Threat Intelligence and IOC Library Integration

We’re thrilled to unveil the Druva-curated Threat Intelligence (Druva-published IOC Sets), a powerful enhancement designed to improve your cyber resilience through advanced threat detection and streamlined IOC (Indicators of Compromise) management. Here are the key benefits of this feature:

• Centralized IOC library: Manage all your threat intelligence in one easy-to-access hub, including custom-created IOC sets and Druva-published IOC sets. You can also organize IOCs by malware or ransomware families for streamlined monitoring and scanning.

• Trusted threat intelligence: Druva-published IOC Sets are sourced from widely recognized sources like CISA advisories and regularly updated for the latest threat coverage.

• Proactive threat hunting: Scan VMware and EC2 backups with Druva IOCs to detect malware before it spreads and ensure clean data during restores.

• Seamless integration: Utilize IOC sets when scanning data with our advanced cyber resilience features, such as Restore Scans, Sandbox Recovery, and Curated Snapshots.

Don’t wait for cyber threats to knock at your door. Harness Druva’s state-of-the-art IOC library and fortify your malware defense. More information.

Curated Snapshot Feature Enhanced with New Scan Options

The Curated Snapshot feature now includes two distinct scan options to optimize malware detection and recovery efforts. Whether you're looking for quick routine scans or deep post-breach investigations, we’ve got you covered with this streamlined and efficient enhancement. The following two options are available for scanning:

• Quick Scan (Default): Quick Scan is designed for fast and efficient performance, making it ideal for everyday use. It focuses on scanning specific file types commonly targeted by malware and recently modified files, ensuring rapid malware detection with minimal impact on your system’s performance. 

• Deep Scan: Deep Scan offers a thorough and all-encompassing malware detection process, scanning every file type on your system. It’s perfect for handling post-breach scenarios or when a suspected infection requires a comprehensive investigation. While it takes more time to process, especially with larger datasets, it provides the ultimate level of security assurance.

Quick Scan is the default option for most scenarios, but if it’s disabled, Deep Scan will automatically take over. Both scan options are seamlessly integrated into the Curated Snapshot workflow, giving you full control and visibility when creating and managing snapshots. These new scan options provide a tailor-made, more reliable recovery process, giving you peace of mind and robust protection for your critical data. More information.

Threat Hunting for Azure Virtual Machines

With Threat Hunting for Azure VMs, you can now leverage cutting-edge tools for more effective threat detection and response. Here’s how it works for you: 

• Malware IOC search: Quickly search for malware Indicators of Compromise (IOCs) to identify and assess potential threats. 

• Infection scope and timelines: Visualize the scope and duration of infections to better understand their impact and act accordingly. 

• Automated quarantine: Protect your Azure environment by automatically isolating infected snapshots, stopping reinfection and further spread of malware. 

• Rich metadata: Leverage the comprehensive metadata to supercharge investigations and uncover the root cause of threats faster.

Threat Hunting for Azure VMs provides enhanced visibility, faster response times, and automated defenses, giving you the confidence to stay ahead of potential security risks. More information.

Strengthen Azure Virtual Machine Security with Quarantine Bay

Quarantine Bay is a powerful feature that allows you to isolate infected Azure VM snapshots to stop ransomware from spreading. Once quarantined, administrators and users are restricted from downloading or restoring data, ensuring that infected files no longer pose a risk to your environment. By restricting access to compromised data, this feature provides the following benefits:

• Contain the threat immediately: Isolate infected snapshots to prevent further infection across your infrastructure. 

• Restore safely: Access clean snapshots to restore operations without risking reinfection. 

• Flexible quarantine options: Choose between manual quarantining or automating the process using Ransomware Recovery APIs integrated with third-party security tools. 

Quarantine Bay not only isolates infected snapshots, but also ensures speedy recovery. Quickly restore operations using clean, unquarantined snapshots that you trust, minimizing downtime and operational disruptions. More information.

