Orchestrated Recovery for Cyber Incidents
This demonstration showcases Cohesity Recovery Agent, a feature within DataProtect designed to automate and orchestrate recovery workflows during ransomware attacks, data disasters, and catastrophic events. The presentation focuses on incident response scenarios where organizations need to isolate compromised systems in clean room environments while maintaining access to forensic tools. Recovery Agent introduces the concept of recovery groups that act as digital jump bags, providing incident responders with pre-configured, automated workflows that can be tested and rehearsed before actual emergencies occur. The solution addresses the challenge of coordinating recovery efforts without guesswork or miscommunication, particularly for critical workloads requiring rapid recovery time objectives.
Blueprints and Automated Workflows
The core functionality revolves around blueprints, which serve as automated runbooks for recovery operations. These blueprints enable organizations to define recovery options, dependencies, and automation rules that execute consistently across different scenarios. The demonstration highlights threat-aware workflows that perform automated threat scans and rehearsals on both digital jump bag components and application infrastructure before recovery. Blueprints can be configured to recover specific snapshot versions, allowing incident responders to analyze potentially infected backups in isolated environments. The system includes built-in reporting capabilities that document each step of the recovery process, providing audit trails for internal documentation and compliance requirements. A new Copilot integration further simplifies the creation of recovery groups and blueprints through guided workflows.
