公开(公告)号：US20240056481A1

公开(公告)日：2024-02-15

申请号：US17901685

申请日：2022-09-01

Applicant: Commvault Systems, Inc.

Inventor： Paul IGNATIUS ,  Arun Prasad AMARENDRAN ,  Steven Michael PRESTON ,  Mori BENECH ,  Irina CHEKAREV ,  Indu Sekhar PEDDIBHOTLA ,  Manoj NAIR

IPC: H04L9/40

CPC classification number: H04L63/1491 ,  H04L63/1433

Abstract: A cyber threat detection and deception system interoperates synergistically with a data storage management system. As a proxy for identifying crown jewels among many and diverse data assets in a network, the illustrative cyber threat detection and deception system uses service level information obtained from the data storage management system, e.g., RPO, RTO, append-only secondary storage, synthetic-full frequency, etc. The cyber threat detection and deception system emulates proprietary protocols used by storage management technologies such as the data storage management system, etc. By creating emulation traps and an emulation lexicon of these storage-related protocols, the illustrative cyber threat detection and deception system can create and execute cyber deception plans for the proprietary storage management assets. Synergistically, the illustrative data storage management system is configured to respond to alerts and react to other information received from the cyber threat detection and deception system by taking certain corrective and/or protective actions.

公开(公告)号：US20140351219A1

公开(公告)日：2014-11-27

申请号：US14262313

申请日：2014-04-25

Applicant: CommVault Systems, Inc.

Inventor： David Alan OSHINSKY ,  Paul IGNATIUS ,  Anand PRAHLAD ,  Andreas MAY

IPC: G06F17/30 ,  G06F11/14

CPC classification number: G06F17/30864 ,  G06F11/1402 ,  G06F11/1415 ,  G06F11/1469 ,  G06F17/30106 ,  G06F2201/80 ,  Y10S707/99932 ,  Y10S707/99944 ,  Y10S707/99953 ,  Y10S707/99955

Abstract: A data retrieval system comprising a first computing device communicatively coupled to a second computing device; the first computing device having a processor that supports operation of at least one software application that is used for retrieving data; the second computing device communicatively coupled to one or more storage media; the software application having a retrieval module for retrieving data from the one or more storage media; a storage and backup map that maps to the second computing device; and a data index stored on the second computing device that indicates to the retrieval module a particular location of the data that is to be retrieved by the retrieval module.

Abstract translation: 一种数据检索系统，包括通信地耦合到第二计算设备的第一计算设备; 所述第一计算设备具有支持用于检索数据的至少一个软件应用的操作的处理器; 通信地耦合到一个或多个存储介质的第二计算设备; 所述软件应用具有用于从所述一个或多个存储介质检索数据的检索模块; 映射到第二计算设备的存储和备份映射; 以及存储在第二计算设备上的数据索引，其向检索模块指示要由检索模块检索的数据的特定位置。

公开(公告)号：US20250039236A1

公开(公告)日：2025-01-30

申请号：US18399966

申请日：2023-12-29

Applicant: Commvault Systems, Inc.

Inventor： Paul IGNATIUS ,  Arun Prasad AMARENDRAN ,  Indu Sekhar PEDDIBHOTLA

IPC: H04L9/40

Abstract: The disclosed cyber threat detection and deception system leverages metadata information collected by the data storage management system. Using the metadata collected by the data storage management system, the cyber threat detection and deception system analyzes that metadata to detect any anomalies. Once suspicious or abnormal behavior is detected in an asset, the cyber threat detection and deception system creates and deploys a cyber deception plan for that asset. The cyber deception plan is implemented by way of deploying sensors or emulation traps in any number of cyber-threat appliances within the data network. Lures or tokens are configured and deployed on the suspected assets themselves to redirect attackers to the emulation traps.

公开(公告)号：US20240056482A1

公开(公告)日：2024-02-15

申请号：US17954189

申请日：2022-09-27

Applicant: Commvault Systems, Inc.

Inventor： Paul IGNATIUS ,  Arun Prasad AMARENDRAN

IPC: H04L9/40

CPC classification number: H04L63/1491

Abstract: Data recovery from a cyber-attack is expedited based on data storage management integration with cyber threat deception. A cyber threat detection and deception system analyzes a “deposit” placed by an attacker at a deception trap, identifies distinguishing attributes of the deposit, and determines which subset of real data assets may be at risk, preferably based on subnet/VLAN proximity to the attacker's deposit. By focusing immediate attention on the subset of at-risk assets, a data storage management system shortens the amount of time needed to identify safe copies and components and to prepare them for recovery. Storage operations involving the at-risk assets are suspended and users are not shown at-risk assets and cannot invoke recovery or copy operations for them. Without the focus on at-risk assets provided by the cyber threat detection and deception system, the data storage management system would take much longer to navigate its backup data stores.