Druva and FireEye enable customers to instantly monitor, analyze, detect and respond to insider threats
Druva announced the launch of an API integration with FireEye extending visibility and control over endpoint backup data to monitor, analyze, detect and respond to data breaches from ransomware, data theft, and insider attacks.
Joint customers of Druva and the FireEye Helix platform can now dramatically reduce incident response times, minimize downtime, and accelerate recovery from protected backup data.
With businesses facing a rapidly changing remote workforce population, the spotlight is on IT teams to ensure the security and reliability of critical business data. At the same time, ransomware attacks and insider threats are accelerating.
FireEye Helix is a cloud-hosted security operations platform that integrates disparate security tools and augments them with next generation SIEM, orchestration and threat intelligence capabilities to capture the untapped potential of security investments.
The API integration with Druva inSync helps ensure a cyber-resilient enterprise can continue to function during an attack and is agile enough to adapt and recover from any incident.
With pre-built rules and alerts, Druva and FireEye provide Security Ops teams with the ability to react rapidly, substantially reducing the operational effort for a security analyst. This is done by:
- Identifying abnormal data restoration, ensuring data being restored is within the enterprises’ network
- Ensuring compliance to geography-based data access and restoration policy
- Offering visibility into who is accessing the system, tracking Unauthorized Admin Login attempts, password changes and Admin attempts to download or recover data
- Creating alerts, generated by the pre-built rules, which trigger pre-configured playbooks to help security analysts to rapidly assess the event and take appropriate mitigation actions
“The spread of enterprise data inside and outside organizations makes it increasingly challenging for security teams to gain the full visibility they require,” said Sean Morton, Vice President, Customer Experience, FireEye.
“Traditional backup solutions can be a ‘black box’, but Druva’s unique capabilities offer greater visibility into ongoing activities. Data security and protection continue to be top of mind for IT leaders and we are excited to work with Druva to deliver powerful solutions that help keep enterprises safe and secure.”
“The cost of successful security breaches is only rising – between regulatory policies, security reviews, reputational management, and of course business interruption – and its impact can easily have a significant impact on a business’s ability to continue operations,” said Stephen Manley, Chief Technologist, Druva.
“The current environment of a dispersed workforce, inconsistent security approaches, and increasingly aggressive malicious actors have only raised the stakes. Druva’s unique ability to offer naturally air-gapped data immutability and seamless integrations with a wide variety of platforms and solution providers, like FireEye, helps companies take control of their data and have the visibility required to keep teams safe.”