Rubrik today added an application to its Polaris SaaS platform, with the goal of automating protection against ransomware attacks.
Polaris Radar is the second Polaris application from the converged secondary storage vendor, following Polaris GPS that launched in April. Polaris is a SaaS framework for managing secondary data. Polaris GPS provides policy management for data in multiple clouds and on-premises. Radar analyzes that data to detect threat behavior.
Chris Wahl Rubrik’s Chief Technologist said the vendor will continue to rollout new apps for Polaris roughly every few months. “We will continue at an energetic pace,” he said.
Polaris Radar monitors all data on-premises and in the cloud under management by the Rubrik Cloud Data Management platform, and generates alerts for suspicious behavior. It uses machine learning algorithms to analyze all metadata from backups and snapshots, checking for anomalies such as massive encryption or deletion of files. It then helps users identify and find impacted applications and files. After users find and select impacted data, Radar automates recovery by restoring to the most recent clean state.
Wahl said Rubrik already helped customers restore to a clean state after ransomware attacks but its Cloud Data Management platform did not find threats retroactively before Radar.
“The onus was on the customer to identify and put their arms around the scope of it,” he said. “Radar will do all that for them. We then give them a push-button approach to recovering. You can wipe all this out, and then select these apps or the files or folders you want to restore. Pick the clean state you want to go to. Radar will then contact all data centers and handle all the orchestration of replacing encrypted files. We can restore to the most recent state with a few clicks.”
Third-party developers can use Polaris APIs to integrate Radar into monitoring dashboards and other data protection and security products.
Ransomware was the top variety of malware found in 2017, according to the 2018 Data Breach Investigations Report. High-profile ransomware attacks such as the 2017 WannaCry virus and the 2018 Atlanta attack have raised awareness, leading to data protection vendors adding ransomware protection to their products.