Commvault adds early threat detection capabilities from TrapX to Metallic

The new ThreatWise offering becomes the ninth item in the Metallic catalogue, and offers what the company calls unique cyberdeception capabilities that fills out their solution with protection against data exfiltration that are now commonly part of ransomware attacks.

Ranga Rajagopalan, Senior Vice President, Products, Commvault.

Data management vendor Commvault has announced the general availability of Metallic ThreatWise, an early warning system that discovers unknown and zero-day threats to minimize compromised data and business impact.

Metallic is a SaaS product which was first announced almost three years ago.

“We have increased sales to 50 million in less than six quarters since the launch, which is really fantastic growth,” said Ranga Rajagopalan, Senior Vice President, Products, Commvault. “We now have over 2000 customers. Of these, 50% are also using some of other Commvault software. It’s the same platform and capabilities, but can be consumed as a service or software. Metallic and subscription revenue account for 64% of total ARR.” It is also attracting a lot of interest from MSPs, who are gravitating to Metallic because it reduces time to deliver a service.”

Now with ThreatWise, Metallic is expanding to cyberdeception. The ThreatWise deception technology comes from TrapX, which was acquired by Commvault in February of this year. While decoys and other deception tools have been used by vendors for decades, Commvault sees this technology as representing a real step forward.

“The real differentiation between them and the decoys that others use is the lightweight footprint of the traps, which really makes the bad actor think they are engaging with the real asset,” Rajagopalan said.

Rajagopalan stressed that the addition of ThreatWise to the Metallic offering gives it much greater capabilities against the increased presence of data exfiltration techniques that have become increasingly common as part of ransomware attacks.

“The ecosystem is evolving,” he said. “All the companies in this area guard the perimeter and do a good job. Inside the perimeter, companies invest in honeypot technologies, and if you get encrypted, you use backups to restore. Now with data exfiltration tactics being part of these attacks, you need to protect data before it gets compromised, Because we are a data management company, not data security, we understand the data, so as we proceed with the road map, we will be able to develop this further.”

Rajagopalan also emphasized that deception technology has much greater value as part of a fuller security process like Metallic can offer.

“As a standalone technology, TrapX serviced a small niche need,” he said. “But when you combine it with a broader backup, you get a much more robust solution. We provide a bridge that brings it into a broader ecosystem, which is something that TrapX couldn’t do as a standalone.”

Metallic has been rather stealthy both with the acquisition and then with bringing the technology to market.

“We took six months with the product to reduce the time to value required for customers,” Rajagopalan said. “The result is that it  is now offered as an as-a-service offering, with no more software that customers had to manage on their own. We also held back discussions around the acquisition until we were in a position where we could make it part of our portfolio.”

Rajagopalan indicated that MSPs should be pleased by the way this end-to-end solution provides customers with a broader combination to meet their needs.

“We introduced the MSP program a year back for Metallic, and in it, one of our most active MSPs is an MSSP,” he said. They realize it takes a combination as well as backup. Earlier they would specialize in security OR backup. Now the budgets for both are controlled by the CISO.”

Bassam Hemdan, Regional Vice President, Americas at Metallic.

“The majority of partners now have a mix of on-prem and as-a-service,” said Bassam Hemdan, Regional Vice President, Americas at Metallic. “CISOS now look at the security of both, and we can provide an on-prem backup that combines SaaS and on-prem with a single interface  so they know where their data is.

ThreatWise is sold as an item in the Metallic service catalogue, and becomes the ninth offering they have for sale there

“SaaS continues to be a major focus in the market, and now we have nine services,” Hemdan said. “We are continuing to shape management to Data Management as-a-Service.”