Cohesity has announced the availability of next-generation malware scanning powered by Sophos, now natively integrated into its Cohesity Data Cloud platform. With this move, the company becomes the first to embed advanced antivirus detection alongside threat intelligence feeds directly within a data security platform. As cyber threats continue to evolve, this integration enables organizations to detect hidden malware within backup data and ensure safe, clean recovery after cyber incidents.
As ransomware and supply-chain attacks grow increasingly sophisticated, attackers are no longer limiting themselves to production systems. Instead, they are targeting backup environments, embedding malicious code that can reinfect systems during recovery. Therefore, organizations need deeper visibility into backup data. Cohesity addresses this challenge by incorporating Sophos-powered scanning capable of identifying zero-day, polymorphic, and fileless threats types of malware that often bypass traditional signature-based tools.
“Cyber resilience is a team sport, and our focus is on delivering the best outcomes for customers by bringing together the strongest technologies regardless of who developed them,” said Vasu Murthy, chief product officer, Cohesity. “By deeply integrating market-leading Sophos next-generation malware detection into Cohesity Data Cloud, we’re giving customers a single, seamless experience that helps them uncover hidden threats in backup data and recover with confidence.”
The integrated scanning engine uses a combination of signature-based detection, heuristic analysis, and file emulation to inspect backup data across multiple stages. For instance, it performs scans during routine backup processes, before restoring data, and after identifying indicators of compromise (IOCs) or YARA-based threat matches. As a result, organizations gain continuous visibility into the integrity of their backup environments.
Additionally, the platform uses incremental scanning to analyze newly ingested data without significantly increasing operational overhead. At the same time, triggered scans and pre-recovery inspections help validate trusted restore points whenever risks are detected. Consequently, security teams can move forward with recovery operations confidently, knowing that hidden threats have been identified and mitigated.
Sophos further strengthens this capability through its X-Ops threat intelligence network, which draws insights from millions of endpoints and hundreds of thousands of firewalls globally. By leveraging AI-powered classification, the system continuously improves its ability to detect both known and emerging malware threats. This ensures that detection capabilities remain up to date in an ever-changing threat landscape.
“Attackers are sophisticated. They have proven time and again that no environment is off limits, including what was once considered the safe haven of backup and recovery systems,” said Simon Reed, chief security officer, Sophos. “By embedding Sophos’ deterministic and machine learning-based detection into Cohesity’s platform, Sophos is helping customers reduce reinfection risk and recover with confidence.”
Moreover, the new capabilities deliver several key advantages for organizations. These include advanced threat detection through behavioral and heuristic analysis, improved operational efficiency through automated and always-on scanning, and clean recovery assurance through pre-restore validation. In addition, the platform integrates with SIEM and SOAR tools, allowing security operations teams to centralize threat visibility and response workflows.
Overall, this integration reflects a broader industry shift toward proactive cyber resilience. Instead of treating backups as passive storage, organizations now recognize them as critical components of security strategy. By embedding intelligence-driven malware detection directly into its platform, Cohesity is helping enterprises reduce risk, improve recovery confidence, and strengthen their overall defense posture against modern cyber threats.
Recommended Cyber Technology News:
- SK Telecom Boosts Cybersecurity After Data Breach
- Tracebit Secures $25M Series A for Cybersecurity
- CrowdStrike Boosts GovCloud Cybersecurity Capabilities
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
