Cohesity teams up with Google Cloud to tackle hidden malware

Cohesity, the AI-powered data security provider, has made significant threat protection enhancements to the Cohesity Data Cloud, redefining cyber resilience by uniting intelligence-driven threat detection, secure analysis, and rapid recovery into a single platform. Frontline Google Cloud security expertise allows organisations to better identify, analyse, and eradicate malware before it can initiate a destructive cyberattack.

Unlike traditional backup security approaches that rely on static signatures, external tools, or manual workflows, Cohesity delivers native, intelligence-driven malware analysis directly within the cyber resilience platform, closing one of the industry’s most dangerous blind spots: undetected threats embedded in historical backup data.

According to Cohesity, ransomware attacks, supply-chain compromises, and polymorphic malware are growing in scale and sophistication, enabling attackers to increasingly adopt stealthier, long-lived tactics to evade detection. Traditional signature-based tools are now inadequate, particularly for identifying low-and-slow threats hidden in historical backup data. 

Google Threat Intelligence in Cohesity Data Cloud enables real-time threat intelligence and secure malware detonation through a central management system, streamlining workflows between IT and security teams and enabling faster, more confident responses.

“Undetected malware hidden in backup data can both reinfect restored systems and, when properly scanned, reveal low-and-slow attacks that evade traditional detection,” said Vasu Murthy, Chief Product Officer, Cohesity. 

“By integrating Google Threat Intelligence, including Google Private Scanning, directly into the interface of Cohesity Data Cloud, we’re giving customers exceptional visibility and context into potential threats and powerful new ways to assess and eliminate risk—without fragmenting workflows or introducing operational complexity.”

The embedded Google Threat Intelligence capabilities surface detailed threat information, including investigative learnings from Mandiant’s incident response expertise and threat analysis, directly within the Cohesity Data Cloud user interface. IT and security teams can rapidly assess suspicious files using the latest indicators of compromise (IOCs), reputation data, and threat details without switching tools or relying on manual handoffs.

Cohesity also introduced a leading “secure sandbox analysis” capability, enabled by Google Private Scanning. This feature safely detonates suspicious files in a sandbox environment while preserving customer data privacy and sovereignty. The feature brings Google’s frontline security expertise—typically reserved for security operations centre (SOC) and incident response (IR) teams—directly into the cyber resilience layer, where teams make recovery decisions. 

From there, Cohesity provides users with detailed behavioural analysis that reveals potential system changes, network activity, registry modifications, and other payload behaviour. This allows teams to determine the actual risk posed by unknown or evasive malware before restoring data or reintroducing files into production. Because analysis occurs in a private scanning environment, organisations gain deep behavioural insight without exposing sensitive backup data to shared or third-party infrastructure.

Feature highlights include: 

- Faster threat identification and remediation by embedding real-time Google Threat Intelligence directly into Cohesity’s security scanning and response workflows. 

- Deeper, actionable insights through secure sandbox detonation and behavioural analysis of suspected malware 

- Improved collaboration between IT and security teams via a shared threat intelligence view 

- Stronger cyber resilience through differentiated, contextual threat protection capabilities  

“Organisations across the ASEAN region are facing increasingly sophisticated cyberthreats while trying to keep pace with regulatory demands and business continuity requirements,” said Lim Hsin Yin, VP, sales – ASEAN, Cohesity.

“Through our partnership with Google Cloud, we are combining Cohesity’s data security and recovery expertise with Google’s threat intelligence capabilities to help ASEAN organisations identify hidden risks earlier, validate clean recoveries, and restore operations with greater confidence.”

These enhancements build on Cohesity’s recent threat protection innovations, including rapid threat hunting and flexible scanning options, and follow on the heels of Cohesity’s expanded collaboration with Google Cloud, announced in mid-December. 

These capabilities also complement Cohesity’s broader cyber resilience roadmap on Google Cloud. Cohesity FortKnox, a managed cybervault solution, is now available on Google Cloud. FortKnox increases cyber resilience by maintaining an isolated, air-gapped copy of critical enterprise data, ensuring clean recovery even in worst-case scenarios where attackers compromise primary systems and traditional backups.

“At Google Cloud, we understand firsthand how attackers hide malicious payloads in places traditional security tools never look—including backups,” said Miton Adhikari, Head of Security OEM Partnerships. 

“By embedding Google Threat Intelligence and private sandboxing directly into Cohesity’s cyber resilience platform, organisations can detect what others miss and recover with greater speed and confidence.” 

Explore 

The embedded Google Threat Intelligence and secure sandbox analysis capabilities are now generally available in Cohesity Data Cloud. The offering is also available on the Google Cloud Marketplace.