As Cohesity CyberScan examines backup data, it does not affect the performance of production systems. Cohesity's architecture means the application runs directly on the Cohesity cluster where the data resides, avoiding the need to move the data to a separate application environment.
CyberScan uses Tenable.io to identify applications affected by entries in the public Common Vulnerabilities and Exposures (CVE) database.
"This is the first application we've seen that focuses on assessing systems for exposures, such as vulnerabilities, within backup data," said Tenable vice president of technical alliances Ray Komar.
Furthermore, 37% of organisations said they do not scan for vulnerabilities.
CyberScan, available on the Cohesity MarketPlace, scans backup copies the Cohesity DataPlatform, identifies issues, and presents the results as a security dashboard with actionable recommendations for addressing these vulnerabilities.
"Visibility is the first step in addressing cyber exposures and vulnerabilities. With increasing cyber threats, enterprises need a solution that can help uncover blind spots while also ensuring no previously addressed vulnerabilities are re-injected into the IT production systems. Enterprises can now leverages their backup data and infrastructure to assess their IT product environment’s risk posture by discovering vulnerabilities and also perform a backup verification for a predictable recovery," Cohesity director of product marketing Raj Dutt told iTWire.
It also verifies that a given backup snapshot is recoverable, and eliminates the risk of re-injecting known or previously addressed vulnerabilities back into the production environment as a side-effect of recovering from a backup.
"Businesses today need an IT environment that runs 24-7 and want to avoid recovering VMs with known vulnerabilities," said Cohesity vice president of product management Raj Rajamani.
"While we are focused on empowering customers to make backup data more productive, we are also proud to introduce an industry-first solution that helps customers easily identify exposures, such as vulnerabilities and misconfigurations, without putting any additional burden on their mission-critical operations."
All Cohesity customers may use CyberScan as part of the Pegasus 6.4 software release.