New solution uses backup data to find vulnerabilities
Finding and addressing vulnerabilities is a major headache for businesses, left unattended they can lead to cyberattacks and data breaches.
Data management company Cohesity is looking to make detection easier with a new application that uses backup data to assess the vulnerabilities, or risk posture, of an enterprise's IT environment.
Cohesity CyberScan works by scanning backup copies on Cohesity DataPlatform (instead of the live production copy) to identify any vulnerabilities across an organization's IT environment, including the operating system, computer, network devices, and configurations. The application gives a global view of all vulnerabilities through an easy-to-read security dashboard along with actionable recommendations on how to address exposures before hackers can exploit them.
It makes use of Tenable.io data for vulnerability management in the cloud to locate exposures against regularly published entries within the public Common Vulnerabilities and Exposures (CVE) database.
"This is the first application we've seen that focuses on assessing systems for exposures, such as vulnerabilities, within backup data," says Ray Komar, vice president of technical alliances at Tenable. "We believe this innovative approach provides enterprises with a novel and cutting-edge way to harden and improve their security posture across their IT environments."
Because it works on backup data organizations can run scans on a more frequent basis, instead of waiting for weeks or months to schedule scans in the production environment, which further reduces opportunities for data breaches. This process doesn't impact production performance or require that scans be run during a maintenance window.
"Businesses today need an IT environment that runs 24-7 and want to avoid recovering VMs with known vulnerabilities," says Raj Rajamani, Cohesity's vice president of product management. "While we are focused on empowering customers to make backup data more productive, we are also proud to introduce an industry-first solution that helps customers easily identify exposures, such as vulnerabilities and misconfigurations, without putting any additional burden on their mission-critical operations."
You can find out more on the Cohesity site.