Veeam announced a new integration with Palo Alto Networks that combines Veeam’s data protection and backup solutions with Palo Alto’s advanced cybersecurity platforms, Cortex XSIAM and Cortex XSOAR.

The goal is to enhance the ability of organizations to monitor, detect, and respond to cyberattacks that target critical data and backups, while also improving recovery processes in the event of a security breach.

Key aspects of the integration include:

• Centralized Data Monitoring: Veeam’s apps allow data from Veeam Backup & Replication and VeeamONE environments to be integrated into Palo Alto’s Cortex XSIAM platform. This creates a single, unified view of backup and data protection activity.
• Automated Incident Response: The integration connects Veeam’s data protection tools to Palo Alto’s Cortex XSOAR platform, automating the detection of and response to security events. The system continuously monitors Veeam’s backup environments for significant alerts or incidents.
• Ransomware Recovery and Compliance: The integration helps organizations automate ransomware recovery processes, ensuring they meet recovery time objectives (RTO) and recovery point objectives (RPO). It also supports compliance with industry regulations by improving the reliability and speed of incident management.
• API-Driven Interaction: The integration uses a bidirectional API, allowing data to flow between Veeam’s solutions and Palo Alto’s platforms in real time. This API connection facilitates constant monitoring and rapid responses to emerging security threats.

New Veeam Applications

Veeam has developed two new applications as part of its integration with Palo Alto Networks’ Cortex platforms: one for Cortex XSIAM and another for Cortex XSOAR. The new applications are designed to enhance organizations’ monitoring, detection, and response capabilities when protecting critical business data and backup environments.

Here’s a breakdown of each application:

1. Veeam Application for Cortex XSIAM:
   • Purpose: This app integrates Veeam Backup & Replication data and VeeamONE environments into Palo Alto’s Cortex XSIAM platform.
   • Functionality: It provides a centralized dashboard that displays data protection and backup-related activities, allowing security teams to monitor backup security incidents alongside broader cybersecurity threats in real-time.
   • Benefits: By integrating with Cortex XSIAM, Veeam helps automate the scaling and centralization of data monitoring, making it easier for security teams to analyze and respond to threats impacting backups.
   • Availability: This app will be available soon, according to Veeam.
2. Veeam Application for Cortex XSOAR:
   • Purpose: This app works with Palo Alto’s Cortex XSOAR platform, facilitating regular API queries to detect significant security events or alerts impacting Veeam’s data protection systems.
   • Functionality: It enables automated monitoring and response to security incidents, reducing the need for manual intervention by continuously tracking Veeam Backup & Replication and VeeamONE for potential threats.
   • Benefits: The app provides enhanced incident response capabilities by integrating with Cortex XSOAR, ensuring that security teams can act faster to resolve issues related to critical data and backup environments.
   • Availability: This app is currently available for download in the Cortex Marketplace.

Both applications will work bi-directionally with Palo Alto’s systems, ensuring real-time data flow and enhanced cybersecurity for Veeam customers. They are available to Veeam Data Platform Advanced and Premium customers at no additional cost.

Analysis

Veeam’s new offerings bring significant new functionality to the market.

Customers, for example,  can monitor their data protection and cybersecurity environments from a single, unified dashboard. This centralized view reduces complexity and helps security teams manage incidents more efficiently. Automation further reduces manual processes, alleviating the burden on IT and security staff.

The new applications are available for Veeam Data Platform Advanced and Premium customers at no additional cost. This gives customers enhanced functionality without requiring further investments, making it a cost-effective solution for improving security and backup resilience.

Overall, Veeam’s integration with Palo Alto Networks offers a more robust approach to cybersecurity by aligning backup and recovery operations with advanced threat detection and response systems. This provides businesses with a stronger security posture and more resilient data protection strategies.