Detection, data management and vaulting are all present in Cohesity’s new Datahawk SaaS application. Credit: Huawei Backup and data management vendor Cohesity has started to preview a new ransomware protection SaaS product called Datahawk, which leverages AI and a host of other capabilities to help companies defend their data against bad actors.There are three core components to Datahawk, according to Cohesity. The first is a ransomware detection engine that uses deep learning to quickly scan for anomalous behavior, potential threats and other indicators of possible ransomware attacks. This system works via a preset list of indicators of concern, which, the company said, will be updated daily.The second is a data classification engine that uses technology from partner BigID to automatically discover and categorize data across even very large storage arrays. This is an important first step for ransomware protection, as many organizations don’t yet have visibility into their entire storage infrastructure. The data classification engine also helps with compliance, bringing with it predefined policies for PCI, GDPR, HIPAA and more.Finally, Datahawk offers a cybervaulting solution, keeping offsite backups of critical data in a Cohesity-managed cloud system. The vault is protected by a “virtual air gap,” which is Cohesity’s term for careful access control between the client’s systems and the company’s data vault. AI and machine learning aren’t unique to Cohesity’s new offering, according to Evaluator Group analyst Randy Kerns, but their use in ransomware is still relatively uncommon.“There have been a number of new approaches for ransomware detection that use analytics to train detection algorithms for understanding and identifying threats and tak[ing] action,” he said. “Analysis has been employed for some time but the AI engine is relatively new.” The real selling point of Datahawk, Kerns said, is in the overall impact of its several subsystems, not in any particular feature. The combination of capabilities under one “roof” is the key value-add for security teams.“[The most important feature] is the integration of different protection elements from different software vendors that are working on detecting and recovering from ransomware,” he said. “It is significant to recognize that integrating and coordinating the different elements in detection and prevention is additive for overall cyber-resilience.”The target market for Datahawk is broad-based, Kerns noted, reflecting the SaaS nature of the product. Datahawk is currently available on an early access preview basis, and Cohesity said that general availability is planned for “the coming months.” Related content news Is China waging a cyber war with Taiwan? Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. By Gagandeep Kaur Dec 01, 2023 4 mins Cyberattacks Government Government news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware Malware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe