1 min

With Coveware, Veeam gains new incident response options. Coveware’s technology and staff deal with ransomware assessment and negotiation to end downtime as quickly as possible.

Coveware is used mainly by cyber extortion victims, but the service can also help enterprises prepare for incident response. Coveware has been around since 2018 and has expanded into forensic triage, extortion negotiation, financial settlements, and decryption services. By dealing with incidents in this way, Coveware has considerable insights into cybercriminals’ patterns. As a result, the company understands the current threat landscape well.

Coveware’s technology runs in organisations’ operational environment to analyse the impact. It identifies the ransomware, identifying the straint, group and entry point. Then the technology helps recover encrypted data from known ransomware groups. In addition, Coveware employs threat experts who are experienced in assessing, preventing and recovering from cyber attacks, primarily for enterprises.

Een infographic met de titel "coveware's incident response swimlane" met pictogrammen en tekst die vier fasen beschrijven: beoordeling, onderhandeling, afwikkeling en beëindiging van de downtime.

Coveware’s position

Certain functionalities of Coveware will, therefore, be integrated into the Veeam Data Platform and the Veeam Cyber Secure Program. Thus, the technology should complement Veeam’s backups and other capabilities. Coveware will continue to operate largely separately but will carry the name Coveware by Veeam.

It is not known how much Veeam is paying for Coveware. Until now, Casteware has been Veeam’s main acquisition. In late 2020, Veeam pulled this technology to move into Kubernetes backup.

Tip: Veeam commits to Kubernetes Backup with Kasten acquisition