“Advanced malware detection within backup systems is essential to ensure clean recovery and prevent reinfection after cyberattacks.”
Cohesity Data Cloud integrates Sophos-powered malware detection to secure backup data and prevent reinfection risks
Dubai, UAE: Data security company Cohesity has announced the launch of next-generation malware scanning powered by Sophos, integrated directly into its Cohesity Data Cloud platform, as organisations face increasingly sophisticated cyber threats targeting backup environments.
The new capability is designed to help organisations detect advanced malware hidden within backup data and ensure that recovery processes remain secure and free from reinfection risks. The integration marks a significant step towards improving cyber resilience, particularly as ransomware and supply-chain attacks continue to evolve.
Cybersecurity experts have highlighted that backup systems, once considered a safe recovery layer, are now being targeted by attackers. Malware can remain undetected within backup data, creating the risk that organisations may unknowingly restore compromised systems following an attack. Cohesity’s new solution addresses this challenge by introducing deep-level scanning capabilities across stored data.
The Sophos-powered scanning engine combines signature-based detection, behavioural analysis and file emulation techniques to identify a wide range of threats, including zero-day, polymorphic and fileless malware that can bypass traditional security tools.
Unlike conventional approaches that rely on metadata, the system performs snapshot-level inspection of backup data, providing a more comprehensive view of potential threats. This enables organisations to identify compromised files more accurately and validate safe recovery points before restoring systems.
The solution operates across multiple stages of the data lifecycle, including routine backup processes, pre-restoration checks and triggered scans based on indicators of compromise (IOCs) or suspicious activity patterns. This layered approach ensures continuous monitoring while minimising operational disruption.
Cohesity has also introduced incremental scanning capabilities, allowing only newly added or modified data to be analysed. This reduces the performance impact on systems while maintaining visibility into the integrity of stored data.
A key feature of the new capability is its integration with security operations platforms, enabling scan results to be shared with SIEM and SOAR tools. This provides security teams with centralised visibility and supports faster response to potential threats.
The technology is powered by Sophos X-Ops threat intelligence, which draws insights from a global network of endpoints and firewalls. This intelligence is continuously updated using artificial intelligence, helping organisations stay ahead of emerging cyber threats.
Vasu Murthy, Chief Product Officer at Cohesity, said the integration reflects a collaborative approach to cybersecurity, where organisations benefit from combining leading technologies into a single platform. He noted that the goal is to provide customers with a seamless experience that enhances both detection and recovery capabilities.
Similarly, Sophos highlighted the increasing sophistication of cyberattacks, noting that attackers are no longer limited to traditional entry points and are now targeting backup and recovery systems. The integration aims to reduce the risk of reinfection and ensure that organisations can recover operations with confidence.
The new malware scanning capability is included as part of Cohesity Data Cloud Enterprise Edition, eliminating the need for separate licensing and simplifying deployment for customers.
Key benefits of the solution include:
- Advanced threat detection across known and unknown malware types
- Improved operational efficiency through automated and incremental scanning
- Secure recovery assurance by validating clean restore points
- Enhanced visibility through integration with security operations tools
The launch comes at a time when organisations are increasingly prioritising data security and cyber resilience strategies, particularly as digital transformation accelerates and attack surfaces expand.
Cohesity, which operates in more than 140 countries, continues to position itself as a leader in AI-powered data security, supporting enterprises in protecting critical data, reducing recovery time and strengthening overall resilience against cyber threats.
As cyber risks continue to grow in complexity, the integration of advanced malware detection into backup systems is expected to play a critical role in helping organisations maintain business continuity and protect sensitive data assets.
