Cohesity threat-scanning Security Advisor looks for malware entry holes

COV-19 virus. CDC/ Alissa Eckert, MS; Dan Higgins, MAM - This media comes from the Centers for Disease Control and Prevention's Public Health Image Library (PHIL), with identification number #23312.

Cohesity has announced its Security Advisor application, which looks for malware holes in a customer’s Cohesity environment and adds an extra layer to its Threat Defense architecture.

Security Advisor scans the customer’s Cohesity environment, looking at security configurations, access control, audit logs and encryption framework. It provides a score that tells customers how they are performing against Cohesity’s best practice recommendations, and makes recommendations on how to address potential risks from bad actors — both internal and external — which can limit their exposure to cyber extortion.

Brian Spanswick, Cohesity’s chief information security officer (CISO), explained that “Enterprises use an array of tools to generate and manage data, and each tool has its own security settings — making it difficult to review every setting and control access across all their disparate technology. This lack of visibility and control leaves IT environments vulnerable to cyberattacks.”

Cohesity competitor Rubrik updated its data protection software with an in-house ransomware threat hunter earlier this month. Data protection suppliers are moving to add more active ransomware and other malware threat detection capabilities after an initial round of adding immutable backup vaults and clean backup scans.

Cohesity Security Advisor screenshot.

Security Advisor is part of the Helios SaaS management platform which provides in-flight and at-rest encryption, immutability, WORM, role-based access and multifactor authentication.

It complements Cohesity’s CyberScan application on the Cohesity Marketplace which can uncover cyber exposures and blind spots in a Cohesity production environment by running on-demand and automated scans of backup snapshots against known vulnerabilities.

If and when a Security Advisor scan shows a score that indicates an issue, the following actions can be taken:

  • Get more detailed information and recommendations;
  • Get a centralised view of all Cohesity cluster security settings across geographies, sites, and regions, through the Helios Dashboard;
  • Meet internal security assessments via a scorecard.

Security Advisor is available immediately to all customers globally at no additional cost. It can be accessed through the Helios Security Dashboard, under Security Advisor.