Watch on YouTube
Watch on Vimeo
Veeam has delivered true security capabilities in the platform, both to protect the Veeam installation itself and to identify threats in the data they are safeguarding. Veeam has been developing security features and enhancements for its platform, starting with instant virtual machine recovery and extending into proactive threat hunting. Key innovations include the Veeam Data Platform 12.1, which introduced a threat center, AI-based inline malware detection, and proactive threat hunting capabilities. The acquisition of Coveware further strengthened Veeam’s incident response capabilities, providing expertise in ransomware negotiation and proactive incident planning.
Veeam’s security innovations focus on both protecting the Veeam environment and identifying threats within the protected data. Threat Hunter provides signature-based scans of backups, while AI-based inline detection scans data streams for anomalies. Indicators of Compromise (IOC) analysis identifies known attacker toolkits, and suspicious file activity analysis examines unusual file behavior. Veeam also offers security and compliance analyzers to ensure best practices in data protection and infrastructure security, including MFA and four-eyes authorization. These features aim to provide a multi-layered approach to security, addressing threats both during and after the backup process.
To facilitate incident response, Veeam offers an Incident API, enabling bi-directional communication between security tools and the Veeam platform. This allows for automated actions, such as creating out-of-band backups when a security tool detects an active attack. Veeam’s Threat Center provides a high-level overview of the security status of the data protection environment, while the Data Platform Scorecard assesses overall resilience and adherence to best practices. Veeam also integrates with security ecosystems, allowing customers to leverage their existing security investments. This comprehensive approach aims to minimize data loss and accelerate recovery in the event of a security incident.
Personnel: Emilee Tellez, Rick Vanover
Thank you for being part of the Tech Field Day community! Our mailing list is a great way to stay up to date on our events and technical content, and we appreciate your signup.
We promise that we’ll never spam you, send ads, or sell your information. This list will only be used to communicate with our community about our events and content. And we’ll limit it to no more than one message per week.
Although we only need your email address, it would be nice if you provided a little more information to help us get to know you better!
