Book demo
22 May 2024

Edam good look at Cyber Resilience… with the Swiss Cheese Model

Do you know the Swiss Cheese Analogy?  Go to any cyber security conference, and we guarantee you will spot at least one presenter using it.

The Swiss Cheese Model has become a useful and memorable tool to explain why multiple layers of defence is essential for robust cyber security.

The model was originally used in risk analysis and risk management to illustrate how different layers of defence, each with its own potential flaws, could collectively form a nearly impenetrable barrier when stacked together. Each layer of ‘cheese’ represents a security measure, and the holes represent potential weaknesses.

This concept is used when discussing cyber. The idea is that while one layer may have vulnerabilities, the overlapping layers cover these gaps, significantly reducing the risk of a successful cyber-attack.

So does it work…?

Organisations around the world are using Predatar to test their backups and primary storage snapshots for both recoverability and cleanliness, and when we look at the global results from these tests we find that Predatar identified malware lurking in the backups of more than 70% of our customers (with half being found within the first 2 weeks of Predatar going live).

70% of Predatar customers had malware in their backups

Holy Cheese! That’s quite a stat, right?

…Nearly three quarters of Predatar customers had malware hiding in their storage that had evaded multi-layered cyber security defences, including market-leading XDR tools.

This underscores the cunning nature of modern cyber attacks and the effectiveness of the latest malware to avoid initial detection. Once inside your network, malware will embed itself within data, remaining dormant and undetected until it is activated by the bad-actors (or until it is discovered and removed, by Predatar).

This high rate of malware discovery within storage, shows that you can never have too many slices in your multi-layered defence. As a great man once said… “we need more cheese, grommit”

More importantly, it highlights the need to think differently about cyber. Organisations need to acknowledge that no perimeter defences (no matter how robust) are ever totally infallible. They need to prepare for, and expect a breach.

Predatar takes the principle of the Swiss cheese model and applies it in a new way, bringing threat detection to backups and snapshots, to find malicious artefacts that have slipped through the net.

By supporting multiple third-party eXtended Detection and Response (XDR) tools, Predatar embraces the strengths and acknowledges the gaps inherent in any single cybersecurity tool.

Our testing with Predatar has proven that different XDR tools excel in various aspects of threat detection and response, and by integrating multiple solutions into the Predatar CleanRoom, we enhance our customers detection capabilities. This approach is akin to having several additional slices of Swiss cheese stacked together, where the strengths of one can cover the vulnerabilities of another.

A second chance to find zero day attacks

Recovery testing typically occurs later in the data management cycle, which uniquely positions it to catch zero-day attacks that have bypassed earlier detection layers. Zero-day attacks exploit previously unknown vulnerabilities, meaning they are not identified by traditional antivirus software until after the attack has commenced. By implementing advanced recovery testing which includes automated threat detection, Predatar adds another crucial layer to our customers defensive stack, not only enhancing malware detection but also verifying the integrity and recoverability of data.

In summary

The practice of layered testing and recovery isn’t merely about finding malware; it’s about building confidence in your ability to recover from an attack. Just as importantly, it serves as both a diagnostic and a drill to ensure that all systems function as expected under stress conditions. New threats continue to emerge daily, so having a multi-layered approach in line with the Swiss Cheese Model isn’t just advisable; it’s imperative.

So yes, you’re probably bored of seeing and hearing about the Swiss cheese model. But it remains vital, as it illustrates the necessity of layered defences. At Predatar, our approach takes this model to the next level by integrating multiple XDR tools and emphasising rigorous recovery testing, ensuring that our clients can confidently manage and recover their data amidst the ever-evolving cyber threats.

Learn more about
Predatar recovery assurance

17 May 2024

The Power of Refinement: Why Smaller Updates Are Vital

When it comes to technology there’s a common misconception that bigger always means better. Many expect ground-breaking features with every update; however, not every release needs to be packed with huge, transformative features to be valuable. Predatar’s latest offering, Honey Badger: R15.1, is a perfect example of how subtle refinements based on user feedback can significantly enhance performance and user satisfaction.

 

R15.1 may not introduce flashy, market-shaking features, but it focuses on deepening the functionality and stability of existing tools, which is just as critical. This update brings more than 20 enhancements that touch on every aspect of the user experience, from backend performance improvements to user interface tweaks that simplify daily tasks.

