Index Engines released an API-based developer's kit to
support the integration of its industry-leading CyberSense software's analytics
and reporting into third-party backup and storage platforms.
CyberSense delivers API's that support full-content
indexing of data, alerts if suspect corruption is detected, reporting to
diagnose attacks and support recovery and more.
API's are available to initiate indexing jobs for data in
both primary and backup storage environments via NFS/CIFS or NDMP protocols.
CyberSense can directly index files in backup images, including Dell EMC
NetWorker/Avamar, Veritas NetBackup, IBM Spectrum Protect, and Commvault
without the need to rehydrate the data.
CyberSense indexes at the content level, collecting over
100 statistics indicative of data corruption, and uses machine learning to
check the integrity of files and databases as well as compares how content
changes between file observations to determine if there has been corruption due
to a cyberattack. Using full content-based analytics and machine leaning,
CyberSense uncovers signs of encryption and corruption to determine if suspect
behavior occurred.
CyberSense also provides post-attack forensic reporting
that allows rapid diagnosis and recovery from an attack. These reports provide
information that include the attack vector utilized, the files that have signs
of corruption, the location and owner of these files, and the last good version
of the files contained in previous backups. These reports provide the level of
intelligence needed to significantly streamline the recovery process.
CyberSense is a market leader due to the unique ability
to deliver full content-based analytics at scale on data in backup formats as
well as primary storage. Full-content-based analytics provide a 99.5% level of
confidence that suspect corruption is detected, far superior to other solutions
that are only able to deliver metadata-level analysis.
"Ransomware continues to be a concern for
organizations large and small," said Johna Tll Johnson, CEO and Founder of
Nemertes Research. "Many organizations think backups can protect them, but
attackers have gotten smart: They'll infect backup data sets from months or
years earlier. It makes sense to engage both the cybersecurity and backup teams
to ensure third-party backup is secure and unsullied."
Metadata-based solutions can only detect a small portion
of attacks that occur. And as cyber criminals get more sophisticated, they will
hide their tracks and corrupt data in more advanced ways that could avoid
changes in metadata or stay under the radar of today's real time protection
software. CyberSense's full-content-based analytics deliver a high level of confidence
that even the most sophisticated attacks are detected and false positives and
negatives are minimized.
Index Engines API's available for CyberSense include the
following highlights:
Administration
- Initiate an indexing job, targeting specific file
locations/servers.
- Support for indexing of file shares via NFS/CIFS/NDMP.
- Support for direct indexing of backup images including
Dell EMC NetWorker/Avamar, - Veritas NetBackup, IBM Spectrum Protect, and
Commvault as well as virtual backups.
Alerting
- Ability to query for an alert when suspect signs of
corruption are detected.
- Detailed analytics including the suspect attack vector.
Reporting
- Detailed listing of suspect corrupted files, including
full filename and path.
- Report on the last good version of the files and
databases.
- Reports on the specific backup sets containing
pre-attack files needed for recovery.
Availability
- Index Engines API's for CyberSense are available
immediately to partners who would like to integrate analytics, machine
learning, reports and diagnosis capabilities with their storage and backup
platforms.
For more information on the Index Engines API developer kit, contact: info@indexengines.com