Rubrik has formed a new partnership and technology integration with Mandiant, part of Google Cloud. The collaboration brings together leaders in data security, incident response, and threat intelligence, aiming to expedite customers’ threat detection and path to cyber recovery.
“This partnership will gations leveraging Rubrik’s backup solutions to identify threats in their backups powered by Mandiant’s industry leading threat detection and intelligence,” said Steve Elovitz, Director, Mandiant Consulting. “Together, we can help organizations before, during, and after cyber attacks to ensure businesses can respond quickly and get back up and running as soon as possible.”
While the global median dwell time from compromise to detection is improving, according to Mandiant’s M-Trends 2024 report, threat actors operate undetected in victims’ environments for a median of 10 days — giving them more than enough time to conduct a destructive attack. Organizations often will recover to the most recent backup prior to encryption, but what if that backup has been infected with a backdoor? Through this partnership, indicators of compromise learned on the frontlines of some of the most impactful breaches can be applied proactively to enable cyber resilience.
“Organizations have been responding to ransomware attacks with months-long recovery processes, which can result in irreparable damage to the business,” said Steve Stone, Head of Rubrik Zero Labs. “With Mandiant, we are able to demonstrably lessen the impact window of ransomware attacks while simultaneously increasing the capabilities available to customers in need — from threat intelligence to rapid access to incident response teams. Together, we connect the dots in a time of crisis to deliver true cyber resilience.”
The three key pillars of this partnership are:
Mandiant Threat Intelligence Now Integrated Directly in Rubrik Security Cloud
Breaking intrusions, active campaigns, and evolving threats detected by Mandiant Threat Intelligence are now integrated into Rubrik’s Threat Monitoring capability providing threat intelligence to Rubrik Enterprise Edition customers. This helps organizations to identify and combat threats including ransomware, malware, and malicious intrusions before they can execute destructive activity using Mandiant Threat Intelligence at scale.
Rubrik’s Threat Hunting and Threat Monitoring capabilities are used to identify a safe recovery point by automatically applying Mandiant Threat Intelligence’s thousands of knowledge points from the breaches that matter against every Rubrik backup.
Clean Room Recovery Powered by Google Cloud
When victim organizations are recovering their systems from backups, concerns often linger that the backup itself contains backdoors left for reinfection. Organizations can proactively eliminate this problem with Rubrik Clean Room Recovery, which allows customers to recover and store data in a clean Google Cloud environment or multi-cloud environments, supporting customer choice with secure technology and solutions.
Partnership of Rubrik Ransomware Response and Mandiant Incident Response Teams
For their joint customers, Rubrik and Mandiant can bring together their respective Ransomware Response and Incident Response teams to provide victims with additional investigative and recovery support. Rubrik’s Ransomware Response Team provides expertise around data recovery and how to integrate and utilize backups, while the Mandiant Incident Response team bolsters organizations’ incident response capabilities and responds to active breaches. Through this partnership, joint customers will be able to ensure that in the event of an attack, the Mandiant and Rubrik teams are working together to help the business get back up and running as fast as possible in their most critical times.
These three efforts can help any organization to receive the benefits of consistency, integration, best-in-class technology and expertise working together, and ability to control their risk against the threats that matter.
