There's a lot going on in the data protection and cyber security markets - it can be hard to keep up with all the news. That's where The Competitive Corner's Newsletter comes in, to help curate and distill the most pertinent movers and shakers each month to make your job easier.
During November 2023, there were several large conferences held including Microsoft Ignite and AWS re:Invent where many announcements were made from vendors across the board. Key newsmakers this month include #AvePoint, #Backblaze, #Cohesity, #Commvault, #Druva, #HYCU, #Rubrik, #Varonis, and #Veeam. Below you'll find a breakdown of why these news items matter to you, links to the original articles, and related blogs for further research and insights.
November 2023 Competitive Headlines:
(click any headline to jump directly to the analysis)
Critical Vulnerabilities Expose Veeam ONE Software to Code Execution
IDC Publishes new IDC MarketScape for Worldwide Cyber Recovery (2023)
Druva Expands Multi-Cloud Protection with Secure Azure Backup
Commvault Bolsters Cyber Resilience with AWS, Announcing support for the Amazon S3 Express One Zone Storage
AvePoint Introduces Public Preview of AvePoint Confide to Secure and Simplify External Collaboration
Veeam's Integration with Microsoft 365 Backup Storage Builds Momentum
AvePoint Announces Cloud Backup Express to Enable Accelerated, Secure Data Protection
Dell and Druva Powering Innovation Together with Dell APEX Backup Services
Cohesity Expands Collaboration with Microsoft to Bring Enhanced Data Security and Backup Protections to Microsoft 365
HYCU Delivers Complete Data Protection for Cloud-native Applications from Build to Runtime Running on AWS
Commvault SHIFT: Commvault refreshes the brand and joins forces with leading security, AI companies to help customers stay ahead of bad actors and escalating cyber threats + much more!
Cohesity Announces Sign Up for Early Access for Cohesity Turing Integration with Amazon Bedrock
Varonis Introduces Athena AI to Transform Data Security and Incident Response
Rubrik introduces Ruby, the generative AI companion to accelerate cyber detection, recovery, and resilience
Critical Vulnerabilities Expose Veeam ONE Software to Code Execution
[Link to Original Article]
Why it Matters?
Earlier in November, Veeam issued an urgent advisory to regarding a number of critical issues with CVSS severity scores of 9.9 out of 10 (that's very bad!!). These 4 severe vulnerabilities affect Veeam ONE v11, v12, and v13 and Veeam has already released hotfixes to patch these flaws in their software. Veeam has not indicated if these vulnerabilities have been exploited in cyber attacks, but given how the ransomware gangs have been actively targeting Veeam for years because of their frequent exposure. There are still 1000s of Veeam instances sitting unpatched from the CVEs uncovered over a year ago in December 2022 which were significant enough to get listed on the CISA catalog of Known Exploits and Vulnerabilities.
Now, Veeam certainly isn't the only software vendor out there that catches and patches vulnerabilities, but they certainly do seem to have a LOT of big ones recently...
If you're a Veeam customer, I cannot stress enough the need to get your software patched ASAP
IDC publishes new IDC MarketScape for Worldwide Cyber Recovery (2023)
[Link to Original Article ]
Why it Matters?
IDC has published some new market research focused on the cyber recovery space. The new "IDC Marketscape: Worldwide Cyber-Recovery 2023 Vendor Assessment" covers 12 vendors broken into the following evaluations:
Leaders: Rubrik, Veritas, Cohesity, Druva, Acronis
Major Players: Veeam, Commvault, Dell, Zerto, Quest
Contenders: IBM, Arcserve
I don't necessarily agree with the IDC positioning here, as vendors like Veeam and Dell have much less capability (for example: both lack curated recovery) on this respect compared to Commvault, but were ranked ahead of them for "current capabilities" which is not representative of their ACTUAL available features in the current products. Looking at the current GA Veeam solution (v12), they still lack basic anomaly detection in their platform so I'm again a little surprised to see them placed where they are on that axis.
We aren't going to always agree with the analysts on every single point, but other than Veeam I think the rest of the vendor placements are good representations of their strategy and capabilities for cyber-recovery. Each vendor appears to have available for download just their own respective excerpts from the report, but if you are able to get access to the full report I strongly recommend giving it a full read.