 

One of the standout features of R15.1 is the Auto Retry function for Recovery Testing. This feature is designed to save time and reduce frustration by automatically retesting or rescanning any backups that initially fail due to issues such as network glitches or other intermittent problems. This automation removes the burden from users, allowing them to focus on more strategic cyber resilience tasks rather than repetitive troubleshooting.

 

Moreover, the CleanRoomTM Clean Up feature ensures that the user interface remains clutter-free by automatically tidying up and removing completed tests, both passed and failed. This enhancement allows users to concentrate on active tests without the distraction of past information, promoting a cleaner and more efficient workspace.

 

The update also includes Enhanced CleanRoomTM Statuses, which provide clearer and more detailed insights into the results of tests. Users can now easily distinguish between passed tests, failed recoveries, failed scans, and malware detection events. This level of detail is invaluable, as it enables users to make more informed decisions and take appropriate actions more swiftly.

 

Lastly, the suite of Stability Enhancements in R15.1 addresses over 20 different aspects of the platform, including IBM SP4VE and Rubrik performance improvements, dashboard widget refinements, and optimised processes for faster report exports. These may seem like small tweaks, but they collectively contribute to a significantly better user experience.

 

Honey Badger: R15.1 exemplifies how listening to user feedback and focusing on refining existing features can lead to substantial improvements in software usability and performance. Each update does not need to reinvent the wheel to be considered successful. Instead, the focus should be on continuous improvement and adaptation to user needs. This approach not only enhances the functionality of the software but also solidifies the trust and loyalty of users by showing that their feedback is valued and acted upon.

 

In conclusion, while it’s exciting to anticipate the next big feature, it’s equally important to appreciate the quieter, more refined updates like R15.1. They may not make headlines, but they make daily operations smoother, more efficient, and ultimately more effective – proving that sometimes, the best changes are not the ones you see but the ones you experience.

 

You can check out R15.1 here

Learn more about
Predatar recovery assurance

02 April 2024

R15: Honey Badger – A Leap Forward in Cyber Resilience

In the dynamic world of cybersecurity, the release of Predatar R15: Honey Badger marks a significant milestone in the evolution of the platform. This update is not just an iteration; it’s a leap forward in how businesses can bolster their cyber resilience in an ever-changing threat landscape. With the addition of support for Rubrik and Pure Storage, alongside existing support for IBM Backup, IBM FlashSystem, Veeam, and Cohesity, Predatar has positioned itself as a crucial ally in the fight against cyber threats. This expansion is particularly noteworthy as it heralds a new era of inclusivity, with more integrations set to come in 2024.

Take Control.

The importance of support for a diverse range of data protection platforms cannot be overstated. In the current IT environment, businesses often rely on a combination of primary and secondary data protection platforms. This diversity, while often beneficial for layered security, introduces complexity in managing and monitoring these systems. Predatar R15: Honey Badger addresses this challenge head-on by providing a single control plane that works across any combination of these platforms. This unification is a game-changer, offering streamlined operations and enhanced visibility.

Bringing in all the metadata and alerts from disparate platforms into one place, Predatar simplifies what would otherwise be an overwhelming flood of information. The volume of data generated by multiple platforms is far too much for human analysts to sort and understand efficiently. Herein lies the brilliance of Predatar’s unique and patented A.I. technology. It meticulously analyses this mass of data, automatically spotting threats and helping customers prioritise which snapshots or backups to test and when. This capability is not just about automation; it’s about empowering businesses with the intelligence to make informed decisions swiftly.

Resilience needs to be Flexible.

Moreover, Predatar’s adaptability is a testament to its future-proof design. Understanding that businesses evolve and technology needs change, the platform ensures that if customers are migrating between data protection platforms, Predatar can seamlessly move with them. This flexibility ensures that investments in Predatar are long-term, providing value that adapts to the changing needs of the business.

Be ready for the 1 in 50 event

Recovery Testing is a pivotal aspect of Predatar’s offering. The traditional annual Disaster Recovery test, while important, is no longer sufficient in the face of modern cyber threats. With cyber crimes occurring with alarming frequency, the need for ongoing recovery testing is paramount. Predatar facilitates this continuous testing accords all supported platforms, ensuring that businesses are not just preparing for the “1 in 10 million event” but are robustly fortified against the “1 in 50 event.”

