EXPEDITED RECOVERY BASED ON DATA STORAGE MANAGEMENT INTEGRATION WITH CYBER THREAT DECEPTION
Abstract:
Data recovery from a cyber-attack is expedited based on data storage management integration with cyber threat deception. A cyber threat detection and deception system analyzes a “deposit” placed by an attacker at a deception trap, identifies distinguishing attributes of the deposit, and determines which subset of real data assets may be at risk, preferably based on subnet/VLAN proximity to the attacker's deposit. By focusing immediate attention on the subset of at-risk assets, a data storage management system shortens the amount of time needed to identify safe copies and components and to prepare them for recovery. Storage operations involving the at-risk assets are suspended and users are not shown at-risk assets and cannot invoke recovery or copy operations for them. Without the focus on at-risk assets provided by the cyber threat detection and deception system, the data storage management system would take much longer to navigate its backup data stores.
Information query
Patent Agency Ranking
0/0