Commvault and CloudSEK Strengthen Defenses Against 24 Billion Exposed Credentials on Dark Web
Commvault has announced a strategic partnership with CloudSEK aimed at combating the escalating issue of exposed credentials prevalent on dark web marketplaces and forums. This collaboration seeks to enhance enterprise defenses against identity-based cyberattacks, which have surged due to the increasing availability of stolen credentials and the rise of automated, AI-driven attack methods.
Integration of Dark Web Intelligence
The partnership integrates CloudSEK’s dark web credential intelligence into Commvault’s Active Directory Vulnerability Assessments and Advanced Audit and Anomaly Detection offerings. This integration allows organizations to merge external data on credential exposure with internal identity telemetry, enabling early detection of compromised accounts in the attack cycle. Such proactive measures allow for immediate actions, including disabling, locking, or resetting at-risk credentials, as well as rolling back unauthorized changes within Active Directory environments.
Current industry data underscores the urgency of these initiatives, revealing that over 24 billion stolen credentials are currently circulating in underground channels. Recent trends indicate that the time frame between credential exposure and malicious exploitation has drastically reduced, from months to mere hours. In 2024 alone, it is estimated that 107 billion identity records will be exposed globally, with 57% of cyberattacks originating from compromised identities in the previous year.
Enhanced Vulnerability Management
Through this integration, vulnerabilities identified across internal systems, public sources, and dark web channels are automatically scored and prioritized. The platform provides security teams with specific remediation guidance, allowing them to focus on the most critical issues while minimizing the manual effort associated with incident response.
Nivya Ravi, Assistant Vice President of Partnerships at CloudSEK, emphasized the importance of partnerships in the current AI-driven threat landscape. By embedding CloudSEK’s predictive threat intelligence into enterprise security workflows, organizations can act on exposed credentials and identity risks before they can be exploited by attackers. This shift from reactive detection to proactive disruption is essential in today’s cybersecurity environment.
Future Availability and Upgrades
Commvault plans to make the CloudSEK integration available at no additional cost to customers utilizing its Active Directory Vulnerability Assessments and Advanced Audit and Anomaly Detection solutions later this summer. For organizations seeking expanded capabilities, an upgrade path to the full suite of CloudSEK solutions will also be offered.
Pranay Ahlawat, Chief Technology and AI Officer at Commvault, stated that integrating CloudSEK’s external exposure threat intelligence with Commvault’s Active Directory protection capabilities enhances customers’ ability to identify hidden identity risks earlier. This proactive approach is critical as cyberattacks become increasingly sophisticated.
Support for Okta and Identity Resilience
In a related development, Commvault has announced plans to support Okta within its Identity Resilience suite. As hybrid cloud architectures, SaaS deployments, and automated workflows become standard across enterprises, identity systems have emerged as crucial control points for securing organizational operations. However, these systems are frequently targeted for disruption, whether through misconfiguration or direct attacks.
Disruptions in identity provider platforms like Okta can lead to widespread access issues, locking users out of applications and interrupting business operations. Many organizations currently rely on manual processes to restore affected identity environments, which increases operational risk and prolongs downtime during incidents.
Commvault’s new offerings for Okta focus on automating protection and recovery procedures. The solution features policy-driven backups of critical objects such as users, groups, applications, and policies within Okta. With granular restoration capabilities, organizations can recover only altered or deleted items at specific points in time, minimizing disruption while maintaining operational continuity.
Backups are stored in immutable storage, isolated from production systems, to reduce exposure to ransomware attacks and unauthorized changes. Early access for Okta support is expected to launch in spring 2026, with general availability anticipated by summer 2026. The product will be delivered globally as part of Commvault’s Cloud Identity Resilience suite on a per-user pricing model.
As reported by www.verdict.co.uk, the collaboration between Commvault and CloudSEK represents a significant step forward in the fight against credential theft and identity-based cyber threats, equipping organizations with the necessary tools to defend against an increasingly hostile digital landscape.
