Getty Images/iStockphoto

Laminar security posture tech now part of Rubrik platform

Rubrik's acquisition of Laminar last year brings new data security posture management tools to its backup platform for better visibility of user identity and activity.

Rubrik's data backup platform is furthering its cybersecurity ambitions with the integration of digital security posture management capabilities from Laminar into its new Rubrik Enterprise Proactive Edition.

Laminar's technology, which Rubrik acquired last summer, includes infrastructure visibility for security risks, identity governance and activity logging within a Rubrik hybrid cloud backup environment.

This suite of features is part of the emerging data security posture management (DSPM) category, according to Krista Macomber, an analyst at Futurum Group. DSPM is becoming a priority for vendors as customers are finding their security compromised by faux credentials and rogue user accounts.

Such capabilities should enable administrators to identify suspicious activity within backups before exfiltration or infection begins, as these tools proactively look for malicious behavior, Macomber said.

Attacks against backup environments that use phishing, stolen credentials or emerging technologies such as AI will only increase. Stopping these attacks will require greater sophistication than snapshot immutability or attempting recovery, which could take hours or days for a significant infection, she said.

"Becoming more proactive is absolutely important because attacks are going to become more mature and are evolving," Macomber said. "The sooner you can detect an attack, the sooner you have a chance to limit its impact on your environment."

Digital backup bouncers

DSPM encompasses any capability for ensuring data has a correct security posture according to an organization's rules and regulations, said Todd Thiemann, a security analyst at TechTarget's Enterprise Strategy Group.

IT teams are facing a digital morass of clouds, SaaS products and on-premises environments they have to sort through, manage and secure. Data within these environments could be forgotten or ignored, making its access credentials or stored information a liability, he said.

"The fundamental problem is there are too many apps and data for security to follow," Thiemann said. "[DSPM is] about discovering where that data is and categorizing it with policies, [as well as] finding who has access and then tying in policy actions."

The term DSPM piggybacks off the zeitgeist cloud security posture management, or CSPM, which refers to the protection of cloud infrastructure.

Rubrik is now selling these capabilities bundled into the Rubrik Enterprise Proactive Edition of its platform offerings. This edition is available as a SaaS, appliance or software and managed through the Rubrik Security Cloud console. The existing version without DSPM capabilities, Rubrik Enterprise Edition, is still available.

Security and backup teams share a similar goal in finding and protecting vulnerable data, said Christophe Bertrand, a backup analyst at Enterprise Strategy Group.

Products that bundle DSPM technology to secure backups as well as other data sources are leading to further convergence between backup admins and security teams, he said.

Network identity and credential verification is a significant vulnerability for many organizations, as lapsed user credentials can act as a backdoor to valuable data, according to Bertrand. Having the visibility to know what users or devices can access specific data and where that data is located is a valuable preventive capability.

I would not be surprised if other players in data protection lean into this market as well.
Krista MacomberAnalyst, Futurum Group

"Backup and recovery [teams] have been trying to do the same work all along to find where the data is," he said. "It's converging. The one thing that's in common [for IT customer needs] is the data is resilient. What you're looking at is the first stage of those disciplines [converging]."

Brand new up-sell

Analysts and vendors expect DSPM technology to be in demand in the near future, as data security remains top of mind for CIOs and CISOs.

"The more visibility you have to your data is going to be critical for cyber resiliency," Macomber said. "I would not be surprised if other players in data protection lean into this market as well."

Rubrik's acquisition of Laminar is not unique, as other enterprise technology vendors are purchasing DSPM startups, according to Mike Tornincasa, chief business officer at Rubrik. He pointed to the acquisitions of Flow Security by CrowdStrike, Dig Security by Palo Alto Networks and Avalor by Zscaler as examples all within the past several months.

For Rubrik, its shift deeper into cybersecurity offerings needed a visibility and identity component, Tornincasa said, especially as cyberattacks have prioritized seizing user credentials.

"The tectonic shift in technology isn't the bad guys breaking in, but logging in," he said. "Everyone recognized this is a gap."

But whether DSPM will become a feature or a new vendor ecosystem remains to be seen, Thiemann said.

Buyers might not want to be locked into a specific platform and decide a separate offering they could slide into an existing stack is better, he said. Which IT discipline needs to manage DSPM will also play a role in buying decisions, he added.

"The jury's still out," Thiemann said. "When you look at the different disciplines it touches, it may not lend itself to a platform play."

Tim McCarthy is a news writer for TechTarget Editorial covering cloud and data storage.

Dig Deeper on Data backup and recovery software