Virtualization Technology News and Information
Article
RSS
Newest Release of Index Engines' CyberSense Release Empowers Data Integrity

interview-indexengines-rob-mossi 

In an era where ransomware threats continue to evolve and challenge organizations worldwide, innovative solutions are crucial for robust data protection.

In this exclusive VMblog Q&A, Rob Mossi, Senior Director of Product Marketing at Index Engines, discusses the latest developments in CyberSense, an AI-powered data analytics engine designed to detect ransomware-induced data corruption in backups and snapshots. With the recent release of CyberSense 8.7, Mossi delves into the enhanced data integrity capabilities, the power of AI in cybersecurity, and how organizations can leverage these advancements for smarter, more efficient recovery in the face of cyber threats. As CyberSense continues to scan over 5 exabytes of data globally for more than 1,500 customers, Mossi's insights offer a glimpse into the future of data protection and integrity in an increasingly complex digital landscape.  

VMblog:  I know CyberSense just released a big update, but first can you remind our readers what CyberSense is?

Rob Mossi:  Sure thing. CyberSense is an AI-powered data analytics engine designed to detect data corruption caused by ransomware in backups and snapshots.  CyberSense detects this corruption with 99.99% accuracy, minimizing data loss and downtime, to facilitate a safer, smarter recovery.  

For CyberSense, it's all about data integrity. It scans core infrastructure, production databases, and critical documents looking for patterns of corruption indicative of ransomware. CyberSense offers peace of mind that data is clean from malicious corruption. 

Think of it as kind of a smoke alarm for critical data.  If it goes off, something is wrong.

CyberSense is currently scanning over 5 EB of data globally for over 1,500 customers

VMblog:  The latest CyberSense release is around data integrity -how do customers leverage the data integrity capabilities of CyberSense in the new 8.7 release? 

Mossi:  I have to say that the "wow" feature of the 8.7 release is the data integrity homepage. Now critical data integrity insights on analyzed data are displayed via an easy-to-consume visual experience. 

So each customer gets a view into the results of their scan, providing confidence that data is clean and available for restoration. It's easy to get a picture of your data's integrity at any time, 24/7.  

VMblog:  What else is new in 8.7?

Mossi:  CyberSense 8.7 is packed with some great compatibility and feature enhancements that will benefit both customers and prospective customers as well. The first thing current customers will notice is, the UI has incredibly fast response times so you can drill down into petabytes of data quickly. This release also expands CyberSense's compatibility to updated platforms like SUSE15 and Oracle Tablespace encryption. It also makes it easier for organizations to limit access control via security roles.  On the integrity front, we also added corruption alerts for databases that identify non-ransomware related corruption.  As you can see, 8.7 is a solid release. 

VMblog:  You mention your AI a lot - what differentiates your AI?

Mossi:  One of the tough parts about AI is that it's only as good as the machine learning that trains it. CyberSense is continually trained using real ransomware.  We currently have over 7,000 variants in our lab which automates pulling actual ransomware from academia, social media, websites including virustotal.com and more. 

Then we have tens of millions of data sets our machine learning uses to observe how data changes over time, both naturally and by ransomware corruption. When CyberSense inspects data, it uses over 200 content-based analytics indicative of ransomware behavior to see how data is changing. In other words, our AI is trained to look for patterns of behavior, vs actual ransomware. At the end of the day, this methodology enables CyberSense to identify patterns resulting from ransomware and generate alerts with 99.99% accuracy when corruption is detected. 

In the event of an alert or attack, CyberSense delivers detailed forensic reports to provide our customers with the how, what, when and the extent of an attack.  This enables organizations to recover quicker and smarter with minimal data loss and financial impact.  

VMblog:  I heard you put an SLA on that 99.99% number - can you take us through what that means?

Mossi:  Great question...I think the storage industry thinks of an SLA a bit differently than we do - they probably think of it more in terms of uptime and availability.  

For us at Index Engines, it's a commitment to our customers that we can detect patterns of ransomware corruption to 4-9's of accuracy and we had our detection process validated by ESG -Enterprise Strategy Group. They looked at how we train our AI, test it and validate its accuracy. When we completed our validation with them, out of 94,100 infected samples, CyberSense found 94,097 of them.  You can read more about it on our website. (link)

Organizations have the assurance that the data they will recover is free of ransomware and malware corruption, thus shortening down time and reducing the high costs associated with an attack, which we mentioned earlier. 

This standard is maintained prior to each release and is our commitment to our customers to uphold the highest standard of detection. 

VMblog:  If a customer gets attacked and CyberSense detects it, how do they recover smarter?

Mossi:  Once again it comes down to data integrity.  Smart recovery begins with data integrity. CyberSense gives customers the confidence to determine the difference between good data and compromised data.  

CyberSense's AI continually compares protected data over time to identify behavioral patterns that are indicative of ransomware corruption with 99.99% confidence. CyberSense inspects data's integrity and determines if corruption has occurred and provides reporting on the point-in-time of the malicious activity.

In one intuitive dashboard, admins understand the type of attack, the blast radius, the hosts/files affected and a view of clean and suspect backups. Without this level of accuracy, organizations will remain vulnerable to reinfecting their systems, excessive data loss and will face elongated downtime and high remediation costs.

With CyberSense, organizations will know sooner when an attack occurs, understand the details of the attack and have a clear path to recovery. The addition of CyberSense can even help prevent future attacks by feeding telemetry data into SIEM and SOAR solutions to look for similar patterns.   

##

Published Wednesday, August 14, 2024 7:31 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<August 2024>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
25262728293031
1234567