Cohesity Enhances Identity Security with New ITDR Features
Cohesity has recently unveiled advanced capabilities in Identity Threat Detection and Response (ITDR), further enhancing its existing Cohesity Identity Resilience portfolio. These innovations aim to provide a more robust strategy for the protection and recovery of crucial identity systems such as Active Directory (AD) and Microsoft Entra ID.
The Importance of Identity in Cybersecurity
Identity management is a cornerstone of enterprise security. It is the gateway to all types of access and, when compromised, can lead to significant operational disruptions and heightened risks for organizations. Cybercriminals are persistently on the lookout for weaknesses—be it misconfigurations, privilege escalation vulnerabilities, or insufficient controls—to gain entry to sensitive information. Recognizing these challenges, Cohesity is now equipping organizations with specialized tools designed to bolster their identity security framework. These tools not only help prevent identity-driven attacks in real-time but also facilitate precise recovery when incidents do occur.
Quotes from Leadership
Vasu Murthy, Cohesity’s Chief Product Officer, emphasizes the critical role of identity in achieving cyber resilience. “When identity systems are compromised, the impact can be immediate and widespread,” Murthy states. He adds that Cohesity’s approach creates a holistic view of hybrid identity risks, merging threat detection with recovery efforts across Active Directory and Entra ID. This integrated approach aims to enhance the ability of organizations to mitigate risks swiftly and recover effectively, before, during, and after a cyber attack.
Adding to this perspective, Gregg Petersen, Regional Director for the Middle East, highlights how the demand for modernized identity management is growing, particularly in the UAE. With the increase in cloud adoption and digital transformations, organizations recognize the urgency of securing identity systems against cyber threats. Petersen points out that identity-based attacks have become one of the most prevalent cyberattack methods in the region, underscoring the importance of Cohesity’s expanded portfolio in offering secure identity threat detection.
Unified Identity Resilience
Building on its collaboration with Semperis, Cohesity’s new ITDR capabilities combine innovative technologies to protect and recover identity systems seamlessly. The strategy consists of three phases:
Pre-Attack Measures
Before an attack occurs, Cohesity continuously analyzes identity posture, identifying weaknesses such as misconfigurations and risky changes. This proactive approach helps to minimize the attack surface and detects patterns indicative of potential attacks.
Responding During an Attack
During a cyber incident, automated remediation tools allow for quick action in response to malicious alterations across AD and Entra ID. Such swift measures can execute vital rollback actions without waiting for human intervention, while security teams can utilize tailored rules and automated workflows to thwart attackers effectively.
Recovery After an Attack
Post-attack, Cohesity simplifies the incident response process by translating complex identity change data into easily understandable language. This capability enables teams to investigate rapidly, isolate threats, and conduct detailed forensics, ensuring that attackers are evicted and future breaches are prevented.
New Features in the ITDR Framework
The recent launch has added several features designed to enhance organizational security:
- Vulnerability Assessment: Continuous monitoring for overexposure or compromise indicators.
- Automatic Rollback: Real-time restoration of identity changes deemed malicious or unsafe.
- Tamperproof Tracking: Immutable documentation of identity changes, even in cases of log shutdowns.
- Service Account Protection: Detection of misconfigured service accounts that may pose security risks.
- Entra ID Change Tracking: Near real-time updates on role assignments and user modifications.
- Compliance Reporting: Templates designed to align with key regulations such as GDPR and HIPAA.
- SIEM/SOAR Integrations: Enhanced connectivity with platforms like Splunk and Microsoft Sentinel for improved security operations.
Quantifiable Benefits
Cohesity’s expanded ITDR offerings promise tangible improvements in cyber resilience for enterprises. Key benefits include:
- A 90% reduction in Active Directory forest recovery time
- A 25% decrease in the likelihood of successful AD attacks
- A 40% reduction in time dedicated to manual identity monitoring
- Significant cost savings in business continuity and operational expenditures
Cohesity’s innovative ITDR capabilities position it as a leading provider in identity management solutions, standing apart from conventional backup-only or point-solution vendors. These enhancements are now part of the comprehensive Cohesity Identity Resilience offering, setting new standards in the realm of cybersecurity.
