Cohesity has announced it has expanded the Cohesity Cyber Event Response Team (CERT) service to include partnerships with leading incident response (IR) vendors. The Cohesity CERT team has years of specialized incident response expertise and has helped numerous customers respond and recover quickly from high-stakes security events since its formation in 2021. By partnering with leading IR vendors such as Palo Alto Networks Unit 42, Arctic Wolf, Sophos, Fenix24, and Semperis, Cohesity CERT augments the traditional IR process, infusing rich data and backup and recovery expertise, helping to speed investigations and enable customers to recover quicker from incidents.
Using native platform capabilities, Cohesity CERT can share a consolidated set of customer-approved operational data with its IR partners, including logs, reports, inventories, and more. This rich dataset, together with Cohesity CERT’s deep data security and recovery expertise, enhances the digital forensics, threat intelligence, and containment capabilities of IR partners, enabling them to perform more effective and efficient analysis of the cyber incident and quickly resolve issues while reducing business downtimes. Customers also have peace of mind their IR partner of choice can collaborate directly with Cohesity to streamline their cyber response and ensure they restore clean data faster.
“With ransomware, data breaches, and other cyber threats becoming an unavoidable reality, organizations need the assurance that they can bounce back faster, stronger, and smarter,” said Sanjay Poonen, CEO, Cohesity. “Cohesity CERT is a natural extension of our mission to empower organizations with resilient, secure data management. We’re doubling our commitment to our customers by ensuring they have the expertise and tools to navigate and recover from cyber crises effectively. Cyber resilience is the cornerstone of modern cybersecurity, and we are committed to helping our customers achieve it.”
Cohesity CERT is available to all Cohesity customers as part of their existing subscription. Customers can benefit from:
- Minimized Business Disruption and Financial Loss: As cyberattacks become more frequent and damaging, Cohesity aids customers in swiftly detecting, investigating, and recovering from incidents, preventing and minimizing extended operational disruptions.
- Comprehensive, Coordinated Response and Recovery: Working alongside its broad ecosystem of industry-leading IR partners, Cohesity has developed a methodology that utilizes native platform capabilities and integrations with its Data Security Alliance to provide greater insight into data breaches. This methodology includes a consolidated set of customer-approved operational data, including logs, reports, inventories, and more, which can be rapidly shared with approved parties, including an external incident response provider, to enable more effective and efficient analysis leading to safer and faster recovery after a destructive cyber attack.
- 24/7 Availability and Multi-vendor Integrated Support: Cohesity CERT handles a wide range of incidents, from sophisticated ransomware and data breaches to targeted attacks, and assists customers whenever cyber incidents occur. Cohesity and its partners maintain communication throughout the response and recovery process, allowing for faster decision-making and a more agile response to cyberattacks.
- Specialized Expertise and Proactive Recommendations: Personnel fromCohesity CERT and its partners are seasoned cybersecurity experts with specialized knowledge in incident response, threat intelligence, and forensics, making them an invaluable resource during critical incidents. The service provides actionable recommendations and valuable expertise that help businesses strengthen their defenses over time, enabling customers to stay ahead of evolving cyber threats.
“Cybercriminals are increasingly emboldened by new technology, making cyberattacks more effective and efficient. Unit 42 provides customers with leading incident response expertise, threat intelligence and proactive services, enabling them to effectively address the most challenging threats. Through this new partnership, Cohesity will play a crucial role in expediting backup and business recovery processes of shared customers. This collaboration will greatly benefit our customers, ensuring a comprehensive approach to cybersecurity that enhances the overall investigation process for Unit 42,” said Sam Rubin, SVP of Consulting and Threat Intelligence, Unit 42 at Palo Alto Networks.
“Time and information are two of the most critical parts of incident response. The more information we have, the quicker we can return a customer to normal operations,” said Kerri Shafer-Page, Vice President, Incident Response, Arctic Wolf. ”Cohesity’s quick response toolkit gives us access to all kinds of data that can enable a more comprehensive investigation and quicker recovery. Partnering with Cohesity CERT adds valuable expertise in backup and recovery and helps us ensure our joint customers are resilient no matter what attackers throw at them.”
“Your organization is only as safe as your backup controls are secure, redundant, immutable, and relevant to threat actor playbooks,” said John Anthony Smith, founder and chief security officer of Conversant Group. “However, incident response investigations can be complex and time-consuming. Therefore, our long-standing partnership with Cohesity CERT is highly beneficial to our joint customers because it adds valuable expertise in backup and recovery and helps us ensure resiliency no matter what attackers throw at them.”
”By partnering with Cohesity CERT, Sophos’ Incident Response (IR) team of experts who work 27/4 around the world identifying and neutralizing threats can jump right in to assess and react to active threats targeting Cohesity’s customers,” said Rob Harrison, senior vice president of Product Management for SecOps and Endpoint Security at Sophos. “This streamlined process is critical because the faster Sophos IR can get involved, the faster the team can disrupt and eject attackers before they exfiltrate data, carry out ransomware or other damaging activities. With this partnership, Sophos customers will also be referred to Cohesity’s quick response toolkit for comprehensive backup and recovery programs. This collaboration ensures our joint customers are more resilient and able to recover faster from cyberattacks.”
“Expanding our partnership with Cohesity will improve operational resilience for our joint customers and partners, by protecting the critical pathways that ransomware attackers use to compromise Microsoft Active Directory (AD) and Entra ID systems. In nearly all ransomware attacks, adversaries target AD or Entra ID as the key to the organization. Without sufficient backup and recovery solutions and regular continuity testing, disruptions of these identity systems can and do occur, costing organizations money and putting critical infrastructure at risk,” said Mickey Bresman, CEO, Semperis. “Semperis’ combined 150+ years of AD experience not only sets us apart in the hybrid identity system security market, it also enables us to protect top global organizations and rebuild compromised identity systems in hours rather than days, weeks, or months.”
“Enterprise security teams need all the help they can get. One third of enterprises have expressed that current staffing levels are inadequate for their organization’s challenges; the degrees of staff specialization have consistently increased. In lieu of additional staffing, enterprises are looking for vendors to provide value-added services that improve processes with their products.” – 451 Research, part of S&P Global Market Intelligence: 2023 VoTE Information Security Organizational Behavior & 2024 VoTE Information Security Budgets Study.
