Veritas 360 Defense Cyber Resilience On-Prem and Across Clouds

Veritas Technologies announced 360 Defense, an extensible architecture in its space that brings together data protection, data governance, and data security capabilities.

360 Defense delivers a set of cyber resilience capabilities integrated with security vendors, such as CrowdStrike, Inc., CyberArk Software Ltd., Qualys, Inc., Semperis and Symantec by Broadcom. It has been battle tested vs. real-world ransomware variants in the Veritas REDLab.

Recent research ^(*) has shown that it takes 73 days, on average, to identify and contain a ransomware attack.

Matt Waxman, SVP and GM, data protection, said: “When malware hits data that’s spread across today’s complex, heterogenous, multi-cloud environments, the response is typically managed by multiple teams using disparate tools. This can prolong the time it takes to recover – or even make recovery impossible. 360 Defense uniquely addresses these challenges by unifying data security, data protection and data governance with our security ecosystem so organizations can recover quickly, know who accessed data and proactively mitigate threats.”

Click to enlarge

360° blueprint for cyber resiliency
Built on a proven foundation of the company’s native security capabilities across data security, data protection and data governance, the 360 Defense reference architecture takes cyber resiliency to the next level by adding REDLab Validation, new product capabilities and integrations with security partners:

Veritas REDLab

A program for Veritas offerings and integrated security partner solutions, REDLab tests and documents product integrations providing organizations with validated best practices and deployment blueprints to mitigate risk. By purposefully subjecting the integrated solutions to real-world ransomware attacks in the company’s state-of-the-art, isolated, REDLab test environment, customers can be assured that the firm’s validated solution will protect their data, detect threats and allow them to recover with confidence.

Cyber resiliency features in Veritas portfolio
The company is bolstering its cyber recovery capabilities by adding malware scanning for new workloads, including Kubernetes, anomaly detection of administrator actions and data entropy, simplified recovery malware scanning workflows and additional support for Azure Active Directory. In addition, multi-person authorization for critical operations has been added to further harden backup and recovery infrastructure.

Expanded ecosystem of security partner capabilities integrated with 360 Defense, including:

• Advanced threat protection during pre- and post-incident recovery with the discovery of compromised systems and critical vulnerabilities for restoration, leveraging attack-surface visibility and AI-powered vulnerability management capabilities of the CrowdStrike Falcon platform.
• Advanced privileged access management with credential management to enable security teams to securely access, administer and configure the various solutions and workloads across the Veritas partner ecosystem for 360 Defense. The partner integrations leveraged CyberArk’s API-first approach, developer friendly tools and utilities to simplify securely adding new partners to the ecosystem.
• Assessment, prioritization and remediation of ransomware-causing vulnerabilities and backup storage through Qualys, so recoveries are always free of misconfigured or ransomware-causing vulnerabilities.
• Automated, malware-free Active Directory (AD) forest recovery and forensics to cut AD downtime by 90% and eliminate backdoors, attack paths and other vulnerabilities attackers left behind in the environment – through Semperis.
• Protection from threats to primary and secondary data sets through Symantec.

Bill Driver, VP, IT, Rio Hotel & Casino, a Dreamscape Companies property, said: “We trust Veritas, with solutions like the Veritas Alta cloud data management platform, to help us protect our data as a key part of an overall security posture that includes a variety of security vendors. Knowing that Veritas is extending its relationships with other vendors that we rely on will enable us to follow simple validated designs to ensure that solutions interoperate. With Veritas and its partners taking on this role, our team is free to focus on transformational activity, confident that we’re protected against cyberattacks.”

Krista Macomber, data protection, security and cyber resiliency analyst, The Futurum Group, said: “An expanding threat landscape means that enterprises are having to introduce more security solutions than ever before to stay ahead of bad actors. But these tools don’t always work well together, which can lengthen the time to contain, and recover from, an attack. Selecting products from an ecosystem that have been pre-tested to ensure security and interoperability can give enterprises the confidence to bounce back faster from a cyberattack and lower the costs associated with a breach in their defenses.”

Joe Nocera, PwC (PricewaterhouseCoopers International Ltd.) said: “PwC sees significant value in organizations being able to remove the confusion and complexity associated with protecting their data against security threats using industry leading solutions from multiple industry leading vendors. We work with the world’s largest organizations who are undertaking transformation projects that span global networks. Being able to deploy pre-tested solutions from a tightly knit ecosystem of vendor partners, using validated designs, can vastly simplify the protection process and helps establish their overall security posture.”

Daniel Bernard, CBO, CrowdStrike, said: “Organizations need a robust IT hygiene practice to help security teams respond faster and ensure business resilience in the face of threats. By partnering closely with other industry leading players, like Veritas, we can help customers pinpoint the most critical exposures with prioritized insights and extended visibility to stop breaches and rapidly rebound from adversarial threats.”

Clarence Hinton, CSO, and head corporate development, CyberArk, said: “Securing identities, both human and machine, is the best way to minimize business risk, improve productivity and guard against malicious cyberattacks. The CyberArk Identity Security Platform secures both standing and just-in-time privileged access across the entire organization using intelligent privilege controls. By participating in a strong security ecosystem with partners, like Veritas, we’re helping customers rapidly achieve their compliance objectives and safeguard all lines of defense.”

Shailesh Athalye, SVP, product management, Qualys, said: “We are thrilled to partner with Veritas to help common customers proactively assess and prioritize with TruRisk and remediate the risk of ransomware-causing vulnerabilities and misconfigurations before they become the cause of the cyber attacks. Integrated with 360 Defense, Qualys Vulnerability Management, Detection and Response (VMDR) with Integrated Patch Management capabilities delivers the best cyber resilience on-prem and across the cloud.”

Darren Mar-Elia, VP, products, Semperis, said: “Semperis is on a mission to be a force for good in the fight against ransomware operators and other bad actors. We’re constantly innovating to deliver the industry’s most comprehensive protection for hybrid identity environments, and Active Directory forest recovery is a critical component of our layered defense approach. Partnering with data protection and backup leaders, like Veritas, means our joint customers benefit from integrated and holistic ransomware response capabilities across multiple specialties.”

Alex Au Yeung, CPO, Symantec enterprise division, Broadcom, said: “Reducing threats to data requires working together with key partners, like Veritas, so that we can minimize the risk of accidental data exposure, loss or malicious breach. Symantec provides technology to ensure an organization has a full, accurate inventory of their sensitive data and provides solutions to increase the security posture relating to user access and device security to reduce the risk of a successful ransomware attack. Partnering with a data management company, like Veritas, means our customers can be assured of a clean cyber recovery.”

^(*) Source: Cost of a Data Breach Report 2023, IBM Security

Resource
Blog: Veritas 360 Defense, Get Real About Cyber Resilience