top of page
Writer's pictureMatt Tyrer

Data Protection: Competitive News Makers (December 2023)

There's a lot going on in the data protection and cyber security markets - it can be hard to keep up with all the news. That's where The Competitive Corner's Newsletter comes in, to help curate and distill the most pertinent movers and shakers each month to make your job easier.


While many are winding down their activities heading towards the holidays, other vendors were ramping things up during December 2023 with some new releases, big fixes, and new hires. Key newsmakers this month include #Cohesity, #Veeam, #HYCU, #Varonis, #Atlassian, #Commvault, #Revyz, and #Snyk. Below you'll find a breakdown of why these news items matter to you, links to the original articles, and related blogs for further research and insights.

 

December 2023 Competitive Headlines:

(click any headline to jump directly to the analysis)

  • Veeam releases their huge Data Platform 23H2 update

  • Cohesity Ranked as the Fastest Growing vendor on IDC's latest Data Replication and Protection Software Market Report

  • HYCU adds support for AWS S3 Express One Storage Class

  • Varonis Announces Data Security Platform on Salesforce AppExchange

  • Atlassian patches critical RCE flaws across multiple products

  • Snyk launches new ASPM product, "Snyk AppRisk"

  • Varonis Expands DSPM Capabilities with more Azure and AWS Support

  • Revyz launches Asset Data Manager for Jira Cloud

  • HYCU brings on new marketing leadership

  • Commvault appoints new APAC sales and channel leadership

 

Veeam Data Platform 23H2 update enhances resilience against ransomware



Why it Matters?

The Veeam 23H2 release (or 12.1 depending on how you count) is here and is epic to say the least - with over 24 pages of updates and enhancements in the "What's New?" notes. This latest release from Veeam for their flagship product, Veeam Backup & Replication, was previewed as part of their VeeamON Resiliency Summit back in late October, but is now generally available. It is a significant leap forward for Veeam's core offering as it closes a major gap in their technology: a very notable lack of cyber security detection, protection, and recovery features. With the release of 12.1, it appears as though that deficiency has been dealt with. If Veeam were to have added no other features to this release, the addition of threat detection and response capabilities would have been enough for me as that prior lack of critical security functionality (considered table stakes by many) was something that Veeam had been hammered on by competitors, analysts, customers, and other industry pundits.

Below I've summarized the most critical new features in the 12.1 release (IMHO), and I'm sure you'll notice most are security related. I have to highlight that most, if not all of these cyber security features have been available in some form from the other leaders in the backup recovery space for some time -- Veeam was the last of the enterprise players to introduce these features:

 

  • Inline Malware Detection: Entropy analysis of the "live" backup stream as backups are being done, this does have a performance overhead for the additional processing

  • Suspicious file activity detection: Looking for unusual behaviour in the data, such as mass deletions, renaming, or extension changes.

  • Early Threat Detection (EDR/XDR/MDR integration): API level integration with these perimeter security solutions so that any threats they detect can signal the Veeam backups to respond and mark suspicious systems as "infected"

  • Security and compliance monitoring: Audit and alerting for misconfigurations and exposure within the Veeam infrastructure itself.

  • YARA scanning of backups: Looking for known malware threats within existing backup copies using YARA rules

  • Protection from Reinfection: Tracking identified threats and flagging suspicious or infected backups so that they are not used in recovery

  • "Four Eyes" Authorization: Sometimes referred to as "multi-person authentication", whereby potentially risky or destructive administrative actions like changing retention settings or deleting backup copies require approval from multiple administrators prior to execution.

  • Veeam Threat Center: A new unified security dashboard for reporting and response, and it appears to be only available as part of the Veeam ONE product (advanced or premium licensing)

  • Time Change Protection for Hardened Repositories: Also known as "NTP poisoning" whereby a bad actor will change the system time in the attempt to force the expiration of backups, thus leaving the customer exposed. By flagging time jumps and halting the data aging, Veeam is now better able to avoid this type of attack.

Here are some other key updates and enhancements as part of this release:

 

  • Veeam AI Assistant: Veeam joins recent additions from Druva, Commvault, Rubrik, Cohesity, AvePoint, and others in introducing an AI co-pilot or assistant to their solution.

