Threat Scan enhances security by providing visibility into abnormal activity across protected resources.
In addition to viewing resources, you can use Threat Scan to monitor and identify the following abnormal activities:
-
Anomalies: Identifies anomalies in files and backup jobs that may indicate ransomware, data corruption, or unauthorized file activity. The system uses historical baselines, statistical thresholds, and file metadata validation to detect unusual behavior.
-
Threats: Scans for malware and encryption threats within backup data. Multiple detection engines and models analyze backup content to identify threats with high accuracy.
-
Partner signals: Third-party indicator of attack (IOA) detections from integrated security tools. These are shown on the Threat Scan dashboard to correlate suspected attack activity with protected workloads and help prioritize investigation and recovery actions. Threat Scan supports integration with the following third-party tools:
-
CrowdStrike Falcon Insight XDR
-
Darktrace
-
Netskope Cloud Threat Exchange (CTE)
-