In doing so, organizations can use Cisco XDR to automatically recover from ransomware attacks, the company announced in a prepared statement.
What Cohesity DataProtect and DataHawk Offer
Organizations can utilize Cohesity DataProtect to secure their cloud-native, SaaS and on-premises data, the company said. DataProtect offers data backup, continuous data protection, disaster recovery and ransomware attack detection capabilities. It allows organizations to store backed-up data in a secured file system in immutable snapshots that cannot be directly accessed or mounted from outside the Cohesity cluster.
Meanwhile, organizations can leverage Cohesity DataHawk to identify threats, assess the impact of a cyberattack and recover their data, the company indicated. DataHawk provides threat protection and machine learning-powered data classification capabilities. It can be used with the Cohesity Security Center console, which provides organizations with security posture monitoring, anomaly and threat detection, data classification, user activity tracking and cyber vaulting capabilities.
Cohesity Brings Data Backup and Recovery Capabilities to Cisco XDR
Organizations can use Cohesity DataProtect and DataHawk with Cisco XDR to automatically identify, snapshot and restore data at the first sign of a ransomware attack, Cisco indicated. As such, organizations can mitigate ransomware attacks before they can move laterally across their networks.
DataProtect and DataHawk complement Cisco XDR's threat detection, correlation and response capabilities, Cisco noted. They provide configurable recovery points and mass recovery for systems assigned to a protection plan.
DataProtect and DataHawk help Cisco XDR users preserve potentially infected virtual machines (VMs) for future forensic investigations, Cisco said. At the same time, they protect user data and workloads.
A Closer Look at Cisco XDR
Cisco in April 2023 announced its XDR solution at the RSA Conference in San Francisco, California. The solution lets organizations use analytics to quickly detect and address threats, Cisco said. It works in combination with various security solutions, including:
- Endpoint detection and response (EDR) solutions such as CrowdStrike Falcon Insight XDR and Microsoft Defender for Endpoint
- Email threat protection solutions including Microsoft Defender for Office and Proofpoint Email Protection
- Next-generation firewall solutions like Check Point Quantum and Palo Alto Networks Next-Generation Firewall
- Network detection and response (NDR) solutions such as Darktrace DETECT and Darktrace RESPOND
- Security information and event management (SIEM) solutions including Microsoft Sentinel
Cisco XDR is generally available worldwide. MSSPs, MSPs and other technology providers can join Cisco's partner program to integrate Cisco XDR into their offerings.