#USA #Commvault #Tinton Falls #threat detection #Cyber Recovery

Commvault Expands Threat Detection with New Scanning Features

Commvault, a prominent name in the realm of data management and cyber resilience, recently unveiled significant enhancements to its threat detection offerings, specifically through its Commvault Cloud Threat Scan. This development enables organizations to sharpen their threat hunting capabilities, aiming to swiftly unearth potential risks within backup environments and recover clean verified data, which in turn minimizes the chances of data reinfection and extends operational downtime.

In today's digital landscape, where cyber threats are continually evolving, organizations find themselves under increasing pressure to protect their critical data. Recent reports state that the median dwell time for a breach—before detection—is around 24 days. This extended duration offers cybercriminals ample opportunity to embed malicious code onto systems without detection. Consequently, security teams often face a dual challenge: identifying indicators of compromise (IOCs) and ensuring the integrity of backup data before any restoration efforts are initiated. Without proper visibility into the integrity of backups, organizations risk the possibility of reintroducing threats into their systems.

Advanced Threat Hunting Features

Commvault addresses this mounting challenge by integrating two innovative scanning modes within its threat hunting arsenal.

1. Hyper Threat Hunting: This mode allows for targeted searches across backup datasets using artifacts such as hashes and YARA rules to effectively identify known indicators of compromise. Hash-based hunting enables rapid index-based detection, while YARA-based analysis permits more refined pattern matching, facilitating deeper investigations.

2. Deep Inspection: Complementing Hyper Threat Hunting, this feature provides a comprehensive file-level analysis through the use of malware signatures, machine learning, heuristic assessments, and AI-enabled encryption detection. This multifaceted approach helps reveal existing threats and suspicious variants, including ransomware-related activities that may escape traditional detection methods.

By employing these dual detection mechanisms, Commvault fosters collaboration among incident response and recovery teams, allowing them to efficiently isolate affected data and make informed decisions about recovery strategies. The teams have the option to schedule regular scans for continuous monitoring or execute targeted searches during active incidents, offering both ongoing protection and timely response measures.

Enhanced Recovery Process

The integration of these threat detection features with Commvault’s private technology, known as Synthetic Recovery, streamlines the workflow from threat identification to recovery. Once threats are detected, Synthetic Recovery assists in the precise removal of compromised datasets, ensuring only clean data is restored to production systems. This approach not only preserves critical data but also upholds its integrity.

Dr. Erika Voss, Chief Security Officer at Blue Yonder, emphasizes the importance of keeping ahead of adaptive cyber threats: “Validating recovery data against current threat indicators is vital for maintaining control in an unpredictable landscape.”

Fernando Montenegro, VP and Practice Lead Cybersecurity at The Futurum Group, highlights a notable trend, stating, “Organizations are shifting towards recovery operations that depend on integrated solutions that harmonize threat detection with recovery processes.” This sentiment underscores the necessity for combined strategies in effectively managing cyber risks.

A Unified Approach to Resilience

This announcement aligns with Commvault's ongoing commitment to enhancing the resilience operations (ResOps) model, which fosters seamless collaboration between IT and security teams. The integration of processes and technology allows organizations to manage resilience as a holistic, enterprise-wide endeavor—particularly crucial in today’s digitized environment where threats are ever-present and evolving.

Pranay Ahlawat, Commvault's Chief Technology and AI Officer, stresses the importance of a cohesive approach during incidents: “Threat intelligence must scale, and the real differentiation lies in the actions taken thereafter.” The company’s advanced algorithms and targeted threat hunting strategies provide organizations with not only the means to swiftly detect threats but also the assurance that the data restored is clean and secured.

Global Availability and Upcoming Engagements

These innovative threat detection capabilities are globally available, offered both as a standalone service and as part of Commvault's comprehensive cyber resilience package. Notably, existing customers of Threat Scan will receive these new features at no additional cost.

Commvault will showcase its latest advancements at the RSA Conference in March 2026, where attendees will have the opportunity to engage in discussions around unified cyber recovery and explore live demonstrations of resilience strategies.

In a world where data breaches and cyber threats are increasingly sophisticated, Commvault's dedication to innovation in threat detection and recovery underlines the company’s role as a leader in ensuring data security and resilience across sectors.