This approach to recovery testing is crucial. It ensures that organisations are not caught off-guard and that their data recovery strategies are always tested, proven, and ready to be deployed. The capability to regularly test and validate the effectiveness of backups and snapshots across multiple platforms is invaluable, particularly when considering the sophistication and evolving nature of cyber threats today.

When Recovery Testing meets Detection

An additional, often overlooked benefit of proactive recovery testing is its role as a detection tool. By rigorously testing backups and snapshots, organisations can uncover dormant malware that production tools may have missed. This aspect of Predatar’s functionality was dramatically highlighted in a recent case where, within just 11 days of going live with a customer,

 Predatar’s testing detected three Trojan horses in the customer’s backups.

These malicious files had lain undetected for six months, bypassing the production Extended Detection and Response (XDR) tools. This incident not only underscores the stealth and persistence of modern cyber threats but also illustrates the critical importance of Predatar’s recovery testing as a layer of cyber defence.

In essence, Predatar does not merely assist in the recovery process; it acts as an early warning system, identifying threats that have infiltrated the digital environment unnoticed. This proactive detection capability is invaluable, offering an additional layer of security that complements traditional cyber defence mechanisms. By integrating this level of analysis, Predatar ensures that organisations are not only ready to respond to incidents but are also equipped to pre-emptively identify and neutralise threats before they can cause damage.

Be ready for both today and tomorrow

Predatar Release R15: Honey Badger significantly enhances the cyber resilience capabilities of businesses. By integrating support for a broad range of data protection platforms, offering a unified control plane, leveraging advanced A.I. for threat detection and prioritisation, and emphasizing the critical role of ongoing recovery testing,

Predatar is setting a new standard in the industry. This release is not just an update; it’s a bold step forward in ensuring businesses are equipped to face the cyber challenges of today and tomorrow. Through its innovative approach to recovery testing, Predatar is redefining the landscape of cyber resilience, offering businesses a comprehensive solution that not only prepares them for recovery but also provides a proactive mechanism for threat detection.

You can check out more about Predatar R15: Honey Badger here

Learn more about
Predatar recovery assurance

08 February 2024

Taking backup ‘scanning’ to the next level in the Predatar CleanRoom.

You’ve probably heard the term ‘scanning’ used in the backup and recovery space.

The chances are, you’re hearing it more and more as storage vendors increasingly tout their data resiliency capabilities.

But not all scanning is created equal. Predatar elevates scanning to the next level to help you find and eliminate dormant ransomware and viruses that traditional methods might overlook.

Traditional Scanning in Backup Systems

Today, the term ‘scanning’ is often overused—and even misused—in the context of backup and storage. Typically, storage vendors use the term to refer to searching data for anomalies using Shannon entropy.

If you are not familiar with Shannon entropy, you can learn more about it in our previous blog.

In a nutshell, Shannon entropy is a relatively basic mathematical equation used to spot random or unusual behaviour in data.

This method is a good starting point for spotting immediate anomalies but falls short of providing deeper insights or predicting future threats.

Predatar’s Advanced Scanning Approach

Predatar adopts a different perspective, viewing scanning as a comprehensive process using several tools and techniques to interrogate data in multiple ways in an isolated CleanRoom environment.

This multi-stage process goes way beyond the traditional scanning approach to identify and neutralize threats, using techniques including:

  • File signature scanning.
  • Machine learning for encryption detection.
  • In-memory analysis for uncovering fileless malware.
  • Behavioral analysis to combat scripts, injections, and ransomware.
  • EDR to find and remove known malware variants.

Comparative Analysis

Threat Detection:

  • Traditional: Focuses on detecting data unpredictability, and missing dormant threats.
  • Predatar: Uses a multifaceted approach to uncover a wide range of threats, including dormant ones.

Predictive Capabilities and Recovery:

  • Traditional: Offers no predictive insights and is limited to analyzing the current state.
  • Predatar: Predicts anomalies with Predatar Signal and provides a comprehensive recovery process in the CleanRoom.

Advanced Techniques:

  • Traditional: Lacks sophisticated malware detection methods.
  • Predatar: Incorporates a variety of advanced techniques for proactive threat detection and mitigation.

