Cohesity and Microsoft have expanded their partnership to enhance data security, threat detection, and protection against cyberattacks.
Cohesity and Microsoft recently announced they have expanded their partnership to enhance data security, threat detection, and protection against cyberattacks using artificial intelligence. The goal is to help organizations optimize cloud usage while mitigating risks in an increasingly hybrid and multicloud world.
Cohesity already offers backup services for Microsoft 365 on Amazon Web Services (AWS) and on-prem data protection for Azure virtual machines (VMs) and Azure Stack HCI, a hyperconverged infrastructure cluster solution that hosts virtualized Windows and Linux workloads.
The expanded partnership includes new integrations to bolster IT’s defense against cyber threats and offers Cohesity services on Azure to support multicloud security initiatives.
Cohesity-Microsoft Integration Addresses Ransomware, MFA
The first integration combines Cohesity DataProtect and Microsoft Sentinel. Both DataProtect on-premises and backup as a service (BaaS) offerings now integrate with Microsoft Sentinel, a cloud-native security information and event management (SIEM) platform that streamlines incident reporting and ransomware alerts.
The second integration with Azure Active Directory (AD) provides multi-factor authentication (MFA) and single sign-on, which allows organizations to securely manage and access Cohesity Data Cloud and Cohesity Cloud Services.
The third integration pertains to BigID and Microsoft Purview. Cohesity’s data classification service is powered by BigID, which has built an integration with Microsoft Purview. So, joint customers can benefit from actionable data intelligence for data discovery, privacy, security, and governance.
Microsoft Customers Can Use Cohesity for Backups
In addition to these integrations, Microsoft customers will have access to Cohesity Cloud Services on Azure to secure data across hybrid environments. Cohesity’s DataProtect BaaS offering now supports Microsoft 365, which means customers can back up their Microsoft 365 to a dataplane hosted on Azure. Cohesity FortKnox, a software as a service (SaaS) cyber vaulting service for predictable data recovery, will be available to Azure customers in the coming months.
Cohesity is building on its partnership with Microsoft in order to give customers access to different services across multiple cloud vendors, said Gregory Statton, Office of the CTO, Data & AI at Cohesity. Customers can use the Helios management control plane to deploy data planes in Azure and AWS, as well as manage local clusters within private data centers.
Cohesity is Leveraging OpenAI for Enterprise Data Insights
Cohesity vision for AI includes leveraging Microsoft’s integration with OpenAI, which is currently the most powerful language model available. While not productized, Cohesity is deploying GPT-3.5 and GPT-4 models within its own managed environment, which would help ensure that data stays under the customer’s control. According to Statton, the data does not need to be in Azure to take advantage of this functionality.
Statton shared two examples of how Cohesity could tap into Azure OpenAI to unlock novel insights from enterprise data.
First is interactive reporting using large language models. In the demo, AI models were used to generate rich executive summaries from a stream of data stored in Cohesity’s Security Center to detect potential ransomware. The AI models were easily able to break down data and list entities or VMs that have the highest affected files or anomaly strength. The model also provided recommendations on how to handle these issues, such as mass recovery or accessing insights through a security assistant chatbot.
GPT Makes Data Queryable in Natural Language
Another product highlight is a conversational interface for real-time insights. The language model was able to identify anomalous entities within Cohesity’s audit logs.
In the demo, this information was accessible to a range of users—from chief information security officers (CISOs) to practitioners—in a digestible manner. Cohesity layered a conversational interface on top of this. Users could gain a deeper understanding of what’s being generated from the logs by asking additional questions, such as “which users have interacted the most with the infected system?” The large language models generate conversational responses, based on the user’s data access permissions.
The same approach could be applied to any data stored on Cohesity. The language model understands the context and intent of users’ questions, whether they relate to documentation, workloads being protected, or data within the system. It could retrieve relevant information and provide answers to various questions, making it versatile and useful for users.
“It humanizes interactions with the system and it allows users to reduce the time to remediation or reduce the time to action by providing actionable insights,” Statton said. “That’s the power of AI language models.”