The integration of security and data protection across the on-premises, public clouds and SaaS area at Commvault is getting broader and deeper, and attendees at its Shift Cloud Summit event were left in no doubt about it
The company says AI is creating exponential volumes of distributed data, which introduces more threat vectors for bad actors to exploit. This data is distributed in so many different software environments and locations – on-premises, cloud, and hybrid environments – that businesses and other orgs are using separate products, that were not designed to work together, to secure, protect, manage, and recover data. All the different data types and locations combine to form a growing attack surface for ever more persistent and clever digital crooks.
Commvault wants to build a comprehensive platform securing and protecting its customers’ IT data environments wherever they are found, hence the Cloud Unity platform idea.
Pranay Ahlawat, its CTO and AI Officer, said – perfect storm and business outcome cliche alert – : “Enterprises are facing the perfect storm: non-stop cyber threats, exacerbated by AI; attacks on identity systems; and recovery challenges that impact revenues and reputations. Commvault brought together the best engineering minds to create a transformative platform release that not only unifies resilience across disciplines and environments but can also help customers drive strong business outcomes.”
Commvault says its security and protection coverage spans 160+ cloud regions with protection for over 200 cloud services; claiming the industry’s broadest workload protection and global resilience.
There are eight or so separate aspects to the Cloud Unity Platform and our graphic shows them and how they are related;
They fall into three groups: cyber recovery, identity and hybrid cloud protection, and we’ll cover them in that order
Cyber Recovery
Cyber Recovery’s Threat Scan now enables customers to use AI to identify, analyze, and quarantine suspicious files, detect newly-encrypted files, and search for new or specific Indicators of Compromise (IoCs). This capability could be used to detect encryption of files over time, potentially indicating ransomware at play.
Synthetic recovery is a neat idea. If, in a recovery, you go back in time to the last known clean data set you’ll lose access to newer data which is in compromized data sets. Synthetic recovery combines the last known clean dataset with good data extracted from newer compromized data sets by using patent-pending technology. This has an AI-enabled process automatically detecting threats and surgically removing them during recovery while keeping the “good” data intact.
Commvault says customers can then make the most complete recovery possible.
The Cleanroom Recovery feature has been enhanced with new runbook automation capabilities. These automate the Cleanroom build-out process with specific configurations and settings needed to test and validate recoveries.
Commvault reckons that each of these three things build on each other: Threat Scan identifies risks in protected data. Synthetic Recovery helps assemble clean data for recovery. Cleanroom Recovery provides a secure space to automate testing and data validation before returning recovered data to production. It’s an end-to-end recovery workflow.
Identity Resilience
The Identity resilience area involves Active Directory (AD) enhancements and the integration of an AD Forest with Cleanroom Recovery. There are three AD protection additions:
- Detect weaknesses and threats: Uses integrated vulnerability assessment, identity change, and anomaly detection to track risks across users, groups, and policies in AD.
- Log and audit the changes: IT and security admins can see who made what changes, when, and from where – and maintain an audit trail that logs important change events.
- Reverse unwanted changes in real time: Admins can identify suspicious modifications from the change log, and roll them back, without needing to locate recovery points or objects manually.
Integrating AD Forest with Cleanroom Recovery means customers can recover AD forests in an isolated cleanroom and test recovery plans in advance, without disrupting their production identity systems.
Hybrid Cloud
The hybrid cloud protection news includes AI-enabled Discovery, Classification & Protection Policy, plus the availability of the Cloud Unity platform in the AWS and Azure marketplaces. In more detail, customers can:
- Onboard with AI-enabled simplicity: An AI-enabled experience automatically finds workloads across an organization’s cloud estates and recommends protection policies based on workload classification while supporting compliance initiatives.
- Analyze cloud data risk: Discovered cloud resources are analyzed for protection risk, with reports that include status of existing snapshots of discovered workloads, so cloud admins can see protected versus under-protected workloads.
- Customer-Specific TCO Analysis: After automatically discovering cloud resources, customers get a TCO analysis displaying a list of unprotected and cloud-protected workloads (e.g., cloud snapshots),and the expected TCO savings the user would see by protecting those workloads with Commvault Cloud.
- Unparalleled Multi-Cloud and Hybrid Support: This platform release is designed to unify protection across clouds, regions, and accounts and extends to protect on-premises environments across data centers and edge locations, with one centralized UI.
- Integrated Cyber Resilience: Customers can add additional, integrated cyber resilience capabilities that go beyond the native cloud backup offerings from public clouds.
Comment
The notion that an enterprise-class customer would prefer to have a single data protection and security facility covering their entire IT data estate: On-prem, in-cloud, SaaS, and combinations of the three, is intuitively obvious. But the coverage has to be extensive, otherwise silo’d data protection/security offerings will creep in and spoil the picture. Commvault clearly understands this point of view. It’s not about to leave holes in its offerings so that Cohesity, Druva, HYCU, Rubrik, Veeam, or any other wannabee attacker could invade its customer base. Indeed, its combination of security, data protection and recovery resilience means it can attack their customer bases.
A final thought; security company Symantec was right in buying Veritas – but it was twenty years too early. There was no ransomware, AI and SaaS services in those far-off and simpler days. It’s different now.
Availability
Synthetic Recovery, Threat Scan Advanced, and enhanced Cleanroom Recovery are currently available in early access and targeted for general availability in early 2026.
The Identity Resilience updates will be available in early access beginning in early 2026. You can check out a demo about them here.
The hybrid cloud protection capabilities are generally available today as are the consumption-based pricing models, via the AWS and Microsoft Azure marketplaces. Learn more from a blog.