  • Backup and recovery of Amazon S3 buckets and objects

  • Amazon DynamoDB protection

  • Azure Blob protection

  • Backup of Azure virtual network configurations

  • Support for Google Cloud Spanner backup and restore

  • LOTS more!

You can catch my coverage of the October event here: competitivecorner.ca 

You can also give the full PDF of "What's New?" for Veeam's 23H2 (or 12.1) release from Veeam's website: veeam.com


 

Cohesity Ranked as the Fastest Growing of the Top 10 Largest Players in Data Replication and Protection Software Market for 1H 2023*


[Link to Original Article ]


Why it Matters?

Cohesity shared that Cohesity is #1 in YoY revenue growth according to IDC's latest Semiannual Software Tracker report on Data Replication and Protection software covering 1H23.  The report itself is not available for review, but Cohesity was very happy to share the below graphic supporting their statement (see below).  

 


However, this limited view of the larger report that Cohesity has chosen to share only represents revenue growth - not overall revenue or market share.  So, a larger change on a smaller number will move that needle a lot.  For example, Cohesity could have had a terrible 1H22 and so any improvements in 1H23 comparatively would show significant growth figures. The report does track those other elements (Market Share and Revenue) so one should not extrapolate from this one stat Cohesity's overall position in the Data Protection market as we don't have the complete picture.

 

By contrast, if you look at the previous half's Software Tracker for 2H2022 you can see a much different breakdown when using both Vendor Revenue and Market Share in ranking the vendors (see below). So, all this is to say that without access to the full 1H2023 report, be careful how you interpret any vendor claims...



 

HYCU Support for AWS New High Performance Amazon S3 Express One Storage Class


Why it Matters?

HYCU has become a "fast follower" with the announcement of their support for AWS's newest storage tier. Announced in early December at AWS re:Invent, the new Amazon S3 Express One Zone storage provides high performance + low latency compute aimed at the growing AI market. The Express One Zone was very well received by all and I would expect to see many organizations and developers quickly jumping in to test out the capabilities and suitability for these types of workloads. So, with a burst of data expected to explode into this new tier, the data protection vendors will need to respond in kind -- Commvault was the first to announce Express One Zone support during re:Invent and now HYCU has joined the party.


These early adopters will gain some advantages as they themselves try to cater to the AI workloads and vast data sets behind them.


 

Varonis Announces Data Security Platform on Salesforce AppExchange



Why it Matters?

Varonis continues to expand and has added Salesforce to the long list of platforms they can leverage their Data Security Platform against. With the launch of Varonis' Data Security Platform on the AppExchange they have added integrations with the SFDC native Shield security tools to provide visibility into potential threats by presenting the data in what they claim as a format so simple even junior cyber security admins would be able to comprehend and respond (I guess the Shield alerts must be pretty complex otherwise!).


Regardless, the Varonis platform on the AppExchange is a good move for them to try and drive adoption within the Salesforce ecosystem.


 

Atlassian patches critical RCE flaws across multiple products



Why it Matters?

Atlassian products are extensively deployed in businesses and enterprises globally, so when they release an advisory calling out critical remote-code execution (RCE) vulnerabilities that need patching there could be a very large potential impact. The vulnerabilities appear to impact both their on-prem editions of Confluence, Jira, and Bitbucket as well as cloud deployments. Atlassian states that none of these vulnerabilities appear to have been exploited (yet) in the wild, but if you're using any of these products, please apply the patches/updates immediately to reduce your risks.


The set of four RCE vulnerabilities addressed this month are received the following identifiers:


  • CVE-2023-22522: Template injection flaw allowing authenticated users, including those with anonymous access, to inject unsafe input into a Confluence page (critical, with a 9.0 severity score). The flaw impacts all Confluence Data Center and Server versions after 4.0.0 and up to 8.5.3.

  • CVE-2023-22523: Privileged RCE in Assets Discovery agent impacting Jira Service Management Cloud, Server, and Data Center (critical, with a 9.8 severity score). Vulnerable Asset Discovery versions are anything below 3.2.0 for Cloud and 6.2.0 for Data Center and Server.

  • CVE-2023-22524: Bypass of blocklist and macOS Gatekeeper on the companion app for Confluence Server and Data Center for macOS, impacting all versions of the app prior to 2.0.0 (critical, with a 9.6 severity score).

