Security company Rubrik is integrating threat detection technology from Mandiant into its backup solutions. This allows Rubrik customers to run scans on their backups to discover if there are threats, malware, backdoors, or other maladies hiding in there.
According to a Mandiant report, it takes less time for companies to discover their systems have been compromised. However, the median time between infection and discovery is still 10 days. More than enough time for malicious software to end up in a backup.
Backups are invaluable in restoring systems after a cyberattack, that is a truism if there ever was any. But what if those backups themselves have been compromised? That is exactly what both companies want to prevent as much as possible through this partnership. To do so, the companies will deploy knowledge gained in recent times “on the front lines” of some of the most impactful breaches.
Irreparable damage
Ransomware attacks lead to months of recovery processes for organizations, said Steve Stone, head of Rubrik Zero Labs, Rubrik’s research division. “Which can result in irreparable damage to the business. With Mandiant, we are able to demonstrably lessen the impact window of ransomware attacks while simultaneously increasing the capabilities available to customers in need —from threat intelligence to rapid access to incident response teams.”
Three pillars underpin the partnership: first, Mandiant Threat Intelligence is integrated directly into Rubrik Security Cloud. This helps speed up detection of intrusion attempts, active malware campaigns and live mapping of new threats. The goal is to eliminate the threat before it can do its evil work.
Clean Room in Google Cloud
In addition, it is now possible to apply Rubrik’s Clean Room Recovery for backups in a specially optimized Google Cloud environment (after all, Mandiant is part of Google). This is also possible in a multi-cloud environment to increase customer flexibility.
Tip: Mandiant reports at least 165 Snowflake customers affected in hacking campaign
Finally, Rubrik and Mandiant’s response teams are working more closely together. In doing so, Rubrik’s team focuses primarily on data recovery and securing backups (already the company’s focus). Mandiant’s watchdogs are actively going after intruders attempting to intrude, and will quickly respond to incidents.
The collaboration between the two companies comes at a tumultuous time for cybersecurity companies, with one acquisition after another taking place. In any case, last quarter ended positively for Rubrik, which exceeded analysts’ expectations immediately after it debuted on the stock market.
Good quarterly figures, no profits yet
Quarterly revenue was $187.3 million at the time, 38 percent higher than the same quarter a year earlier. The IPO in April also made more money than predicted by the outside world, at 752 million dollars (701 million euros then, 688 million euros now).
These lofty numbers contrast with Rubrik’s real financial situation. In fact, the company is still losing money. Last year, it had a net loss of 354.2 million dollars (about 324 million euros), more than in the previous fiscal year, when it lost ‘only’ 277 million dollars.
Also read: Cybersecurity challenges keep CISOs awake at night