Azure Cloud Storage Integration

Druva and Microsoft have joined forces to redefine cloud data security. You now have the ability to select Azure Storage as your preferred cloud storage option, alongside AWS. This integration is tailored to align with your unique business requirements, delivering strategic benefits while improving operational efficiency. Here’s what this means for Druva customers:

• Cloud flexibility: Secure and protect your cloud and on-premises workloads with the flexibility to choose Azure storage. Align your cloud strategy to meet business resilience goals, reduce costs, and adapt seamlessly to changing requirements. 

• Operational efficiency: Integrate effortlessly with your existing Azure cloud strategy. By minimizing integration efforts, you can focus on driving results and increasing efficiency across your organization. 

• Global deduplication: Save up to 40% on storage costs with Druva’s global deduplication engine, reducing Azure storage consumption and optimizing resource usage. 

• Unlimited scalability: With Druva, scale on demand without additional hardware or software. Our true cloud-native solution eliminates infrastructure complexities, ensuring business agility. 

• Unified data security: Gain a single-view of your data security across end-user devices, cloud workloads, and SaaS applications. Empower your team to respond proactively to potential threats.

Whether you operate within a single cloud or manage a multi-cloud environment, Druva is here to innovate and simplify your data protection strategy. More information.

Comprehensive Data Protection for Microsoft Dynamics 365

Druva for Dynamics 365 addresses the gaps left by Microsoft’s native solution with advanced protection capabilities, seamless backups, and effortless recoveries to both sandbox and production environments. Benefits include:

• Granular recovery: Restore individual entities, relationships, records, or metadata, minimizing downtime and keeping operations moving smoothly.

• Customizable retention policies: With Druva’s flexible retention policies, you can store data as long as your business and regulatory requirements demand, ensuring compliance without compromise.

• Air-gapped backups for unmatched security: By securely isolating critical backups in Druva’s Data Security Cloud, we protect you against the growing threats of ransomware and malware attacks.

• Search and compare: Quickly search to compare specific timestamps and records to identify changes and suspected anomalies.

• Restore to sandbox or production: Restore data to a sandbox for testing or directly to your production environment — ensure the restoration of clean data only, and prevent reinfection.

Druva’s solution for Dynamics 365 is built to fortify your critical data, simplify recoveries, and facilitate operational resilience. More information.

Druva GovCloud Updates

Druva GovCloud allows federal, state, and local public sector organizations to get the benefits of Druva and meet their compliance requirements, ensuring the safeguarding of citizen data and seamless delivery of essential services. Backed by leading certifications, Druva GovCloud is ideal for the needs of both U.S.-based and international government organizations alike. 

For U.S. organizations, Druva GovCloud (FedRAMP Moderate ATO) is hosted on AWS U.S. GovCloud, a sovereign cloud dedicated to U.S. government agencies and contractors. Druva simplifies compliance with industry standards, including HIPAA, FIPS 140-2, and StateRAMP, while offering scalable and secure infrastructure. Among the first vendors to achieve FedRAMP Moderate Authorization for Microsoft 365 and endpoint data protection, it has supported hundreds of thousands of government end users since 2017. In addition to endpoints and SaaS applications, Druva recently announced it has extended its coverage to data center workloads.

The latest upgrade to Druva GovCloud introduces powerful cyber resilience features designed to enhance data security. These include the Security Command Center for centralized threat visibility, Curated Snapshots to streamline hybrid workload recovery, and Threat Hunting capabilities for proactive defense against advanced threats. Together, these features empower public sector organizations to strengthen their data security posture and stay resilient as threats evolve. More information.

Conclusion

With every enhancement, Druva is committed to empowering organizations with the tools they need to tackle today’s security challenges while preparing for tomorrow. Our curated threat intelligence, seamless integrations with Microsoft solutions, enhanced malware detection capabilities, and GovCloud updates represent a major leap in data protection, operational efficiency, and cyber resilience. 

Explore these new features, and see how Druva can help you protect what matters most, all within the simplicity and scalability of our cloud-native platform. Experience our product without any commitment, take a product tour.