When it comes to protecting our environments, we all pretty much start at a disadvantage. I’ve seen many, many organizations struggle with basic disaster recovery planning, and ransomware has completely changed that game. Remember, it isn’t if you’re attacked by ransomware, but when.
What many seem to forget is that the threat actors need to be inside of your environment to deploy the ransomware in the first place, and once they are in, they do all sorts of things besides just encrypt your data.
With the size of enterprise environments these days (my beloved virtualization has just made them bigger, not smaller, with sprawling virtual machines pretty much everywhere) it can be exceedingly difficult to get a handle on the threats and risks in the environment.
Metallic ThreatWise is Commvault’s solution to this problem. Generally available as of September 21, 2022, ThreatWise is a brand-new data security service focusing on early threat detection, and they do it with a really interesting combination of technology.
Enter the Decoys – The Age of Cyber Deception
The coolest part of Metallic ThreatWise is cyber deception. This is an active defense technology that basically mimics some of the key assets in your environment. Want to slow down the threat actors and distract them? That’s exactly what cyber deception is all about.
Metallic drops threat sensors, or decoys, around the things we know the threat actors are going to go for to either encrypt or exfiltrate like file servers, databases, and VMs. They want to try to wreak havoc and force victims to pay. When an attacker starts investigating a threat sensor, Metallic immediately exposes their activity with real time alerting so response can start immediately.
Threat sensors can be deployed in just minutes with a few simple steps of the wizard driven process.
Best of all, when it comes to a threat actor who is in your environment, they look and feel exactly like the assets you are trying to keep safe from them. While they are spending their time either trying to encrypt your data or steal it to extort you later, key stakeholders have already been alerted to what is going on in the environment so they can begin responding.
Metallic ThreatWise is about giving customers the best most up to date information on threats in their environment, reducing the impact of attack, and accelerating time to recovery.
Next Level Alerts
I’ve always been big on proper monitoring and alerting, and using monitoring tools to look for early signs of ransomware activity. Alerts generated from these threat sensors take things to the next level, because we get really interesting intelligence on how the threat actors are progressing through our environment so we can stop them as quickly as possible.
This also gives is valuable information for remediation. It is a well known fact that many organizations are attacked multiple times in succession. This is often because they never fixed the problems that let the threat actors in in the first place. ThreatWise gives organizations the data they need for proper remediation after a cyber event.
Easy to Deploy and Use
Metallic ThreatWise is simple to deploy and use. It is delivered via a SaaS model and can be deployed and configured in mere minutes.
When a threat actor does fall for and engage a threat sensor (and we all know it will happen eventually) the data is simple to view in the Metallic ThreatWise UI to analyze. My favorite part of the analysis is the easy to spot MITRE tactics that are in use by the threat actor.
ThreatWise is currently available as an add-on service to the Metallic SaaS and Commvault installed data protection solutions. It really is a no-brainer to quickly deploy ThreatWise to your data protection environment and start seeing the benefits today after a quick and easy setup.
Find out more about ThreatWise on the Metallic blog here.
You can also find a self-guided tour at this link where you can learn about what ThreatWise can do for you.
While the opinions stated in this article are my own, this content was sponsored.
Melissa is an Independent Technology Analyst & Content Creator, focused on IT infrastructure and information security. She is a VMware Certified Design Expert (VCDX-236) and has spent her career focused on the full IT infrastructure stack.