CIO Influence
CIO Influence News Cloud Security

Druva Launches Threat Watch to Deliver Proactive, Continuous Threat Detection

by Business Wire
Druva Launches Threat Watch to Deliver Proactive, Continuous Threat Detection

Druva - Tech Field Day

New cloud-native capability reduces threat dwell time, accelerates incident response and cyber-recovery

Druva, the leading provider of data security, announced the launch of Threat Watch, a zero-touch, automated cloud-native solution for proactive threat monitoring of backup data. Threat Watch is designed to continuously scan backup snapshots to identify dormant threats and indicators of compromise (IOCs), empowering IT and security teams to take action faster and validate a path to clean recovery.

Why Continuous Monitoring is Essential

Modern security strategies recognize that some threats will slip past primary defenses, which makes it critical to understand the data impact for incident response and cyber recovery. Because backups reflect production systems, they provide a clear signal for assessing impact and identifying clean recovery points. Threat Watch is designed to deliver continuous, peace-time monitoring of backup data and complements threat hunting activities that typically ramp up during an incident. As standards like DORA and SEC disclosure rules tighten reporting timelines, Threat Watch helps teams assess impact faster and prove data integrity.

Also Read: CIO Influence Interview with Gera Dorfman, Chief Product Officer at Orca

“Cyber resilience isn’t just about having a copy of your data, it’s about the certainty that you can recover without reinfecting your environment,” said Yogesh Badwe, Chief Security Officer at Druva. “Threat Watch brings a peace-time proactive monitor to what has historically been a war-time manual forensic process. With this new capability, we are giving customers the forensic evidence they need to meet strict regulatory windows and have clearer proof of what is safe to restore when the business is under pressure.”

Proactive Security with Zero Infrastructure

Built on Druva’s cloud-native architecture, Threat Watch scans backup data in the Druva Data Security Cloud, outside production environments and without requiring additional hardware or agents. This scan in-place approach avoids the delays of moving data to separate security tools and enables Druva to offer the industry’s only Data Movement Latency SLA. As a result, detection occurs in near real-time without impacting production performance or increasing infrastructure costs.

“Reporting timelines are getting tighter, and that puts pressure on teams to confirm what was impacted and what is safe to restore,” said Yong Jie Tan, IT Infrastructure Manager, at Woh Hup. “Threat Watch gives us ongoing visibility into backup health and the evidence we need to support both recovery decisions and audit requirements. It helps reduce uncertainty during an incident and strengthens our overall resilience posture.”

Key benefits and outcomes of Threat Watch include:

  • Curated IOC Library: Uses a curated and customer-configurable IOC library, including indicators from CISA, Google Mandiant Threat Intelligence, and Druva ReconX Labs, with support for customer-provided IOCs via upload or API.
  • Early Threat Visibility: Continuous scans help minimize breach duration by identifying dormant threats in backup data.
  • Safe, Lossless Cyber Recovery: Threat signals detected with Threat Watch feed directly into Druva’s cyber resilience portfolio of products. Powered by Recovery Intelligence, this enables customers to quickly understand blast radius, identify clean restore points, and reduce reinfection risk during recovery.
  • Deep Analysis with DruAI: Built on Dru MetaGraph, Druva’s graph-powered foundation for real-time data intelligence Threat Watch will be able to output threat signals into DruAI to help teams prioritize risk, understand impact, and act with greater confidence.
  • Compliance and Audit Readiness: Automated summary reports mapped to regulations including NIST, ISO, and DORA that prove “continuous monitoring” to auditors and insurers.

Threat Watch is generally available for cloud and data center workloads (including Amazon EC2, Azure VMs, and VMware VMs). Support for more workloads will be available soon.

Catch more CIO Insights: Identity is the New Perimeter: The Rise of ITDR

[To share your insights with us, please write to psen@itechseries.com ]

Business Wire, a Berkshire Hathaway company, is the global leader in press release distribution and regulatory disclosure. Public relations, investor relations, public policy and marketing professionals rely on Business Wire for secure and accurate distribution of market-moving news and multimedia. Founded in 1961, Business Wire is a trusted source for news organizations, journalists, investment professionals and regulatory authorities, delivering news directly into editorial systems and leading online news sources via its multi-patented NX network. Business Wire’s global newsrooms are available to meet the needs of communications professionals and news media worldwide.

Related posts

Megaport Virtual Edge, Megaport’s On-demand NFV Service, Enhances Branch-to-Cloud Connectivity with Versa SASE

CIO Influence News Desk

Exterro Launches “Data Xposure,” the Industry’s First Podcast Led by Legal, Forensics, Compliance and Security Practitioners

GlobeNewswire

Montage Technology Leads in Trial Production of 3rd-Gen DDR5 RCDs

PR Newswire