The individual vendor write-ups are very detailed and have solid points on the strengths and challenges for each of their solution suites. IDC always puts out solid research, and I count these Marketscapes as "recommended reading" when evaluating vendors.
Druva Expands Multi-Cloud Protection with Secure Azure Backup
[Link to Original Article]
Why it Matters?
We knew this was coming, but Druva has finally announced their expansion beyond AWS into true multi-cloud data protection. This initial foray into Azure covers off backup/recovery of Azure VMs, and I would expect that coverage to quickly grow to more Azure native workloads in the coming quarters. It appears as though the Druva Azure VM backups are exported from Azure into the Druva Cloud (AWS) yet do not incur any egress fees. By pulling the data into the common Druva Cloud tenant for the customer, they are able to support global deduplication across these diverse cloud workloads which will reduce the amount of data being stored for retention as well as the data that needs to move as part of a backup.
Druva is also offering free backup of 50 Azure VMs to kickstart the new product offering. Definitely a solid step forward for Druva and I'd expect to see this expansion of data protection workloads continue.
Commvault Bolsters Cyber Resilience with AWS, Announcing support for the Amazon S3 Express One Zone Storage Class and Simplified Backup
[Link to Original Article]
Why it Matters?
With AWS re:Invent going on in late November, there were a flurry of announcements from AWS themselves and every vendor that partners with them - in 2022's event AWS announced nearly 200+ new services so...you can imagine the scale here.
One of the most well received announcements from AWS was the new Amazon S3 Express One Zone Storage Class. This high performance and guaranteed low latency (single-digit) cloud storage option for high I/O applications or latency-sensitive applications (e.g. AI/ML training, modeling, real-time apps, etc). Given the positive response from most analysts and customers, I'm sure this new offering will see rapid consumption, which leads to the importance of this announcement from Commvault.
With so many organizations apparently eager to jump into using this new cloud storage option the question now is how do they protect that critical data? There's often a lag between the release of a new data source or workload type and the support for data protection by the market, but not so in this case -- Commvault has announced "day1" support for backup and recovery of data residing in the new S3 Express One Zone.
So, early adopters of this cloud storage will have at least one option for data protection! I'm sure other vendors will follow suit given the potential upside.
AvePoint Introduces Public Preview of AvePoint Confide to Secure and Simplify External Collaboration
[Link to Original Article]
Why it Matters?
Just this week ESG published stats showing that protecting communication and collaboration tools was one of the top priorities in over 83% of organizations, and AvePoint appears to have anticipated this need with the announcement of AvePoint Confide. Confide integrates with SharePoint Embedded and is one of the first to do so (AvePoint is a launch partner for Embedded). The AvePoint solution aims to provide trusted collaboration across internal and external stakeholders using the M365 tools.
Key features include:
Enhanced Visibility and Accountability: User-based file and login activities and metadata in AvePoint Confide are easily accessible in Microsoft 365 audit logs and reports, enhancing visibility and creating deep integration with Microsoft 365 DLP and other document-level protections and compliance processes.
Unified Security and Access Policies: Access to AvePoint Confide can now be protected by the customers’ own Microsoft Entra ID Conditional Access Policies for enhanced protections such as MFA, Terms of Service and other organizational access protections.
Guaranteed Confidentiality: Enterprise-grade security and compliance running on Microsoft Azure that ensures access to content in AvePoint Confide complies with organizations’ broader approach to access control and conditional access. Enhanced co-authoring capabilities, even when using the desktop Office, ensures collaborative content never has to leave AvePoint Confide, so organizations maintain confidence that highly sensitive information is secure.
With increased digital collaboration with parties outside of your own organization, the risks are there, and having tools like AvePoint's Confide platform available to provide you that peace of mind throughout these multi-company activities is a big plus
Veeam's Integration with Microsoft 365 Backup Storage Builds Momentum
[Link to Original Article]
Why it Matters?
Add Veeam to the list of backup vendors with this exact same announcement coming from Microsoft Ignite. Now Cohesity, Commvault, and Veeam have all added support for using the (preview) M365 Backup Storage option for storing Mailbox, OneDrive, and SharePoint backup data within the M365 cloud. Keeping the backups local to the prod data does accelerate both backup and recovery operations, but does come at the cost of reduced resilience (eggs in the same basket). However, this is mitigated by the fact that all 3 vendors can also create tertiary copies of the backups outside the M365 cloud for additional redundancy.
