“If you just want to walk fast, walk alone. But if you want to walk far, then walk together.” — Steve Jobs
It’s been an eventful four months since Backrightup officially became part of Rubrik, the leader in data protection and cyber resilience.
This period has been about more than just joining a new organization; it’s been about actively charting the course for how our specialized focus on DevOps data protection contributes to Rubrik's comprehensive strategy. I’m thrilled to share that our integration into the Rubrik ecosystem has been a remarkably positive and energizing experience, validating the importance of DevOps protection and demonstrating how significantly this area can be amplified within a broader data security mission.
As the founder of Backrightup (and now a Principal Engineer at Rubrik) my primary focus has been on this integration journey—ensuring that the technology and vision we developed at Backrightup seamlessly integrates with Rubrik’s offerings and is further enhanced by the broader platform. It's inspiring to see our specialized DevOps protection expertise find its place, enhancing Rubrik’s formidable platform and allowing us to bring this critical piece of the data security puzzle to a much wider audience.
The Genesis of Backrightup: A Vision Finding its Broader Home
Backrightup was born from a clear understanding: in an era where software is the business, code repositories are invaluable.
Given the shared responsibility model inherent in DevOps platforms, we saw a pressing need for automated backup and recovery for Azure DevOps and GitHub that addresses the entire development lifecycle and associated artifacts. It’s been rewarding to see this focused vision now find a powerful context and be amplified within Rubrik’s overarching commitment to comprehensive data security, from code to cloud.
Why DevOps Protection Remains a Business Imperative
Code repositories are the engines of innovation, containing proprietary algorithms and sensitive data, prized assets that can, at times, become potential attack vectors. Their security is fundamental to your software supply chain integrity and the threats are diverse:
Outages: Major platforms aren't immune. For instance, in March 2022 GitHub outages affected approximately 73 million users and in 2023 13.94% of GitHub incidents had a major impact.
Cyberattacks: Malicious actors have actively targeted code repositories: in a ransomware attack, attackers wiped code from GitHub and GitLab repositories. In another incident, node package manager (npm) vulnerabilities allowed attackers to publish malicious versions of legitimate packages.
Indeed, Microsoft’s own code repositories were compromised by attackers who exfiltrated portions of source code. And the threats are accelerating: Gartner predicts that 45% of organizations will be at risk of software supply chain attacks by 2025.Sensitive Data Exposure Risk: Code repositories often house critical secrets, which can be exposed by cyberattacks or suboptimal DevOps practices (like storing plaintext credentials in code or mishandling access tokens).
For instance, a misconfigured GitHub token exposed Mercedes-Benz's source code and sensitive access keys. Attackers actively scan for such leaked secrets to orchestrate wider compromises, as seen in the Europcar data breach, where stolen credentials from repositories ultimately led to the exposure of personal data for up to 200,000 customers via compromised SQL backups.Compliance Mandates: Regulations like the Digital Operational Resilience Act (DORA) (effective January 17, 2025) enforce stricter DevOps security. GDPR, HIPAA, and ISO 27001 also require demonstrable backup compliance.
Remember, under the shared responsibility model you are responsible for your data on platforms like GitHub and Azure DevOps. Dedicated, robust protection is indispensable, as native tools often fall short on granularity, retention or ease-of-use.
Rubrik and Backrightup: Integrating a Specialized Capability into a Powerful Platform
Our decision for Backrightup to join Rubrik was driven by the potential for our specialized mission to thrive on a larger stage. Rubrik's leadership in data security has been powerfully demonstrated by its leading product and engineering teams and their proven expertise in the backup and recovery of a diverse set of enterprise data. This is the perfect platform for Backrightup’s focused work in DevOps protection to take root and grow. These past four months have been about realizing this potential, working within the Rubrik environment to integrate our technology and add our strengths to Rubrik's robust foundation.
Rubrik had already recognized the growing customer demand for Azure DevOps and GitHub backup and recovery, especially with regulations like DORA looming. This foresight meant Backrightup’s capabilities could readily contribute to an established strategy, incorporating specialized capabilities into Rubrik’s "Code to Cloud" vision of cyber resilience. Securing your code repositories and DevOps pipelines is a critical component in Rubrik’s strategy to protect your data throughout the cloud lifecycle. This journey of integration is a testament to Rubrik’s commitment to proactively meet evolving customer needs.
The Future is Bright: The Path to Fully Integrated DevOps Protection
We are making great progress, seamlessly integrating DevOps protection into the Rubrik experience. Backrightup’s deep expertise compliments Rubrik’s industry-leading platform, extensive resources, and global reach. The dedicated DevOps Protection team within Rubrik is focused on enhancing this specific area of data security for all Rubrik customers.
You can continue to expect the core strengths that defined Backrightup, now with the backing and broader security context of Rubrik:
Seamless Backups: Protecting your DevOps data with ease
Rapid Recovery: Ensuring quick and effortless restores
Enhanced Compliance: Delivering enterprise-grade protection for your DevOps data
These initial months have been about charting the course for deeper integration and will pave the way for a unified and truly holistic view of data security—from traditional infrastructure to cloud-native applications and your vital code repositories.
To Our Valued Backrightup Customers
Thank you for your continued trust as we’ve navigated this transition. Your partnership remains instrumental. You now have the backing of a global leader, and we are committed to ensuring the evolution of these services, as part of Rubrik, brings you enhanced capabilities.
As a reminder, in this transition period please continue to lean on your Rubrik representatives for any requirements.
To Our Future Customers: The Strengthened Value Proposition
If your organization relies on Azure DevOps or GitHub, Rubrik, now incorporating Backrightup's technology, provides an even more compelling solution. These past months have allowed us to refine how this specialized protection fits into Rubrik’s comprehensive value proposition. Whether you are driven by compliance needs like DORA, aiming to secure your innovation engine, or looking to close gaps in current approaches, you will find a more comprehensive answer for this vital data with Rubrik.
Let's Continue to Build a More Resilient Future, Together
This is just the beginning of an exciting new chapter for DevOps protection within Rubrik. Integrating our focused expertise with Rubrik's proven platform enhances overall cyber resilience, and we are committed to ensuring the security of your digital future. The progress made is significant, and the path ahead for this capability, guided by Rubrik's broad vision, is promising for securing this vital part of your IT landscape.