Commvault made Metallic ThreatWise generally available. The solution finds zero-day threats by provoking attacks.
Some security solutions rely on threat intelligence. Major security vendors examine patterns in cybercriminal behaviour, after which software and hardware vendors incorporate the data into their products and firmware. As a result, security solutions are able to distinguish between malicious traffic and normal traffic.
The model has weaknesses. Whenever a cybercriminal uses a new method, vendors may take a while to recognize and disclose the pattern. In the meantime, the method is a blind spot for security solutions that rely on threat intelligence. Such threats are known as zero days.
Commvault has been working on a solution for detecting zero days. Metallic ThreatWise was recently made generally available. The solution deploys decoys to provoke unknown attackers that lurk in an IT environment. The system finds threats that went undetected for whatever reason. Commvault calls the process ‘cyber deception’.
“It’s not a matter of if an attacker gets in, but when”, the company described. “Cyber deception is an active defence technology that provides businesses with a powerful one-two-punch; first slowing attacks down by diverting them toward fake assets and, second, simultaneously providing high-fidelity insights into potential attacks in progress.”
From recovery to prevention
ThreatWise is a big step for Commvault. The organization is known for backup and recovery solutions, but the new system falls under a different security category: prevention, detection and response. Most of Commvault’s products help recover damaged or lost data, while ThreatWise helps prevent damaged or lost data.
“Data recovery is important, but alone it’s not enough”, said Ranga Rajagopalan, Senior Vice President of Products at Commvault. “Just a few hours with an undetected attacker in systems can be catastrophic. By integrating ThreatWise into the Metallic SaaS portfolio, we provide customers with a proactive, early warning system that bolsters their zero-loss strategy by intercepting a threat before it impacts your business.”