AvePoint Announces Cloud Backup Express to Enable Accelerated, Secure Data Protection
[Link to Original Article]
Why it Matters?
With the launch of AvePoint's new Cloud Backup Express solution, they are offering a streamlined M365 backup and recovery option for customers that want to leverage the new (in preview) Microsoft M365 Backup Storage solution as a backup target. This is similar to what Commvault, Veeam, Cohesity, and Druva have all announced at Microsoft Ignite, but unlike these others AvePoint appears to be building this as it's own distinct and separate offering for customers to consume.
We don't have all the details as yet since this is also in preview, but this might become AvePoint "lite" for M365 yet still delivering their core functionality and self-service. More to come!
Dell and Druva Powering Innovation Together with Dell APEX Backup Services
[Link to Original Article]
Why it Matters?
Druva, who have been providing their solution as an OEM to Dell for a few years now as Dell PowerProtect Backup Service, has announced that their solution is now also available via the Dell APEX "Everything as a Service" platform. This newly available offering will be called "Dell APEX Backup Services, powered by Druva".
Druva is filling a significant technology gap at Dell as prior to this partnership Dell (lacking foresight) had sold off all of it's first party SaaS backup solutions to other companies leaving them with a very noticeable shortcoming for providing backup and recovery of everything from M365 and other SaaS apps, to endpoint and cloud-native data. This expanded relationship shows that the Druva partnership is working well for both parties and customers are finding value.
Cohesity Expands Collaboration with Microsoft to Bring Enhanced Data Security and Backup Protections to Microsoft 365
[Link to Original Article]
Why it Matters?
For those keeping tabs of the news from Microsoft Ignite, so far Veeam, Cohesity, and Commvault have all made the same announcement regarding their new support for using M365 Backup Storage as a backup target for much more localized recovery. Using the M365 Backup Storage as an option for backups increases performance and RTO/RPO capabilities as the data is literally "closer" to the production environment as both prod and backup data is resident in the M365 cloud vs. having to be pulled out to another storage location.
At this time, the M365 Backup Storage is only in preview and only supports Mailbox, OneDrive, and Sharepoint data. Teams and Groups will still go to regular backup targets outside of the M365 cloud.
HYCU Delivers Complete Data Protection for Cloud-Native Applications from Build to Runtime Running on AWS
[Link to Original Article]
Why it Matters?
HYCU has added some new services available via R-Cloud for protecting AWS Aurora, IAM, DynamoDB, and Lambda data sets. While these are significant additions to their support matrix, I would have thought this expansion would have rolled under HYCU’s AWS Protégé Backup offering instead of coming from R-Cloud as the PR piece indicates – and that’s exactly where the confusion sets in….
R-Cloud is the development platform – it’s not a backup service unto itself, so why announce these as being available from R-Cloud? If you dig around the HYCU site these new workloads are being protected via Protégé and Protégé-as-a-Service (new-ish SaaS-only offering). So, I think they’re confusing the market a little bit with what does what to whom here. The way the announcement reads, it’s almost as though they are calling the whole platform now the “R-Cloud” which doesn’t make much sense. From the outside looking in, this seems very confusing in terms of their current GTM strategy for these solutions - I can't be the only one with this opinion either. Hopefully, HYCU provides some more clarity around the Protégé and R-Cloud services and who does what.
Rubrik Helps Customers Further Protect Amazon S3 Data
[Link to Original Article]
Why it Matters?
Rubrik has expanded support for their Rubrik Sensitive Data Monitoring (formerly Rubrik SONAR) to now be able to target S3 data sets for their data classification and analytics engine. The functionality itself is not new, but being able to point it at the large amounts of data stored in S3 repositories is a valuable expansion to their capabilities. Actual backup support for S3 data has been in their offering for some time, but these new insight features are new.
Rubrik Sensitive Data Monitoring allows administrators to do the following:
Autonomously discover, classify, and provide context on all known and shadow Amazon S3 data, without that data leaving the customer’s environment.
Assess the security posture of sensitive data against security policies and data compliance requirements.
Continuously monitor sensitive data within Amazon S3 for risky user activity or leakage and provide early warning of emerging threats.
