How does Cohesity Alta View prevent malware reinfection during restoration?

Alta View scans backup images for malicious file hashes using threat intelligence feeds from CISA and Malware Bazaar, plus real-time entropy detection to identify ransomware. When malware is detected, the system marks affected assets and allows teams to identify clean recovery points before restoration, preventing reinfection.

What is the difference between hash-based detection and entropy detection?

Hash-based detection identifies known malware by comparing file fingerprints against threat intelligence databases, while entropy detection uses AI and machine learning to assess data randomness and identify unknown ransomware variants based on their behavior. Together they provide defense against both known and emerging threats.

Automated Threat Hunting in Cohesity Alta View

Name: Automated Threat Hunting in Cohesity Alta View
Uploaded: 2026-03-26T17:04:01-04:00
Duration: 6 min 46 s
Description: TL;DR Cohesity Alta View automates threat hunting in backups using hash-based detection integrated with CISA and Malware Bazaar feeds, plus AI-powered entropy analysis to identify unknown ransomware variants The Cyber Resiliency Dashboard provides risk...

Cohesity

03/26/2026

0 (0%)

Report Like Favorite

TL;DR

Cohesity Alta View automates threat hunting in backups using hash-based detection integrated with CISA and Malware Bazaar feeds, plus AI-powered entropy analysis to identify unknown ransomware variants
The Cyber Resiliency Dashboard provides risk scoring and malware impact visualization showing infected servers and connected systems to help security teams reduce blast radius during active attacks
Real-time entropy detection triggers automatic malware scans when anomalies are found, submitting indicators of compromise across the enterprise to prevent reinfection during restoration
Custom file hash uploads enable tracking of organization-specific threats while creating compliance audit trails for incident handling and security policy refinement

Automated Threat Detection in Backup Images

Cohesity Alta View introduces enhanced threat hunting capabilities that automate malware detection within backup images using hash-based detection and real-time entropy analysis. The platform integrates daily threat intelligence feeds from CISA and Malware Bazaar to identify known malicious file hashes, while AI-powered entropy detection identifies unknown ransomware variants based on behavioral patterns. When anomalies are detected during backup operations, the system automatically triggers malware scans and submits indicators of compromise across the enterprise to limit blast radius. This dual-layer approach combines proactive detection of new threats with reactive blocking of known malware, preventing reinfection during restoration processes and strengthening cyber recovery posture.

Cyber Resiliency Dashboard and Impact Analysis

The Cyber Resiliency Dashboard provides centralized visibility into security threats across Cohesity Alta environments through risk scoring, misconfiguration tracking, and malware impact visualization. Security teams can monitor risk scores at data center or asset levels, with higher scores indicating potential security events requiring investigation. The Malware Impact Analysis feature displays infected servers and their connected systems in a visual web, enabling rapid identification of affected assets and containment of spreading ransomware. The platform correlates suspicious activities, data anomalies detected during backups, and encryption events to track security event progression. Custom file hash uploads create audit trails for compliance purposes, while the recovery points interface allows teams to identify clean backup snapshots for restoration after gathering forensic evidence.

Chapters

0:00 - Introduction to Threat Hunting Enhancements
0:47 - Cyber Resiliency Dashboard Overview
1:46 - Malware Impact Analysis and Blast Radius
3:26 - File Hash Detection and Custom Uploads
4:55 - Anomaly Detection and Entropy Analysis
5:58 - Indicators of Compromise and IOC Scanning

Key Quotes

0:18 "This feature automates threat hunting in backups and enhances cyber recovery by preventing malware reinfection during restoration."
0:39 "We'll also explore a new automated capability that enables you to search daily feeds for malicious file hashes published by reputable third parties such as CISA and Malware Bazaar."
2:01 "Once ransomware infiltrates an infrastructure, it spreads rapidly and intentionally expands the attack's reach."
5:27 "Together these features provide proactive and reactive defense, ensuring early detection of anomalies and rapid containment, even when confronted with new threats."

Categories:

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

05/12/2026

01:00 PM

05/12/2026

Transforming Perceptions of AI Risks and Threats through Data Lineage Insights

https://www.truthinit.com/index.php/channel/1895/transforming-perceptions-of-ai-risks-and-threats-through-data-lineage-insights/
05/12/2026

11:30 PM

05/12/2026

Implementing Effective Strategies for Active Directory Security and Data Protection

https://www.truthinit.com/index.php/channel/1888/implementing-effective-strategies-for-active-directory-security-and-data-protection/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-revealing-ai-risks-and-threats-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming Data Lineage: Revealing AI Risks and Hidden Threats

https://www.truthinit.com/index.php/channel/1894/transforming-data-lineage-revealing-ai-risks-and-hidden-threats/
05/19/2026

01:00 PM

05/19/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1936/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/20/2026

08:00 AM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1937/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/20/2026

10:00 PM

05/20/2026

APAC: Establishing an AI Governance Framework for GenAI Throughout the Deployment Process

https://www.truthinit.com/index.php/channel/1953/establishing-an-ai-governance-framework-for-genai-throughout-the-deployment-process/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/27/2026

10:00 AM

05/27/2026

Harnessing AI: Transitioning from Illusion to Purposeful Mastery

https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transitioning-from-illusion-to-purposeful-mastery/
05/28/2026

01:00 PM

05/28/2026

AI in the Fast Lane: Effectively Managing AI Security for Small Teams

https://www.truthinit.com/index.php/channel/1951/ai-in-the-fast-lane-effectively-managing-ai-security-for-small-teams/
06/02/2026

01:00 PM

06/02/2026

Satori Spring: Insights from Recent Research on the 2026 Threat Landscape

https://www.truthinit.com/index.php/channel/1930/satori-spring-insights-from-recent-research-on-the-2026-threat-landscape/
06/04/2026

02:00 AM

06/04/2026

Mastering the Unseen: Managing Shadow AI and Agentic MCP Traffic

https://www.truthinit.com/index.php/channel/1948/mastering-the-unseen-managing-shadow-ai-and-agentic-mcp-traffic/
06/16/2026

07:00 AM

06/16/2026

Transforming Data Risk into Actionable Priorities: What to Address First

https://www.truthinit.com/index.php/channel/1952/transforming-data-risk-into-actionable-priorities-what-to-address-first/