In a world of nonstop cyberattacks, Rubrik announced its newest upcoming solution, Identity Resilience, designed to secure the entire identity landscape alongside data. Identity Resilience aims to protect the most common entry points for attackers – human and non-human identities (NHIs) – to help organisations maintain operations with minimal downtime.
Identity Resilience aims to address a blindspot in enterprise security. A critical piece of infrastructure utilised by a vast majority of organisations, identity remains a consistent target for hackers. When compromised, these identity systems grant attackers access to critical data and credentials, and their disruption can prevent cyber recovery. Rubrik’s solution is designed to secure this vulnerable authentication infrastructure that powers virtually every major enterprise.
“Identity systems are not only complex and hard to manage, but they have also become the primary gateway for attackers aiming to access an organisation’s valuable data,” said Mike Tornincasa, Chief Business Officer at Rubrik. “Today, we signal our commitment to identity protection, to address our customers’ needs by detecting threats that target identities and proactively reduce identity risks, just as we have successfully done with data security.”
Why this matters: Identity is how hackers get inside
Rubrik’s identity business safeguards millions of identities globally. It’s easy to see why: A recent CISA report found that 90% of cyber attacks on critical infrastructure begin with an identity compromise, often leading to privilege escalations and lateral movement into valuable corporate data. These threats usually unfold gradually, making it essential to understand not just the “who” and “what” but also the “when” – how privilege or access patterns shift over time. By leveraging time-series data, Rubrik’s solution is designed to provide continuous visibility into identity changes, enabling earlier detection of suspicious activity.
Similar to how Rubrik monitors and sustains data, the company’s anticipated capabilities are designed to identify, monitor, and safeguard critical, sensitive, and active identities, including non-human identities (NHIs) such as machines using service accounts and access tokens.
NHIs, which outnumber their human counterparts, are complex to manage and introduce vulnerabilities that are increasingly targeted by attackers who compromise and escalate privileges. Current identity security approaches fail to provide enterprises the capability to assess NHI risk, view data access, and track suspicious activity over time.
A holistic approach drives cyber resiliency
Too often, identity management, identity protection, and data security are siloed as different products run by different teams in an organisation. In contrast, Rubrik uniquely aims to combine these capabilities to provide new capabilities, and a holistic view of identity and data.
Identity Recovery & Identity Resilience – Accelerating recovery. Advancing resilience
Rubrik offers extensive coverage for identities across hybrid environments. New capabilities aim to empower organisations to thwart attacks earlier and restore systems more quickly to ensure cyber resilience:
- Hybrid protection for Active Directory (AD) and Entra ID: With automated and orchestrated recovery workflows, organisations can restore complex hybrid identity environments – like Active Directory forests and full Entra ID tenants – faster and with greater confidence than before. Active Directory recovery can involve up to 22 manual steps. Rubrik reduces that with an easy-to-use wizard, dramatically cutting complexity and time to recovery. As a result, these capabilities are among the fastest-growing in Rubrik’s history, safeguarding millions of identities and the sensitive data they access.
- Comprehensive risk analysis for human and non-human identities: With a unified view across identity providers showing human and non-human identities who have access to sensitive data, organisations can identify dormant or orphaned accounts, detect risky privilege escalations, and expose problematic combinations of access that traditional tools often miss. Beyond visibility, organisations can track the risk associated with identities and target remediation by revoking identity access, data access, or both. This approach enforces the least privilege, shrinks their attack surface, and proactively shuts down potential identity-based threats.
- Complete identity and data context: Instead of working with limited context from identity providers, organisations can tie identity-based information with sensitive data (e.g., healthcare, financial) context, privilege, and activity. This critical context can reduce remediation work while strengthening risk posture before a cyber attack, thereby speeding up threat hunting and remediation during and after an attack.
Discussion about this post