Cohesity expands security capabilities

Identifying and addressing vulnerabilities has become a major challenge for enterprises today. According to a recent survey, the majority of organizations that suffered a data breach in the past two years say it was caused by a known vulnerability that had not been patched. The survey also found that 37 percent of organizations say they don’t even scan for vulnerabilities.

 

The Cohesity CyberScan application makes it easy to assess systems for vulnerabilities. Available on the Cohesity MarketPlace, the application works by scanning backup copies on Cohesity DataPlatform (instead of the live production copy) to identify any vulnerabilities across an organization’s IT environment, including the operating system, computer, network devices, and configurations. The application gives a global view of all vulnerabilities through an easy-to-read security dashboard along with actionable recommendations on how to address exposures before hackers exploit them. 

 

This application utilizes Tenable.io for vulnerability management in the Cloud to locate exposures against regularly published entries within the public Common Vulnerabilities and Exposures (CVE) database. The application also takes advantage of Cohesity’s unique architecture. This architecture allows organizations to run applications directly on the Cohesity cluster, where the data sits, rather than moving data to a separate application environment.

 

“This is the first application we’ve seen that focuses on assessing systems for exposures, such as vulnerabilities, within backup data,” said Ray Komar, vice president of technical alliances, Tenable. “We believe this innovative approach provides enterprises with a novel and cutting-edge way to harden and improve their security posture across their IT environments.”

 

“The Cohesity CyberScan application offers a much more efficient way for us to discover vulnerabilities by scanning backup data within Cohesity rather than drawing resources from our production environment,” said Mike O'Rourke, Director of IT, Lighthouse Resources Inc. “Our disaster recovery is also more dependable now with this new ability to easily identify which backups are potentially compromised and which we can trust for instant recovery.”

Additionally, the application helps IT professionals perform backup verification, ensuring that a given backup snapshot is recoverable. It also eliminates the risk of re-injecting known or previously addressed vulnerabilities back into the production environment when performing a recovery job.

 

The application also gives organizations the ability to run scans on backup data on a frequent basis, instead of waiting for weeks or months to schedule scans in the production environment, which further reduces opportunities for data breaches. This process does not impact production performance or require that scans be run during a maintenance window.

 

“Businesses today need an IT environment that runs 24-7 and want to avoid recovering VMs with known vulnerabilities,” said Raj Rajamani, vice president of product management, Cohesity. “While we are focused on empowering customers to make backup data more productive, we are also proud to introduce an industry-first solution that helps customers easily identify exposures, such as vulnerabilities and misconfigurations, without putting any additional burden on their mission-critical operations.”

 

“IT is measured by SLAs and with this new capability, Cohesity has addressed key obstacles to help organizations meet their security and recovery objectives,” said Phil Goodwin, research director, cloud data management for protection, IDC. “The Cohesity CyberScan application leverages backup copies to provide important visibility into production systems, performs backup verification for ensuring recoverability, and helps IT avoid re-injecting vulnerabilities while recovering from any backup snapshot, all with no impact to their production environment or data."