Cohesity scans backup data to detect vulnerabilities

Cohesity is offering scans of its backup data to reveal customer vulnerability to malware and other threats.

The backup supplier’s CyberScan product looks at Cohesity Data Platform backup files and uses Tenable.io technology to discover vulnerabilities in operating systems, computers, network devices, and configurations that could lead to malware assaults. This enables customers to fix open doors, so to speak, before attacks happen.

The Tenable.io cloud service identifies potential exposures against entries within the regularly updated public Common Vulnerabilities and Exposures (CVE) database.

CyberScan can also identify any backups that are potentially compromised and which backup snapshots are recoverable. That can prevent re-injecting malware into a production IT system in a VM restoration process.

Backup scans do not impact production systems and can be run regularly to keep a constant check on the backup data’s state and the customer’s vulnerability to cyber threats. Service level agreement policies for cyber threat status can be helped by such scanning.

The CyberScan dashboard also provides access to Cohesity’s anti-ransomware capabilities. Cohesity said the open source ClamAV anti-virus facility can be run against its backup data to provide a third level of security protection.

Ray Komar, technical alliances VP at Tenable, said CyberScan is Tenable’s first experience of backup data being used in this way.

Cohesity CyberScan is generally available to all Cohesity customers on the Cohesity MarketPlace as part of the latest v6.4 software release.

Blocks & Files thinks its usefulness will depend upon the degree of coverage of a customer’s IT estate by the backup data. That means the more they use Cohesity backup in their IT universe the greater the effectiveness of the resulting vulnerability scan and anti-ransomeware and anti-virus activities. That’s  a win for both Cohesity and Tenable; some astute marketing taking place here.