Ramping up your ransomware recovery strategy

Earlier this year, we published a blog on ransomware recovery best practices that highlighted Druva’s data protection and ransomware recovery features relative to the NIST Cyber Security Framework, and launched our “Insider’s guide to defending against ransomware” eBook. This was an important step in our journey to increase the awareness of data protection as a vital part of any cybersecurity strategy.

In the few short months since that publication, ransomware attacks have continued to accelerate, including targeted attacks against our healthcare providers across the country. While data backup and recovery can’t halt a ransomware attack, it is a critical last line of defense to protect your data when malware strikes.

Announcing new ransomware recovery features

Today, Druva is extending our cyber resiliency capabilities to identify, respond, and recover with confidence from ransomware attacks. When combined with our recent announcements of SIEM and SOAR integrations, Druva’s air-gapped backups become the ideal foundation to rapidly and securely recover from ransomware attacks.

New features include:

  • Access insights to gain visibility into and mitigate any unauthorized or non-compliant administrative access into the backup environment
  • Unusual data activity alerts that leverage machine learning to detect potential ransomware activity and identify last known good snapshots for ransomware recovery
  • Search for and delete malicious files across all endpoint backups in your organization to prevent re-infection
  • Enhanced recovery features that enable orchestrated recovery, with flexible recovery options
  • Security orchestration and automated response (SOAR) integration with Cortex XSOAR by Palo Alto Networks for centralized response and recovery via ransomware recovery playbooks
  • Security information and event management (SIEM) integration with FireEye for end-to-end cyber security monitoring within our customer ecosystem

One of the most valuable aspects of using cloud data protection for ransomware recovery is our ability to continuously innovate with new features and functionality. We’ll be introducing even more new features in the months to come.

More value to our customers

Multi-level ransomware protection and recovery defends our customers’ businesses against data loss, accelerates incident response, reduces downtime, and simplifies recovery. Druva’s zero-trust architecture provides defense in depth against cyber attacks.

We deliver:

  • Protected backups: Air-gapped backups are protected from infection, with strong encryption and access controls to prevent malicious activities
  • Fast detection: Anomaly detection and alerts identify and isolate infections in backup files allowing customers to quickly identify last known good backups
  • Rapid response: Identify and quarantine infected files, search for IOCs across multiple data sources to prevent contamination spread
  • Recover with confidence: Multiple recovery options to quickly recover endpoint devices, including auto creation of recovery snapshots, bulk recovery and IOC scanning during restores

Learn more

DxP, the cloud data protection summit, is already underway today, but it’s not too late to register to dive deeper into our cyber resilience features. For more ransomware recovery insights, check out our eBook, “Insider’s guide to defending against ransomware”  — and make sure you’re prepared when ransomware strikes.