Veeam 23H2 update adds malware detection and Sophos partnership

Veeam 23H2 update adds malware detection and Sophos partnership

Veeam unveiled the Data Platform 23H2 update at its Resiliency Summit. What stands out is that there is a lot of focus on cybersecurity.

CTO Danny Allan explained the new features for the Veeam platform prior to the event. “Cybercriminals are getting smarter and are specifically targeting backups,” Allan said. He sees a new reality emerging in the cyber landscape. Whereas in the security world today the view often prevails that “it’s not a question of if you get hacked, but when,” Allan now adds that it’s a question of how often you get hacked.

Bringing IT and security teams together

Therefore, many features are focused on helping to prepare for security incidents. To do this, Veeam wants to bring IT and security teams closer together so they can overcome ransomware together. First, Veeam wants to accomplish this by bringing malware detection to its platform. The platform now performs inline entropy and file extension analysis during the backup job for instant detection. Also, SIEM tools can now pass infection data directly through the Veeam Incident API, which marks existing restore points as infected or triggers out-of-band backups in response.

Veeam’s platform additionally enables point-in-time recovery for the moment before an infection. The I/O Anomaly Visualizer is available for this purpose, which should ensure that as little data as possible is lost. New infections should be prevented using YARA (Yet Another Recursive Acronym) content analysis.

Another update comes with the new Veeam Threat Center, where users can highlight threats, identify risks and measure an environment’s security score. The 23H2 update adds further immutability support, to build in more assurance that deleting or encrypting backups does not happen.

Sophos partnership

Another thing we find notable is that Veeam is partnering with Sophos. The Veeam Data Platform will have an integration with Sophos Managed Detection and Response. This should provide additional threat detection and response capabilities to better protect backups from attempted manipulation or deletion by cybercriminals.

Tip: Veeam releases Kasten K10 V5.0 with stronger Kubernetes security