Cohesity announced new, advanced Identity Threat Detection and Response (ITDR) capabilities that expand its Cohesity Identity Resilience portfolio, delivering a more comprehensive approach to securing, protecting, and recovering critical identity systems such as Active Directory (AD) and Microsoft Entra ID.
Identity is foundational to enterprise security, underpinning all access. Without it, operations grind to a halt, and organizations are at risk. Attackers constantly seek to exploit misconfigurations, privilege escalation paths, and weak controls to gain access to sensitive data. Cohesity is confronting this challenge head-on with purpose-built capabilities that proactively strengthen identity security posture, stop identity-driven attacks in real time, and accelerate recovery with precision.
“Identity is at the heart of cyber resilience. When identity systems are compromised, the impact can be immediate and business wide,” said Vasu Murthy, chief product officer, Cohesity. “By bringing together threat detection, automated response, and rapid recovery across Active Directory and Entra ID, Cohesity delivers the industry’s only solution with a single, unified view of hybrid identity risk. This enables organizations to reduce risk, stop identity driven attacks faster, and recover with confidence before, during, and after an attack.”
Gregg Petersen, Regional Director for the Middle East, said: “Organisations across the UAE are clearly recognising the need to modernise their identity management and associated data access protocols as they accelerate cloud adoption and digital transformation. Driving this realisation is the fact that identity-based malicious cyberattacks have become one of the most common attack vectors across the Middle East. This expansion of Cohesity’s Identity Resilience portfolio gives our customers a modern and secure approach to identity threat detection, allowing them to respond faster and recover with confidence while enhancing their cyber resilience, business continuity, and regulatory compliance posture.”
A unified approach to identity resilience across Active Directory and Entra ID
Building on the momentum of Cohesity’s partnership with Semperis, the new ITDR capabilities combine industry-leading technologies for securing and recovering Microsoft AD and Entra ID.
- Before an attack, Cohesity continuously inspects identity posture, detects misconfigurations, flags risky changes, and identifies identity-based attack patterns early to minimize the attack surface and shine a light on lateral movement attempts across hybrid AD environments.
- During an attack, automated remediation capabilities immediately respond to malicious changes across AD and Entra ID and execute critical rollback actions that can’t wait for human intervention. Security teams can also build custom rules, alerts, and automated workflows to halt attackers in their tracks.
- After an attack, Cohesity helps accelerate incident response by converting complex identity change data into natural language, enabling rapid investigation, search, and rollback at the object and attribute levels. Teams can trace attacker activity, isolate and evict attackers, and prevent repeat intrusions with granular, point-in-time forensics.
New capabilities in this launch include:
- Vulnerability Assessment: Continuous monitoring of AD and Entra ID for indicators of exposure (IOEs) and compromise (IOCs), powered by expert threat intelligence.
- Automatic Rollback: Automated remediation actions that reverse malicious or risky identity changes in real time.
- Tamperproof Tracking: Immutable tracking of identity changes, even if logs are turned off or bypassed.
- Service Account Protection: Detection and remediation of dormant, misconfigured, or overly privileged service accounts.
- Entra ID Change Tracking: Near real-time visibility into role assignments, group membership changes, and user attribute modifications.
- Compliance Reporting: Pre-built templates aligned with GDPR, HIPAA, PCI, SOX, and other regulatory frameworks.
- SIEM/SOAR Integrations: Seamless connectivity with Splunk and Microsoft Sentinel to enrich SOC workflows.
Cohesity’s expanded ITDR offering delivers measurable improvements in enterprise cyber resilience:
- 90% faster AD forest recovery time
- 25% reduction in the likelihood of a successful AD attack
- 40% reduction in time spent on manual identity monitoring
- Millions in savings through improved business continuity and operational costs
Cohesity’s differentiated solution is unmatched by backup-only or point-solution vendors. The new ITDR capabilities are now available as part of the Cohesity Identity Resilience offering.