Conclusion

The traditional method of scanning in backup systems, mainly tied to Shannon entropy, is inadequate for today’s complex cybersecurity challenges.

Predatar’s approach includes anomaly detection and encompasses recovery and advanced threat analysis, offering a more thorough and proactive solution for safeguarding against sophisticated cyber threats.

What next?

Predatar empowers businesses to shrink their recovery gap and gives them confidence in their ability to mount a fast and effective recovery.  

Our Machine Learning-powered platform automates daily recovery testing, identifying issues and malware infiltration within your storage environment.  

Don’t let the recovery gap become your downfall. Take control, secure your data, and embrace recovery assurance with Predatar.  

Download our free e-book to learn more and bridge the gap to complete confidence. 

Learn more about
Predatar recovery assurance

02 February 2024

Beyond Shannon Entropy – Pushing the boundaries of anomaly detection

In today’s world of relentless cyber threats, it’s important that all backup and storage systems can detect unusual and suspicious activity in the data they’re protecting. 

To do this, most major storage vendors use a traditional mathematical concept called Shannon entropy to measure how unexpected, or random the behaviour of the data is. 

However, with innovative machine learning techniques, there are new, more intelligent ways to analyse data.  

Predatar Signal™ puts these techniques to work.

So let’s take a look at the limitations of Shannon Entropy, and the benefits of the new techniques that Predatar brings into play.

Introduction

Shannon entropy, conceptualised by engineer and mathematician Claude Shannon in 1949, is a fundamental metric in information theory.

Since its conception, Shannon Entropy has become the go-to method for detecting behavioural anomalies in large data sets.

Today, it’s the prevalent method used by all major storage technology vendors to underpin their anomaly detection capabilities.

While effective in measuring the current state of data, Shannon entropy lacks predictive capabilities and complex pattern recognition.

As data becomes more complex, and cyber threats evolve to avoid detection, we need more sophisticated analysis methods.

Predatar Signal is the intelligence engine under the hood of Predatar Recovery Assurance Technology.

It uses three different machine learning models (LSTM Autoencoder, LSTM Traditional, and ARIMA) to detect anomalies in storage systems. The result – faster, more precise threat identification that will continue to get smarter and more effective.

Predatar Signal: An Advanced Approach 

Predatar Signal integrates three advanced machine learning models, each contributing uniquely to anomaly detection: 

  1. LSTM Autoencoder: This model excels in identifying intricate patterns within backup data. Unlike Shannon entropy, it can detect subtle abnormalities that might otherwise go unnoticed.
  2. LSTM Traditional: Utilising historical data, this model forecasts future backup behaviours. It provides proactive anomaly detection, a feature absent in Shannon entropy’s approach.
  3. ARIMA: Specialising in time series forecasting, ARIMA offers in-depth statistical insights into backup trends, something beyond the scope of Shannon entropy. 

Comparative Analysis 

Complex Pattern Recognition 

  • Shannon Entropy: Limited to measuring unpredictability, lacks the sophistication to identify complex patterns. 
  • Predatar Signal: The LSTM Autoencoder’s advanced pattern recognition capabilities provide a more nuanced and thorough analysis of backup data. 

Predictive Capabilities 

  • Shannon Entropy: Offers no predictive insights, solely focusing on the current state of data. 
  • Predatar Signal: LSTM Traditional model predicts future anomalies, enabling pre-emptive measures for cyber resilience. 

Time Series Analysis 

  • Shannon Entropy: Does not provide detailed temporal analysis. 
  • Predatar Signal: The ARIMA model excels in this area, offering valuable insights into time-dependent data trends. 

Conclusion 

While Shannon Entropy remains a valuable tool for understanding data randomness, Predatar Signal offers a significantly more comprehensive and predictive analysis.  

Integrating LSTM Autoencoder, LSTM Traditional, and ARIMA models, marks a paradigm shift in backup system anomaly detection.  

This advanced approach is not just about detecting anomalies; it’s about predicting and preparing for them, thus reinforcing the pillars of cyber resilience in an increasingly complex data landscape. 

What’s next? 

Predatar empowers businesses to shrink their recovery gap and gives them confidence in their ability to mount a fast and effective recovery. 

Our Machine Learning-powered platform automates daily recovery testing, identifying issues and malware infiltration within your storage environment. 

