Rubrik, Inc., the Zero Trust Data Security™ company, announces a new partnership and technology integration with Mandiant, part of Google Cloud. The collaboration brings together pioneers in data security, incident response, and threat intelligence, aiming to expedite customers’ threat detection and path to cyber recovery.
“This partnership will gations leveraging Rubrik’s backup solutions to identify threats in their backups powered by Mandiant’s industry-pioneering threat detection and intelligence,” said Steve Elovitz, Director, Mandiant Consulting. “Together, we can help organisations before, during, and after cyber attacks to ensure businesses can respond quickly and get back up and running as soon as possible.”
Mandiant’s M-Trends 2024 report
The global median dwell time from centre to detection is improving, according to M-Trends 2024 report
While the global median dwell time from compromise to detection is improving, according to Mandiant’s M-Trends 2024 report, threat actors operate undetected in victims’ environments for a median of 10 days — giving them more than enough time to conduct a destructive attack.
Organisations often will recover to the most recent backup prior to encryption, but what if that backup has been infected with a backdoor? Through this partnership, indicators of compromise learned on the frontlines of some of the most impactful breaches can be applied proactively to enable cyber resilience.
“Organisations have been responding to ransomware attacks with months-long recovery processes, which can result in irreparable damage to the business,” said Steve Stone, Head of Rubrik Zero Labs. “With Mandiant, we are able to demonstrably lessen the impact window of ransomware attacks while simultaneously increasing the capabilities available to customers in need — from threat intelligence to rapid access to incident response teams. Together, we connect the dots in a time of crisis to deliver true cyber resilience.”
Three key pillars of this partnership
Rubrik’s threat-hunting and threat-monitoring abilities are used to identify a safe recovery point
Breaking intrusions, active campaigns, and evolving threats detected by Mandiant Threat Intelligence are now integrated into Rubrik’s Threat Monitoring capability providing threat intelligence to Rubrik Enterprise Edition customers. This helps organisations to identify and combat threats including ransomware, malware, and malicious intrusions before they can execute destructive activity using Mandiant Threat Intelligence at scale.
Rubrik’s Threat Hunting and Threat Monitoring capabilities are used to identify a safe recovery point by automatically applying Mandiant Threat Intelligence’s thousands of knowledge points from the breaches that matter against every Rubrik backup.
Multi-cloud environments
When victim organisations are recovering their systems from backups, concerns often linger that the backup itself contains backdoors left for reinfection.
Organisations can proactively eliminate this problem with Rubrik Clean Room Recovery, which allows customers to recover and store data in a clean Google Cloud environment or multi-cloud environments, supporting customer choice with secure technology and solutions.
Incident response capabilities
Rubrik’s Ransomware Response Team provides expertise around data recovery
For their joint customers, Rubrik and Mandiant can bring together their respective Ransomware Response and Incident Response teams to provide victims with additional investigative and recovery support. Rubrik’s Ransomware Response Team provides expertise around data recovery and how to integrate and utilise backups, while the Mandiant Incident Response team bolsters organisations’ incident response capabilities and responds to active breaches.
Through this partnership, joint customers will be able to ensure that in the event of an attack, the Mandiant and Rubrik teams are working together to help the business get back up and running as fast as possible in their most critical times.
These three efforts can help any organisation to receive the benefits of consistency, integration, best-in-class technology and expertise working together, and ability to control their risk against the threats that matter.