Data security company Rubrik has announced a new partnership and technology integration with Google Cloud’s Mandiant at this week’s Black Hat event in Las Vegas.
Mandiant Threat Intelligence feeds are now integrated directly into Rubrik Security Cloud, Clean Room Recovery on Google Cloud, and Incident Response Team Collaboration.
“This partnership will enable organisations leveraging Rubrik’s backup solutions to identify threats in their backups powered by Mandiant’s threat detection and intelligence,” said Mandiant Consulting’s Steve Elovitz. “Together, we can help organisations before, during, and after cyber attacks to ensure businesses can respond quickly and get back up and running as soon as possible.”
The three key pillars of this partnership are:
-
Mandiant Threat Intelligence is now integrated directly in Rubrik Security Cloud: Breaking intrusions, active campaigns, and evolving threats detected by Mandiant Threat Intelligence are now integrated into Rubrik’s Threat Monitoring capability, providing threat intelligence to Rubrik Enterprise Edition customers. This helps organisations to identify and combat threats including ransomware, malware, and malicious intrusions before they can execute destructive activity using Mandiant Threat Intelligence at scale.
-
Rubrik’s threat hunting and threat monitoring capabilities are used to identify a safe recovery point by automatically applying Mandiant Threat Intelligence’s thousands of knowledge points from the breaches that matter against every Rubrik backup.
-
Clean Room Recovery powered by Google Cloud: When victim organisations are recovering their systems from backups, concerns often linger that the backup itself contains backdoors left for reinfection. Organisations can proactively eliminate this problem with Rubrik Clean Room Recovery, which allows customers to recover and store data in a clean Google Cloud environment or multi-cloud environments, supporting customer choice with secure technology and solutions.
Partnership of Rubrik ransomware response and Mandiant incident response teams: For their joint customers, Rubrik and Mandiant can bring together their respective Ransomware response and incident response teams to provide victims with additional investigative and recovery support. Rubrik’s ransomware response team provides expertise around data recovery and how to integrate and utilise backups, while the Mandiant incident response team bolsters organisations’ incident response capabilities and responds to active breaches. Through this partnership, joint customers will be able to ensure that in the event of an attack, the Mandiant and Rubrik teams are working together to help the business get back up and running as fast as possible in their most critical times.
These three efforts can help any organisation to receive the benefits of consistency, integration, best-in-class technology and expertise working together, and ability to control their risk against threats.
According to Mandiant’s M-Trends 2024 report, threat actors operate undetected in victims’ environments for a median of ten days, giving them more than enough time to conduct a destructive attack. Organisations often recover to the most recent backup before encryption, but what if that backup has been infected with a backdoor? Through this partnership, indicators of compromise learned on the frontlines of some of the most impactful breaches can be applied proactively to enable cyber resilience.
“Organisations have been responding to ransomware attacks with months-long recovery processes, which can result in irreparable damage to the business,” said Rubrik Zero Labs’ Steve Stone. “With Mandiant, we can demonstrably lessen the impact window of ransomware attacks while simultaneously increasing the capabilities available to customers in need, from threat intelligence to rapid access to incident response teams. Together, we connect the dots in a time of crisis to deliver true cyber resilience.”