Don’t let the recovery gap become your downfall. Take control, secure your data, and embrace recovery assurance with Predatar. 

Download our free e-book to learn more and bridge the gap to complete confidence. 

Learn more about
Predatar recovery assurance

23 January 2024

What is the Recovery Gap and how to close it?

Imagine this scenario: your business is hit by a cyberattack, your data is held hostage by hackers, and your backups… fail to recover. 

This isn’t just a dystopian nightmare. 

It’s a harsh reality for many businesses who unknowingly harbour a hidden vulnerability – the recovery gap. 

But what is the recovery gap? 

Rick Norgate, Managing Director at Predatar, sheds light on this critical topic in a recent episode of the Predatar podcast.

We’ve captured some of the key points in this short blog.

Q. What is the Recovery Gap?

Rick defines the recovery gap as the difference between what businesses assume they can recover in the event of a data loss and the reality of what’s actually recoverable. 

The statistics are eye-opening: 

  • 8% of backups fail to recover even in normal circumstances. 
  • During a cyberattack, this failure rate can explode 10-fold, to a staggering 84%.

Q. What are the implications of having a recovery gap?

When an organization’s critical systems are taken down and are not immediately recoverable, the implications can be dire.

It’s not uncommon for businesses to be ‘offline’ for days or even weeks following a cyber-attack.  

Often, they are rendered completely unable to operate – production stops, sales stops, payroll stops, and the inability to communicate with staff and customers can compound the impact. 

The result… significant loss of revenue, reputational damage, loss of employee trust, and ongoing remedial costs.

In some cases, businesses fail to survive.

Q. How can businesses close their recovery gap?

Thankfully, there are some things businesses can do to close their recovery gap. Rick outlines several key steps: 

  • Secure the Foundations: Ensure backups have encryption and air-gapped copies to stop cyber criminals from compromising your data. 
  • Embrace Immutability: Keep at least one immutable backup copy immune to ransomware encryption. 
  • Test, Test, Test: Regularly test backups to guarantee recoverability. Predatar automates this process, eliminating the need for a small army to continually run manual tests. 

Wrapping up 

The recovery gap is a hidden vulnerability for many businesses and something that needs to be addressed to avoid a data breach becoming a disaster.  

Securing and regularly testing your data is essential for recovery success. 

What’s next? 

Predatar empowers businesses to shrink their recovery gap and gives them confidence in their ability to mount a fast and effective recovery. 

Our AI-powered platform automates daily recovery testing, identifying issues and malware infiltration within your storage environment. 

Don’t let the recovery gap become your downfall. Take control, secure your data, and embrace recovery assurance with Predatar. 

Download our free e-book to learn more and bridge the gap to complete confidence. 

Watch the full episode 

Want to hear more from Rick Norgate on how your organization can close its recovery gap and build recovery confidence? 

Click here to watch the full episode! 

 

Learn more about
Predatar recovery assurance

21 December 2023

The year in review with Rick Norgate

As the year comes to a close, it’s the perfect time to reflect on everything that we have achieved and share some insights into what Predatar users can expect in the year ahead.

In the first episode of our new-format Predatar Podcast, Managing Director, Rick Norgate shared his thoughts with host Xavi Umeh. We’ve summarised a few highlights from the interview in this short blog.


Key Milestones:

Looking back on 2023, it’s clear that, thanks to the hard work and dedication of the whole team, Predatar has strengthened its position as a leading innovator in the Recovery Assurance market.

Our commitment to R&D has driven us to introduce groundbreaking capabilities that are reshaping the industry landscape.

But the highlights of the year aren’t all about the technology. Standout milestones include:


1. Expanded Platform Support

In 2023, we diversified our platform support to bring Predatar Recovery Assurance capabilities backup products including IBM Defender Data Protect, Cohesity, and Veeam.

We also announced support for IBM FlashSystem this summer too, which means for the first time our customers can use Predatar to validate and clean snapshots in their Primary storage.

Our expanded platform support not only means that more organisations can benefit from Predatar’s AI-powered resiliency capabilities but, importantly, it means that our customers can deploy Predatar across more of their storage environment – providing a unified approach to data resiliency.


2. The launch of the Apex Partner Program

One of the year’s most important achievements was the launch of the Predatar Apex Partner Program.

