Detection, data management and vaulting are all present in Cohesity’s new Datahawk SaaS application. Credit: Huawei Backup and data management vendor Cohesity has started to preview a new ransomware protection SaaS product called Datahawk, which leverages AI and a host of other capabilities to help companies defend their data against bad actors.There are three core components to Datahawk, according to Cohesity. The first is a ransomware detection engine that uses deep learning to quickly scan for anomalous behavior, potential threats and other indicators of possible ransomware attacks. This system works via a preset list of indicators of concern, which, the company said, will be updated daily.The second is a data classification engine that uses technology from partner BigID to automatically discover and categorize data across even very large storage arrays. This is an important first step for ransomware protection, as many organizations don’t yet have visibility into their entire storage infrastructure. The data classification engine also helps with compliance, bringing with it predefined policies for PCI, GDPR, HIPAA and more. Finally, Datahawk offers a cybervaulting solution, keeping offsite backups of critical data in a Cohesity-managed cloud system. The vault is protected by a “virtual air gap,” which is Cohesity’s term for careful access control between the client’s systems and the company’s data vault. AI and machine learning aren’t unique to Cohesity’s new offering, according to Evaluator Group analyst Randy Kerns, but their use in ransomware is still relatively uncommon.“There have been a number of new approaches for ransomware detection that use analytics to train detection algorithms for understanding and identifying threats and tak[ing] action,” he said. “Analysis has been employed for some time but the AI engine is relatively new.” The real selling point of Datahawk, Kerns said, is in the overall impact of its several subsystems, not in any particular feature. The combination of capabilities under one “roof” is the key value-add for security teams.“[The most important feature] is the integration of different protection elements from different software vendors that are working on detecting and recovering from ransomware,” he said. “It is significant to recognize that integrating and coordinating the different elements in detection and prevention is additive for overall cyber-resilience.”The target market for Datahawk is broad-based, Kerns noted, reflecting the SaaS nature of the product. Datahawk is currently available on an early access preview basis, and Cohesity said that general availability is planned for “the coming months.” Related content news Bug in EmbedAI can allow poisoned data to sneak into your LLMs The vulnerability can be used to deceive a user into inadvertently uploading and integrating incorrect data into the application’s language model. By Shweta Sharma May 31, 2024 3 mins Generative AI Vulnerabilities news OpenAI accuses Russia, China, Iran, and Israel of misusing its GenAI tools for covert Ops OpenAI’s generative AI tools were used to create and post propaganda content on various geo-political and socio-economic issues across social media platforms, the company said. By Gyana Swain May 31, 2024 4 mins Generative AI news Okta alerts customers against new credential-stuffing attacks Hackers are using credential-stuffing to attack endpoints that are used to support the cross-origin authentication feature. By Shweta Sharma May 31, 2024 4 mins Identity and Access Management Vulnerabilities feature 3 reasons users can’t stop making security mistakes — unless you address them Understanding what’s behind employee security mistakes can help CISOs make meaningful adjustments to their security awareness training strategies. By Ariella Brown May 31, 2024 5 mins Data Breach Risk Management PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe