Why is it that the most impressive technologies are often the ones that go unnoticed? Sometimes what makes technology impressive is precisely that it goes unnoticed, and that is the case with the Rubrik Data Observability engine.  

As ransomware continues to grow as a real, costly, and persistent threat to conducting business, organizations are looking for smarter and faster ways to keep data safe and recover easily in the face of cyber attacks. Many tools are available to analyze anomalous behavior and ransomware signatures throughout the infrastructure; however, don’t overlook the opportunity to leverage data stored within backup systems as an even more active form of cyber defense for data systems.  

Detecting Risk and Analyzing Threats Can Have Real Economic Impact

One could argue that it’s shockingly unimpressive how rarely backup data is used to defend against cyber attacks. After all, the data is all there – it is captured across all your critical workloads and across time. With this unique understanding of the breadth and evolution of data, it only seems logical to use it in both the preemptive monitoring of data risks as well as during the high-stress investigation and remediation cycles that follow an attack.  

Detection and analysis within backup data are not just fancy premium capabilities for sophisticated IT and Security Operations teams. When a single day of data downtime can cost millions of dollars for organizations, there is a real economic impact to having augmented intelligence about cyber risks and threats. Early alerts around unusual patterns of change or recommendations about the last known clean snapshot can provide invaluable insights to avoid the costs and challenges of cyber attacks.

Reduce Impact and Downtime

Rubrik has been a pioneer in understanding that backup data can be an active weapon of cyber defense. That’s why years of R&D have been invested in different methods of detection and analytics to help organizations reduce the impact of cyber attacks. Rubrik is now bringing together those years of R&D innovation by unveiling our Data Observability engine. The Rubrik Data Observability engine identifies when, where, and how attacks have impacted systems so that risks can be mitigated easily and compromises can be remediated quickly while preserving data quality.

The Rubrik Data Observability engine today has three pre-built scanners for sensitive data discovery, blast radius identification, and threat hunting. The architecture for the Rubrik Data Observability engine is simple. Rubrik indexes snapshot data as it is backed up across different workloads so there is unified knowledge of what information is available for recovery.



This knowledge can also be used to either move or restrict access to data assets based on data sensitivity. Rubrik’s machine learning algorithms then analyze backup snapshots over time to detect anomalous activity, such as unexpected encryption or deletion, so that threats can be investigated early. Rubrik’s algorithms can also help identify the blast radius of a cyber attack so only the affected data needs to be recovered for the faster restoration of business operations. 

Finally, Rubrik organizes backup snapshots into a time-series that can be scanned and analyzed on-demand to find indicators of compromise. This ensures safer recovery by helping organizations contain infected data and restore the last known clean copy.

What’s New With Data Observability?

With the new release, Rubrik plans to further enhance its Data Observability tools and capabilities to help organizations better assess risk, detect malware early, and investigate threats faster. 

  • Ransomware Strain Identification suggests the specific strain of ransomware that has infected systems to help accelerate threat response. 

  • Sensitive Data Discovery for Microsoft 365 discovers, classifies, and reports on sensitive data within Microsoft 365 to better assess risk and help maintain compliance with regulations.

Brains and Braun Combine To Secure Your Business

As ransomware continues to rise, passive backup systems are limited in their ability to defend against cyber attacks. In order for these platforms to become active weapons of cyber defense and critical components of cybersecurity, they must address the needs of preparation, detection and analysis, as well as containment and recovery. That’s why the Rubrik Data Observability engine is now part of the Rubrik Security Cloud. Rubrik Security Cloud keeps data safe and makes it easy to recover in the face of cyber-attacks.



Check out the executive keynotes at Rubrik FORWARD to learn more about Rubrik’s approach to Data Observability as well as other new announcements. There’s never been a better time to use Rubrik as an active weapon of cyber defense to discover risks, detect malware, and identify threats.