This strategic initiative has allowed us to join forces with some exceptional storage and cybersecurity service providers worldwide.

Together, we are delivering groundbreaking recovery assurance and data resiliency to customers on a global scale.

3. Elevated User Experience

This year, we’ve taken huge strides to improve the user experience for our customers.

Today, we are proud to have a user interface that is highly intuitive and customisable with simple toggle-based controls, drag-and-drop functionality, and even a choice of colour themes.

In our latest release (R14 Eagle), we launched the much-requested dark mode option to improve usability, reduce user eye strain, and enhance energy efficiency.

 

The Biggest Challenge:

The year has not been without challenges.

Our roadmap is driven by our users, and one thing we repeatedly heard in their feedback was that, although they loved our CleanRoom technology, customers didn’t want to install the Predatar client on their Virtual Machines.

This was a real head-scratcher, but our R&D team knocked it out of the park with the solution. Our R14.1 Eagle release includes a unique agentless scanning capability built from the ground up.

This new technology means Predatar can run recovery tests and deep malware scans on VMs without the need to install a Predatar client or the need for administrator access.


Looking Forward:

As you would expect from the team at Predatar, our plans for the coming year are ambitious.

We will continue to grow the Apex Partner Program, expand support to even more platforms (both primary storage and backup), and, of course, there will be lots of innovations from our R&D team. Watch this space!


Wrapping Up:

In conclusion, 2023 has been a whirlwind of learnings, successes, and groundbreaking innovations.

We extend our thanks to our partners, collaborators, customers, and friends for the role they have played in this epic year.

Stay tuned in 2024 as we continue to launch solutions that will drive the Recovery Assurance market forward and deliver unbeatable data resiliency for our customers.

If you want to find out more you can watch the full interview on YouTube or listen to the audio version on Spotify.

Learn more about
Predatar recovery assurance

13 November 2023

The Evolution of Operational Resilience 

By Alistair Mackenzie, Founder & CEO at Predatar


In the financial services industry, operational resilience is entirely critical and completely indispensable in keeping our economies moving around the clock.
  

With the introduction of DORA (the Digital Operational Resiliency Act) in 2025, the EU is recognising it’s no longer sufficient for organisations to simply have secure data backups, instead, they must demonstrate the ability to recover from potential disasters seamlessly.

Overcoming the challenge has become even more critical in recent years due to evolving risks, particularly those related to cybercrime.

It’s also worth noting that similar stipulations are also being introduced in the UK as part of the Bank of England PRA (Prudential Regulation Authority) operational resilience framework.  

The Shifting Landscape of Operational Resilience 

Operational resilience is a term that has gained prominence in both the UK and the EU, and more widely in the US too as financial institutions with regulatory bodies rightly recognise the need to enhance the strength of the financial system, given its heavy reliance on technology.

But why the big focus now? 

The primary reason is the increased impact of disruptions in today’s interconnected world. With globalised systems and instant data transfers, any downtime in banking infrastructure affects not just a few, but virtually everyone.

Financial institutions are the lifeblood of economies, and even a brief interruption can result in substantial financial losses for businesses and individuals alike, as the crisis ripples outwards from the point of impact. 

There is also the emergence of bad actors, including nation-states and cybercriminal gangs which have further escalated the risk landscape.

Unlike natural disasters, the probability of a cyber-attack is increasing and is challenging to predict – even insurers and actuaries find it harder to quantify those risks, leading to greater uncertainty. 

Moving forward, the new DORA regulatory framework for operational resilience marks a significant departure from traditional disaster recovery and business continuity practices, leaving nothing to chance and requiring organisations to take precautions now.

Instead of focusing solely on risk avoidance, it emphasises a proactive approach to mitigating the consequences of an incident which entails two fundamental principles:

1. Identifying Critical Infrastructure

Organisations must identify their “minimum viable business” components – that is the systems and processes that are essential to their operations. By doing so, they can prioritise the recovery of these elements in the event of a disruption.

2. Proving Recovery Capabilities

The regulatory authorities no longer want businesses to merely measure the likelihood of an incident; they demand proof of recovery capabilities.

Organisations must demonstrate that they can restore critical infrastructure within a specified timeframe, which is particularly crucial in the financial sector, where even a short downtime can have severe repercussions.  

