Opti9 launches Observr ransomware detection and managed services for Veeam
Opti9 Technologies has launched Observr Software-as-a-Service (SaaS) ransomware detection and standalone managed services – two new standalone service offerings that cater to organizations leveraging Veeam Software.
As the complexity of organizations’ IT continues to evolve, technical leaders are increasingly looking to shift ownership to 3rd party experts for critical layers of their stack. This is especially true for components such as backups and disaster recovery, which must provide resilience despite constant changes such as the shift to hybrid clouds and SaaS, application modernization, use of software-defined networking, and the increased risks associated with ransomware and data theft.
To address these needs, many organizations turn to managed service providers to consume backups or disaster recovery-as-a-service (BaaS/DRaaS). However, the rigidity and isolated nature of most of these offerings do not address the complexity or risks faced today. Organizations are looking to decouple value-added managed services, as well as critical security monitoring from infrastructure services.
Opti9 introduces its standalone offerings for Veeam, which are completely independent of its BaaS and DRaaS services: managed services for Veeam Software and its AI-based ransomware detection and remediation tool, Observr.
“Opti9 has leveraged Veeam’s feature rich API in an innovative and unique way to address the very real security challenges being faced by IT organizations,” says Danny Allan, CTO at Veeam.
“Observr by Opti9 allows Veeam customers to further strengthen their security posture and ensure their backup and disaster recovery infrastructure is protected via the use of Observr’s AI-based anomaly detection. Additionally, the SLA-backed threat detection service, and its integrations with security platforms such as SIEMs and XDR software, provide increased assurances from a trusted Veeam partner,” Allan continued.
Malicious attackers who infiltrate organizations’ IT environments are specifically targeting backup and replication tools to destroy any possible recovery capabilities before initiating a ransomware attack, increasing the likelihood they’ll be paid the ransom.
Designed to address this emerging threat, Observr by Opti9 is an agentless anomaly detection platform that integrates directly into Veeam Backup & Replication. Observr utilizes machine learning to baseline, monitor, and identify customer-specific suspicious activity within the backup infrastructure including operations such as; disabling jobs, changes to encryption settings, changes to retention policies, job modifications, deletion events, backup or replica size changes, incremental change rate tracking, and other factors.
Since many attackers first attempt to disable and destroy recovery options, Observr can predict and help prevent a ransomware attack before it starts. Observr provides real-time notifications and a flexible API, allowing for direct integrations with SIEM and XDR platforms.
Additionally, Observr can automatically air gap Opti9’s offsite disaster recovery infrastructure, or those owned by customers in response to threats, ensuring they can be used as a proper recovery environment, instead of being destroyed by an attacker who has gained access to the replication tool.
Opti9’s managed services for Veeam enables Veeam customers to offload the management, monitoring, and support of their Veeam infrastructure to a team of certified experts. Opti9 will provide 24x7x365 proactive management of the entire Veeam Software stack, including upgrades & patching, design & configuration, independent & external RPO monitoring, customizable alarm notifications, security & compliance reporting, restore assistance, and troubleshooting.
Clients are also provided with access to the OptiXdashboard, Opti9’s hybrid cloud management platform, to provide Veeam-specific real-time and historical data analysis, retention policy violation reports, and Observr for ransomware detection and remediation.
“By decoupling our Veeam SaaS tools and managed services from our BaaS & DRaaS offerings, Opti9 can meet customers wherever they are in their hybrid cloud journey,” says Sagi Brody, CTO at Opti9.
“Customers are free to utilize any clouds, infrastructure providers, or owned hardware while still being able to shift management to a trusted partner. This provides organizations the confidence that their RTO & RPO requirements will be met, and assurance that immediate action will be taken by Opti9 in response to alarms and suspicious activity within their backup or disaster recovery environments,” Brody concluded.