  • CVE-2022-1471: RCE in SnakeYAML library impacting multiple versions of Jira, Bitbucket, and Confluence products (critical, with a 9.8 severity score).


Please review which Atlassian products you have in your environment and work with your IT teams and Atlassian support to patch yourself before you wreck yourself!


 

Snyk Launches "Snyk AppRisk", Establishing the Next Era of Developer Security Focused on Enterprise-Scale Application Risk Management



Why it Matters?

Application Security Posture Management (ASPM) is a developing area of data security that Snyk has been a pioneer in. They are looking at data security from the perspective of securing code, and removing vulnerabilities right at the development stage - thus mitigating the risks later on in the application lifecycle. With the launch of Snyk AppRisk, they are delivering a tool that not only can set guardrails to ensure stringent security practices are adhered to, but also monitor/detect/alert on any potential risks in the application development cycle. If you can plug the holes before the product goes out the door, then the risks to your customers are greatly reduced.

 


 

Varonis Expands DSPM Capabilities with Deeper Azure and AWS Support



Why it Matters?

Varonis continues to expand the data sources over which they can apply their IaaS analytics and classification engine. In this latest update, they have extended support to Azure Blob and AWS S3, RDS, and unmanaged databases in EC2. With more of the common cloud repositories under coverage, they provide valuable observability regarding access and security to those data sets.


Many in this space focus solely on unstructured file data, but Varonis' ability to look into structured and semi-structured data gives them an advantage in the UEBA space.


 

Award-winning software developer, Revyz, releases its second app for 2023 into the Atlassian Marketplace



Why it Matters?

There's more to Jira than just scrum boards, and Druva-backed Revyz has released new software to address a gap in data protection within the Atlassian platform. The growing popularity of Jira Service Management Assets (JSM Assets) allows for organizations to scan for and monitor their infrastructure assets across the entire business - not just IT assets. This also can illustrate links between services and the underlying infrastructure.


As with other aspects of the Atlassian platform, they've taken the position of the "Shared Responsibility" SaaS model whereby customers are responsible for their own data, which means that the data within JSM Assets is not natively protected or recoverable via Jira itself. Enter Revyz's new "Asset Data Manager for Jira Cloud" offering, which targets this otherwise exposed data set to provide "enterprise" backup and recovery features for JSM Asset data. The solution UI resides within the Jira platform, meaning administrators have a common UX to work with both their production Atlassian data and managing the data protection operations of said data, and it is now available in the Atlassian Marketplace.


More of the backup vendors in the market are starting to direct their attention to the Atlassian ecosystem, so I'd expect to see increased noise around data protection and Atlassian in 2024.

 

HYCU Strengthens Leadership Team to Continue Strong Growth Trajectory - Angela Heindl-Schober Named Senior VP Global Marketing



Why it Matters?

HYCU is getting back in the marketing game with the appointment of Angela Heindl-Schober as SVP for Global Marketing. They'd been without marketing leadership since the summer following the departure of their first CMO, Kelly Hopping. This investment into brand strategy, marketing, and messaging is a sign that HYCU is looking to make some investments to disrupt the established vendors in the data protection space. It will be interesting to watch and see how their GTM evolves over the coming quarters.


HYCU is sitting just outside the leaders quadrant in the Gartner MQ for Enterprise Backup, and some solid marketing could nudge them closer to that position.


 

Commvault Extends APAC Leadership with Two New Senior Appointments - Michel Borst, AVP, Asia and Joanne Dean, AVP Channel & Alliances, APAC



Why it Matters?

Commvault had some recent leadership departures in APAC and these latest appointments will close off those vacancies. First is the appointment of Michel Borst as AVP for APAC, the second is Joanne Dean who heads up the channel as AVP for Channel & Alliances (APAC). The appointments of these two leaders are aimed at ongoing challenges developing the APAC region outside of just ANZ.

Commvault's not alone in that respect, but this investment might help give them a leg up in growing the region.


 

Written by Matt Tyrer. These posts reflect my own opinion and are not necessarily the opinion of my employer.

38 views0 comments

Recent Posts

See All

Comments


bottom of page