While the shift towards operational resilience is crucial for maintaining business stability, it poses significant challenges for organisations. One of the most substantial challenges is the need for continuous testing of recovery capabilities.

The business environment is in a state of constant flux, with updates and changes occurring daily, and as a result, the frequency of recovery testing must increase to ensure that the system can be restored in any situation.

Continuous testing is resource-intensive, demanding time, manpower, and financial commitments, making it impractical for many organisations to perform manually.

This is where automation becomes invaluable. 

Automation as the Solution 

The solution to the resource-intensive nature of continuous testing lies in automation.

Intelligent solutions exist to streamline the process using tools that can intelligently and proactively test stored data, run recovery scenarios, and conduct virus scanning seamlessly in the background.

By employing automation, businesses can ensure the ongoing integrity of their data and recovery processes without incurring excessive costs or burdening their teams.

It’s a practical and efficient approach to meet the demands of the impending DORA regulations. 

By embracing automation and proactively testing their recovery capabilities, organisations can navigate the challenges of operational resilience and emerge stronger, more resilient, and better prepared for whatever the future may hold. 

Operational resilience in action

Regardless of whether your organisation operates in a heavily regulated industry like the Financial Services sector, Operational Resilience is vital in the face of today’s cyber threat landscape. Discover how one global manufacturing firm is boosting their resilience with Predatar Recovery Assurance Software to keep production up and running running.  Read the story [3 min read]

 

Find out if Predatar is a good fit for your business by filling out a short questionnaire.

Learn more about
Predatar recovery assurance

26 October 2023

Your Voice, Our Blueprint: Unveiling Predatar R13.1

By Rick Norgate, Predatar Managing Director.

At Predatar, we understand that the heart of any product lies in solving real-world challenges for our customers. This belief steers our innovation roadmap, and it is your invaluable input that fuels our journey toward creating the most effective and cutting-edge solutions in cyber resilience. Today, we’re excited to unveil Predatar R13.1—an update that’s been shaped by listening closely to your needs and challenges. From deep malware scanning of legacy workloads to enhanced M365 alerting and the introduction of the PlayPen sandbox environment, every feature in R13.1 is a direct response to the needs you’ve expressed. Read on to discover how R13.1 empowers your organization to achieve unparalleled recovery assurance.

 

Deep Malware Scanning for Legacy Workloads with Predatar TimeMachine

Legacy systems can be the Achilles’ heel in your cybersecurity resilience plan, often escaping rigorous testing due to incompatibility issues. Predatar TimeMachine eliminates this gap by enabling effortless scans of virtual machines running on legacy operating systems or outdated EDR tools. These machines are moved seamlessly into our CleanRoom, where they undergo full recovery testing. Predatar then powers down the virtual machine and mounts all data for an offline scan, ensuring:

  • Compatibility with Legacy Systems: Our approach ensures that you don’t have to leave older systems out of your resilience testing.
  • Conflict Resolution: Avoid clashes with older Antivirus tools that could otherwise compromise your testing process.
  • Enhanced Linux Support: Broaden your resilience testing by incorporating Linux machines into your recovery assurance plan.

 

Swift M365 Alerting for Instant Notifications

Alerting is often the first line of defence in a resilient cybersecurity architecture. The R13.1 update integrates with M365 to send real-time alerts for a variety of triggers such as failed recovery tests and malware detections. Immediate notifications are sent to your IT and SecOps teams, providing crucial advantages:

  • Faster Response Times: The quicker your team is alerted, the faster they can act to mitigate risks.
  • Enhanced Cybersecurity Resilience: Keep tabs on recoverability or data cleanliness issues as they happen, rather than discovering them after the fact.

 

Unleash Your Creativity with PlayPen

Innovation shouldn’t have to be a risky endeavour. R13.1 introduces PlayPen, a sandbox environment that lets you test new features and functions without affecting your live setup. Simply transition your live environment into PlayPen mode to perform:

  • End-user Training: Use PlayPen as a safe training ground for your team.
  • Cutting-Edge Experimentation: Try out new configurations and recovery methods safely.
  • Rigorous Testing: Validate new features or disaster recovery plans before making them live, ensuring robust resilience.

PlayPen makes experimentation and testing as simple as a click, allowing you to revert to your live environment without saving changes once your experimentation is complete.

