The new tool uses a database of cyber incident information to identify and prevent attacks.
Veeam is introducing Recon Scanner to better support organizations in protecting backups. Ransomware is increasingly targeting backup data to be more effective. Recovering from such attacks is complex and can be time-consuming. Therefore, preventing significant damage is better than recovering; the new tool can contribute to this.
Recon Scanner is based on Coveware technology, which Veeam acquired earlier this year. Coveware’s database contains extensive information on existing and emerging cyber threats, such as ransomware families, variants, and commonly used access points. This knowledge is essential for identifying attacks.
Tip: Veeam acquires Coveware to better protect customers against ransomware
Active scans
The Recon Scanner is now part of the Veeam Data Platform. It performs regular scans to identify suspicious activity and tactics, techniques, and procedures. These can range from unexpected network connections and unusual behavior to data exfiltration and possible brute force attacks.
Dave Russell, Senior Vice President (SVP) of Strategy at Veeam, says Recon Scanner addresses an existing problem with this. “The unpredictability of dwell time —the period between compromise and attack—makes traditional threat detection and mitigation challenging,” Russell said.
With this tool, organizations can take risk mitigation measures in advance. The active analytics in the Veeam Data Platform identify and address potential attacks before they impact the organization.
The Recon Scanner will be available to Veeam Data Platform Premium subscribers starting in November.
Tip: Veeam focusus on migration and data freedom through hypervisor updates