Identify and remediate redundant Amazon S3 data to help reduce cloud costs.
Now, it's important to note that these Rubrik tools are "READ ONLY" in that they can assess, classify, and alert on if sensitive data has been discovered, etc. but they cannot automatically remediate things themselves like Commvault's solutions formerly known as the Activate suite could. It's not to say you couldn't orchestrate a response with the Rubrik APIs, but you'd have to build it rather than having those capabilities readily available in the solution.
TLDR: Rubrik's discovery and classification tools expanding into S3 are a good thing for anyone with a lot of unstructured data sitting in AWS
Commvault SHIFT: Helping Customers Stay Ahead of Bad Actors and Escalating Cyber Threats.
[Link to Original Article]
Why it Matters?
Commvault is hosted their SHIFT event on November 9th where a series of cyber-resilience announcements were made. First out of the gate was the launch of the new "Commvault Cloud Platform" which brings together their Metallic SaaS backup offering and the core Commvault software solutions into a single platform with a common interface. There's no need for separate interfaces to manage these software solutions, they are managed within the same UX now - which is a significant improvement for customers!
In addition, there are several new AI-driven features that are also built into this new-ish control plane. The AI engine is named "Arlie" (short for Autonomous Resilience) and acts as a co-pilot for Commvault users. Built on Azure OpenAI Service, Arlie can provide the following capabilities:
Active insights: Gives users real-time threat analysis and report summaries showing the latest information about their cyber resiliency health, removing the need to sift through filters and reports to prioritize the most pressing information.
Code assistance: Offers a “no-code” way to build an integration or code an action: users simply type a description of what they want to do, and the code assistant will generate the code on the spot.
Custom walk-throughs: Provides context-sensitive, guided product walk-throughs that make it easy for users to set-up, customize, and tune Commvault Cloud to their specifications. They simply ask “how to” questions and receive step-by-step documentation with annotated screenshots.
Root cause remediation: Constantly monitors the performance of Commvault Cloud using generative AI to find issues and offer real-time recommendations on how to optimize cyber resilience.
In addition to the Cloud Platform, Commvault has revealed new integrations with numerous AI and data security vendors (SIEM/SOAR). This expanded ecosystem provides customers with much more flexibility and options for building a layered security strategy and posture. There is no "silver bullet" when it comes to cyber-security so having your tools and solutions integrated together provides greater observability and reduces the risks of threats slipping through the cracks.
Building on the integrations with Microsoft Sentinel and Palo Alto, the newly launched Commvault Cloud Platform has added integrations for:
Avira (part of Gen): aims to protect the online world by providing cybersecurity products and services, both direct to consumers as well as via APIs for many of the industry's best-known cybersecurity companies.
Darktrace: using AI that learns in real-time on the unique data of each business, Darktrace's Cyber AI products are designed to help organizations of all sizes prevent, detect, respond to, and heal from cyber disruption.
Databricks: combines the best of data warehouses and data lakes to offer an open and unified platform for data and AI.
Entrust: a global data security and identity solutions provider that is a leader in post-quantum cryptography and data encryption to secure data from current and future threats, advancing cyber resiliency.
Netskope: a global SASE cybersecurity leader, helps organizations apply zero trust principles and AI/ML innovations to protect data and defend against cyber threats.
Palo Alto Networks: leveraging Cortex XSOAR, accelerates incident response times to outpace cyberthreats, so organizations can embrace technology with confidence.
Trellix: the Trellix Intelligent Virtual Execution (IVX) sandbox allows organizations to safely analyze and inspect malware in an isolated environment, enabling better understanding of zero-day threat patterns in both backup data and production networks.
It's good to see companies taking a more open approach to collaboration when it comes to security - this is a team sport!
Cohesity Announces Early Access for Cohesity Turing Integration with Amazon Bedrock
[Link to Original Article]
Why it Matters?
Cohesity is gearing up for AWS re:Invent at the end of November 2023 with several announcements. The big one, is the announcement of early-access to Cohesity's Turing AI engine and expanded integrations with AWS Bedrock. Turing was announced back in May 2023 along with a partnership with Google Cloud and integrations with their Vertex AI tools. It's possible that Cohesity may have pivoted their Turing development from leveraging Google Vertex AI in the beginning to now use AWS Bedrock at preview, but it could also be that they are simply integrating with the 2 engines on some level and have their own AI engine at the core of Turing.
