Commvault, CrowdStrike enhance recovery visibility

Commvault has expanded its integration with CrowdStrike to provide bi-directional visibility between Commvault Cloud and CrowdStrike Falcon Next-Gen SIEM. The update is intended to help security and IT teams assess the integrity of backup data more quickly and make informed recovery decisions during cyber incidents.

As threat actors increasingly move laterally across networks, organisations face pressure not only to detect attacks promptly but also to ensure that backup data remains clean and reliable. Commvault previously integrated with the CrowdStrike Falcon platform to help identify potentially compromised backup sets by automatically flagging data considered at risk.

The latest enhancement extends this collaboration by enabling Commvault’s security capabilities, including AI-based anomaly detection, to feed directly into Falcon Next-Gen SIEM. This allows security telemetry and backup integrity insights to be viewed within a single environment, supporting coordinated investigation and response.

According to the companies, the integration is designed to reduce the risk of reinfection by combining threat signals from Falcon Next-Gen SIEM with Commvault’s threat scanning, data integrity analytics and recovery validation tools. Shared visibility is intended to assist security operations (SecOps) and IT teams in identifying affected systems, assessing the potential impact of an incident and determining which data sets are safe to restore.

Executives from both companies said the collaboration aims to improve alignment between security monitoring and data recovery processes, enabling organisations to move more efficiently from detection to restoration following an attack.