Cyber-resilience dominates the latest Rubrik features, with a dozen new protection points in its latest rollout that it says will help detect, repel, and recover from cyberattacks.
The company is moving its protection product line across more environments, including the public cloud, SaaS and on-prem apps, and enhancing its ability to detect threats and verify user identities.
Arvind Nithrakashyap, Rubrik CTO and co-founder, stated: “We are seamlessly integrating new technologies across the world’s major cloud platforms, SaaS offerings, and on-premises so our customers can better detect compromised data, enhance the speed of identifying affected data, and accelerate the discovery of clean entry points.”
The new capabilities in the public cloud include:
- Cloud Posture Risk Management (CPR), which automatically discovers and inventories cloud data assets, identifying unprotected or sensitive data en route.
- Oracle Cloud Protection: Rubrik Security Cloud (RSC) will support data protection for Oracle Cloud Infrastructure (OCI) beginning with Oracle databases and Oracle Cloud VMware Solution (OCVS).
- Azure DevOps and GitHub Backup: Rubrik now protects Azure DevOps and GitHub with automated backups, granular recovery, extended retention, and compliance coverage.
- Rubrik Cloud Vault (RCV) for AWS provides a secure off-site archival location, with flexible policies and/or regions, and immutable, isolated, logically air-gapped off-site backups, role-based access controls, encryption, and retention locks.
The SaaS area has two items, enhanced protection for Microsoft Dynamics 365 and Sandbox Seeding for Salesforce, which is planned for later this year. Users can select objects and records depending on specific criteria to prevent seeding errors by analyzing data selection size versus destination size availability before moving data to the sandbox environment. Users will be able to save queries for future repetitive use.
The on-prem world gets Identity Recovery across Entra ID and Active Directory (AD). It includes orchestrated Active Directory Forest Recovery to restore entire identity environments without reintroducing malware or misconfigurations.
Rubrik now protects PostgreSQL with data backup, availability, and recoverability. It has also added Red Hat OpenShift support with automated, and immutable backups and fast recovery.
The company has extended its anti-malware functionality:
- New security features for Azure and AWS, which use machine learning and automation, include Anomaly Detection, Data Discovery, and Classification, and soon, Threat Hunting and Threat Monitoring. They are all designed to work together “to proactively detect and mitigate cyber threats, accelerate recovery, and ensure sensitive data remains protected and compliant.”
- Rubrik is planning to extend its Orchestrated Recovery capabilities to the cloud beginning with Azure VM and featuring automated recovery sequences, regular test recovery scheduling, and recovery reports to reduce human error.
- Turbo Threat Hunting scans at scale by using pre-computed hashes in Rubrik’s metadata, with no need for file-by-file scanning. It claims clean recovery points can be found in seconds. Testing found Turbo Threat Hunting scans 75,000 backups in up to 60 seconds.
- Enterprise Edition for Microsoft 365 is covered with Sensitive Data Discovery, to identify and protect high-risk data before an attack happens, and Prioritized Recovery, which restores critical data first. Coming soon are Anomaly Detection, Threat Monitoring, Threat Hunting, and Self-Service Recovery capabilities.
Nithrakashyap says: “Cybercriminals won’t stop innovating, and neither will we. Our utmost priority is the security, safety, and appropriate accessibility of our customers’ data, regardless of where the data lives.”
As long as cybercriminals invent new methods and attacks, Rubrik can respond with new features to keep its subscription-paying customers feeling safe and ready to repel attacks.
Bootnote
Rubrik itself suffered a security intrusion last month. A February note by Nithrakashyap says the company “recently discovered anomalous activity on a server that contained log files.” It took the server offline. “An unauthorized actor accessed a small number of log files, most of which contained non-sensitive information. One file contained some limited access information … We have rotated keys to mitigate any residual risk, even though we found no evidence that access information was misused.”
He emphasizes that “after a detailed analysis with the third party partner, we have found no evidence of unauthorized access to any data we secure on behalf of our customers or our internal code.”