Cohesity using BOTH AI toolkits isn't all that strange as we've seen other vendors like Druva showcase the use of multiple AI/ML engines to support various use cases. In fact, if you look back in April 2023, Cohesity also announced integrations with Microsoft Azure's OpenAI engine - so that would imply that Cohesity's Turing solution can and/or does utilize AI tools from all 3 hyperscalers. As more details regarding Turing become publicly available we'll get some better insight into how their models are interacting and which are serving which purposes and use cases.
Just to refresh on where Cohesity is positioning their Turing AI, it is intended to provide the following functionality:
Managing, securing, and analyzing data: With access to the Cohesity Data Cloud, users will be able to securely index their data and use Cohesity Turing’s AI capabilities for insightful analytics that uncover deep insights and offer informed answers to questions about business and application data.
Enriched data interaction and learning: Customers will be able to query their own data with intuitive, natural-language conversations and generate simplified, secure insights from their historical data.
Implementing Retrieval Augmented Generation (RAG): Cohesity Turing and the Cohesity Data Cloud will leverage Amazon Bedrock to enhance customers’ data interpretation and will provide grounded responses to queries through RAG.
Varonis Introduces Athena AI to Transform Data Security and Incident Response
[Link to Original Article]
Why it Matters?
Following suit with many others in the data protection and data management space, Varonis has launched their own natural language processing (NLP) AI co-pilot which they're calling Athena AI. Varonis is capable of providing very deep analysis of the data under it's management, but these analytics can be fairly complex to generate and difficult to interpret depending on the queries. Having a conversational AI engine that you can interact with to help delve into the data and results will go a long way to accelerating the "time to value" and overall usage of the platform.
Rubrik introduces Ruby, the generative AI companion to accelerate cyber detection, recovery, and resilience
[Link to Original Article]
Why it Matters?
Rubrik is following suit with others in the data protection space and launching their own AI-powered co-pilot. The newly launched "Ruby" AI bot doesn't yet appear to be doing anything unique compared to what the other players have brought to the table. Ruby looks like it will be providing natural language assistance (chat bot), guidance, and workflow navigation at the onset.
So, for those keeping score at home, we now have:
Druva "Dru" copilot
Parablu AI assistant
Commvault "Arlie" copilot
Varonis "Athena AI" copilot
Cohesity "Turing" support bot
Rubrik "Ruby" assistant
I'm sure the rest of the market will add their own AI tools to the mix soon enough.
Backblaze Announces Third Quarter 2023 Financial Results
[Link to Original Article]
Why it Matters?
As part of their Q3 results, Backblaze's big financial news was crossing the $100M ARR threshold. This is a big milestone and supported by consistent double-digit growth on the storage side I would expect to see this continue into Q4 and beyond. What surprised me was how much the Backblaze backup solution contributed (over 50%) to overall ARR! I wasn't aware that it was so substantial!
Other highlights from Q3 include a backend upgrade of their storage cloud increasing performance significantly for small file transfers, eliminating egress fees, and expanded partnerships.
Performant and cost-effective cloud storage is a fundamental infrastructure element in today's IT landscape and Backblaze is certainly doing the right things to stand out in the market.
Druva Appoints John Hultman as Chief Revenue Officer
[Link to Original Article]
Why it Matters?
Druva has appointed a new CRO, John Hultman, who joins from Cohesity where he held the dual roles of SVP for Americas Sales as well as being VP of GTM Sales & Global Channel Sales. Prior to that John held various senior sales leadership roles over an 18 year career at EMC. John comes in and will apparently replace Chris White who was the CRO since 2020.
John's proven track record and industry knowledge will be beneficial as Druva looks to build on their successful $200M ARR milestone and continue their growth.
Commvault's Chua Chee Pin moves to Veeam to head up SEAK
[Link to Original Article]
Why it Matters?
Commvault will be looking for new ASEAN sales leadership as their former VP for the region has moved to Veeam as their new VP for SEAK. Veeam has been aiming to expand their operations in the region and gaining an experienced local leader will help as the build and develop the region.
Written by Matt Tyrer. These posts reflect my own opinion and are not necessarily the opinion of my employer.
Comments