We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

Abstract image representing cybersecurity

Research Note: Cohesity’s Updates Cyber-Resilience for Google Cloud

At Google Cloud Next 2025, Cohesity announced several enhancements to its cyber resilience portfolio that provide deeper integrations with Google Cloud’s security capabilities. The announcements focus on AI-driven threat intelligence, incident response, secure recovery environments, and operational integration with Google Security Operations.

Google Threat Intelligence Integration with Cohesity Data Cloud

Cohesity integrates Google Threat Intelligence (TI) into its Data Cloud platform to enhance ransomware detection and incident response within backup environments.

Key capabilities include:

  • Automated scanning of backup data for Indicators of Compromise (IoCs) informed by Google TI, which (according the Google) aggregates data from 450+ tracked threat actors and over 1,100 annual incident investigations.
  • Inclusion of Mandiant’s threat intelligence capabilities within Google TI, extending detection to nation-state actors, advanced persistent threats (APTs), and cybercriminal operations.
  • Real-time updates on adversary tactics, techniques, and procedures (TTPs), enabling proactive threat hunting across backup datasets.

Clean Room Solution for Cloud Isolated Recovery Environment (CIRE) in Google Cloud

Cohesity expanded its existing Clean Room Solution by enabling the deployment of an isolated recovery environment in Google Cloud. The CIRE provides a secure, dedicated environment for post-incident recovery, forensics, and validation of clean data.

  • Functional components of the solution include:
  • Verification of backup data integrity using Google TI prior to restoration.
  • Segmented recovery workflows to minimize operational disruption.
  • Creation of a production-ready replica of business-critical applications within the CIRE for rapid failover and continuity.
  • Support for regulatory compliance by maintaining isolation between compromised production environments and recovery operations.

Cohesity and Google also plan to release reference architectures and validation services for the CIRE, leveraging Mandiant experts for security assessments, threat hunting, and penetration testing.

Incident Response Integration: Cohesity CERT and Mandiant IR Services

Cohesity formalized a joint incident response workflow with Google’s Mandiant IR Services. This integration provides coordinated response actions across primary production systems and backup infrastructure.

The combined offering enables:

  • Mandiant IR teams to contain and mitigate threats in primary environments.
  • Cohesity CERT to manage backup infrastructure, locate the last known clean copy of data, and orchestrate recovery within the Clean Room Solution.
  • Accelerated recovery workflows that minimize downtime and data loss.

This joint response model delivers a unified recovery strategy aligned across both production security operations and backup environments.

Cohesity Data Cloud Integration with Google Security Operations

Cohesity now integrates with Google Security Operations (SecOps) to enhance threat visibility and incident response automation across customer environments.

The integration supports:

  • Continuous monitoring of secondary (backup) data for anomalies and IoCs.
  • Automated forwarding of actionable alerts from Cohesity to Google SecOps.
  • Correlation of threat intelligence across primary and secondary data, improving root-cause analysis and incident prioritization.
  • Streamlined security operations with reduced manual intervention for SOC teams.

Analysis

Cohesity’s expanded integrations with Google Cloud address a critical gap in enterprise IT: aligning data protection strategies with modern cybersecurity operations. As ransomware, data extortion, and destructive attacks increase in frequency and sophistication, the traditional backup and recovery model as an isolated IT function has become insufficient.

Cohesity is positioning its Data Cloud platform as a core component of enterprise cyber resilience architectures, bridging SecOps with backup and recovery (traditionally viewed as separate silos).

It’s a strong, well-timed play that brings immediate value to enterprise IT customers:

  • Closes the Gap Between Backup and Security Operations: Cohesity’s integration with Google Threat Intelligence (and, by extension, Mandiant) provides a bidirectional flow of security context:
    • Backup data can now be scanned against continuously updated IoCs and adversary TTPs.
    • Security teams gain visibility into dormant threats within backups, a known attack vector for reinfection post-recovery.
  • Secure, Production-Ready Recovery with CIRE: Cohesity’s CIRE extends the recovery architecture into cloud environments where enterprises increasingly run critical workloads.
  • Integrated Incident Response Workflow The Cohesity CERT and Mandiant Incident Response partnership offers operational benefits for enterprises struggling with resource constraints or fragmented incident response processes.

The announcements raise the competitive bar. Integrating threat intelligence, clean room recovery, and incident response capabilities establishes a higher baseline for what enterprises will expect from data protection platforms. Cohesity’s competitors are heading here, but most with less momentum.

Cohesity’s announcements at Google Cloud Next 2025 mirror the evolving needs of enterprise IT: shifting from backup as a passive insurance policy to backup as an active component of enterprise cyber defense.

Enterprises now expect their data management platforms to actively contribute to threat detection, containment, and secure recovery.

Competitive Outlook & Advice to IT Buyers

These sections are only available to NAND Research clients and IT Advisory Members. Please reach out to info@nand-research.com to learn more.

Related Research

Picture of Steve McDowell

Steve McDowell

Steve McDowell is Principal Analyst and founder of NAND Research. Steve covers all things enterprise infrastructure, with a particular emphasis on data and storage .

Disclosure: The author is an industry analyst, and NAND Research an industry analyst firm, that engages in, or has engaged in, research, analysis, and advisory services with many technology companies, which may include those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2025 All rights reserved