 

Conclusion

With the launch of R13.1, Predatar not only addresses some of the most critical challenges in data resilience but also opens the door to limitless possibilities. It’s not just an update; it’s a leap toward a future where recovery assurance is more robust, agile, and innovative than ever. Take the first step into this future by exploring Predatar R13.1.

Book a demo session or contact the Predatar team today!

Learn more about
Predatar recovery assurance

28 September 2023

Blazing a trail with Recovery Assurance

There’s a new storage technology in town. Since the introduction of ‘Recovery Assurance Software’ or ‘RAS’ as an Innovation Trigger on Gartner’s latest Enterprise Storage Hype Cycle this summer, we’re hearing these words used with ever-increasing frequency.

As is the case with all emerging technologies – there isn’t yet a wide understanding of what it is, or why it’s important. This blog, by Predatar Founder and CEO, Alistair Mackenzie will help you get to grips with Recovery Assurance Software. And if anyone is qualified to do it, it’s Alistair. After all, Predatar has been developing it’s own Recovery Assurance technology for almost 2 years.  


Author: Alistair MacKenzie.

 

I have a confession to make. It’s been a while since I wrote my last blog, and after almost an hour of staring at a blank screen, I decided I’d try a bit of plagiarism. Unfortunately, my attempt to steal from today’s content ‘King of Thieves’, ChatGPT, fell at the first hurdle.

My question “What is Recovery Assurance Software?” returned the following response:

“As of my last update ‘Recovery Assurance Software’ is not a specific, widely recognised term in the field of software and technology…’

Chat GPT is a powerful tool, but it needs source content to feed it. The response above only goes to show how new this important technology is.

I guess I’ll have to write this blog the old-fashioned way 🙄!

Let me start with why.
Why is there such a buzz around the rise of “recovery assurance”? I believe there are 3 main drivers.

# 1. Increasingly sophisticated cyber-attacks.
The adversarial nature of cyber-crime with its many war-like descriptions has crowded out traditional disaster recovery concerns from conversations around risk management.

Deliberate contamination of traditional backup or replication-based DR solutions makes it practically impossible to use standard recovery procedures after a cyber-attack. As a result, firms have turned to using isolated recovery environments (IREs) or cleanrooms to verify and recover data from immutable backups copies held on storage systems.

 

#2. New regulation. In the financial services industry the EU’s DORA regulation, which came into force on the 16th January 2023, asks firms not to measure the likelihood of a cyber-attack, but to prove their resilience and recoverability. Previously it was sufficient to have a functioning backup system in place, but today, firms must prove they can fully recover when needed.

The challenge even with traditional business continuity planning was always the expense of regular, proactive testing. How many times have we heard of assets originally assigned for DR testing being reallocated for other projects? The cost in infrastructure and human resources all contributed to the alarming statistic that, on average, less than 1% of a firm’s data is tested for recovery each year.

 

#3. A tipping point for artificial intelligence.
Today’s ransomware gangs are equipped with the latest AI systems that are superhuman at writing code and quantum computer code-breaking capabilities that make modern encryption cyphers obsolete.

As a force for good, artificial intelligence is helping operations teams turn dumb data storage and backup infrastructure into intelligent detection engines, capable of alerting security analysts to adverse events and anomalous behaviour.

 

So, what is Recovery Assurance Software?
Only in July 2023 did Gartner, even recognise Recovery Assurance Software as an independent category.

Put simply, Recovery Assurance Software is designed to prove the recoverability of critical IT systems and data – so businesses can have certainty in their ability to remain operational when the worst happens.

Due to the rapid emergence of the three trends discussed – cyber-crime, regulation, and artificial intelligence – I’m certain that not only will this technology stick, but will soon find its way onto Gartner’s “slope of enlightenment.”


Recovery Assurance from Predatar
Predatar is leading the way in Recovery Assurance. Forward-thinking enterprises around the world are already using Predatar Cyber Recovery Orchestration to continually validate the integrity of their data and the speed of recovery. Read a short customer story (2 min read).


Learn more at our Data Resiliency Summit in October.
Join the Recovery Assurance trailblazers at the Control23 Data Resiliency Summit in London or online.
Find out more and sign-up now.

 

Learn more about
Predatar recovery assurance