Rubrik today unfurled a security application that runs on top of its data management platform and leverages machine learning algorithms to combat security breaches such as ransomware.
Soham Mazumdar, co-founder and chief architect for Rubrik, said Polaris Radar is the first security incident management application Rubrik has developed on top of its platform. The company previously only offered a backup and recovery application on top of its platform.Both offerings are made available as software-as-a-service (SaaS) applications. The core Rubrik data management platform unifies backup, instant recovery, replication, search, analytics, archival, compliance, copy data management and, now, data security.
Mazumdar said Polaris Radar employs the machine learning algorithms embedded in the core platform to model threat behavior. Those algorithms leverage metadata generated by the core platform to track how users behave and data is used. Polaris Radar then generates alerts for anomalies and suspicious behavior, such as ransomware.
IT organizations also can readily identify which applications and data might be impacted by those attacks and where those applications are located. Radar then automates manual recovery processes by allowing end users to select all impacted applications and files and restore them to the most recent clean state with just a few clicks.
Rubrik also committed today to exposing the metadata collected by Polaris Radar via an open application programming interface (API) that should make it possible to infuse the analytics generated by the Rubrik application into existing monitoring dashboards, security operations workflows and prevention products.
Mazumdar said Rubrik has been gaining traction by providing a data management platform that enable IT organizations to unify data management processes that are highly fragmented. Rubrik is already valued at more than $1 billion with a revenue run rate that now exceeds $300 million. Most organizations today have separate applications for replication, archiving and copy data management, and Rubrik enables organizations to integrate all those processes at a lower cost, Mazumdar said, adding now that core capability is being extended into the realm of cybersecurity.
A wide variety of vendors over the years have tried to unify the management of cybersecurity and data management with mixed success. But with the rise of ransomware, IT organizations have quickly realized the real way to thwart those attacks is to able to access pristine copies of their data should cybercriminals successfully launch a ransomware to encrypt their data. The challenge most organizations have faced is that many of them have been unable to access a pristine copy of their data because it was never backed up in the first place or a complicated process resulted in backup data becoming corrupted.
It’s not yet clear to what degree data management and cybersecurity teams inside IT organizations will be melded together. But over time, it’s clear organizations will want higher levels of automation spanning both disciplines. The detection of a ransomware attack should trigger an immediate backup of as much data as possible before more of it becomes encrypted. It may not be possible to defeat every ransomware attack being launched. But IT organizations can move faster to limit the so-called “blast radius” of those attacks.