Cohesity, a recognized leader in AI-powered data security, has announced the expansion of its Cohesity Identity Resilience portfolio with new, advanced Identity Threat Detection and Response (ITDR) capabilities. With this launch, the company delivers a broader and more unified approach to protecting, monitoring, and rapidly recovering critical identity infrastructures, including Active Directory (AD) and Microsoft Entra ID.
As enterprises continue to modernize IT environments, identity has become the backbone of digital operations. Every access request, system privilege, and user action depends on trusted identity services. Consequently, when identity platforms are compromised, organizations can experience immediate and widespread disruption. Cybercriminals increasingly target misconfigurations, excessive privileges, and weak controls to move laterally and gain access to sensitive data. Cohesity addresses this growing risk by introducing purpose-built ITDR capabilities designed to proactively harden identity environments, detect threats in real time, and enable precise, accelerated recovery.
“Identity is at the heart of cyber resilience. When identity systems are compromised, the impact can be immediate and business-wide,” said Vasu Murthy, chief product officer, Cohesity. “By bringing together threat detection, automated response, and rapid recovery across Active Directory and Entra ID, Cohesity delivers an industry-leading solution with a single, unified view of hybrid identity risk. This enables organizations to reduce risk, stop identity driven attacks faster, and recover with confidence before, during, and after an attack.”
Cyber Technology Insights: Cohesity and Google Cloud Partner to Boost Cyber Resilience and Enterprise AI
Building on the company’s momentum and its partnership ecosystem, including its collaboration with Semperis, Cohesity’s expanded ITDR capabilities integrate advanced technologies for securing and restoring both AD and Entra ID. This unified approach allows security teams to manage identity risks across hybrid environments through a single operational framework.
Before an attack occurs, the platform continuously evaluates identity posture, uncovering misconfigurations, highlighting risky changes, and detecting early indicators of identity-based attack behavior. This proactive monitoring reduces the overall attack surface and exposes suspicious activity before adversaries can escalate privileges or move laterally.
During an active incident, automated remediation takes center stage. The new capabilities can immediately respond to malicious changes within AD and Entra ID, executing rollback actions that are too critical to delay. In addition, security teams can create custom detection rules, alerts, and automated workflows to contain threats and interrupt attacker activity in real time.
Cyber Technology Insights: Cohesity and AWS Form Collaboration to Advance AI-Powered Cyber Resilience
After an incident, Cohesity accelerates investigation and recovery by translating complex identity change logs into natural language insights. This simplifies analysis, enabling faster searches, forensic review, and precise rollback at both object and attribute levels. As a result, teams can trace attacker actions, isolate compromised accounts, and prevent repeated intrusions using detailed, point-in-time visibility.
The latest release introduces several powerful enhancements, including continuous vulnerability assessments powered by expert threat intelligence, automated rollback of malicious changes, and tamperproof tracking that preserves identity records even if logs are disabled. Additional capabilities cover service account protection, near real-time Entra ID change tracking, pre-built compliance reporting aligned with major regulations, and seamless SIEM/SOAR integrations with platforms such as Splunk and Microsoft Sentinel.
Together, these improvements deliver measurable business impact. Organizations can achieve dramatically faster AD forest recovery, reduce the likelihood of successful identity-based attacks, and cut down on time spent managing identity monitoring manually resulting in stronger business continuity and significant operational savings.
“What we hear most from customers is how difficult identity incidents are to detect and prevent,” said Justin Hall, vice president of Strategic Partner Growth, Pellera. “Cohesity gives teams innovative solutions to spot risky identity changes early, respond automatically when needed, and cleanly recover their identity systems quickly, helping customers stay operational even in the face of sophisticated attacks.”
The new ITDR capabilities are now available as part of Cohesity’s Identity Resilience offering, reinforcing the company’s commitment to making identity a central pillar of enterprise cyber resilience.
Cyber Technology Insights: Cohesity and Semperis Announce That Unifies Data and Identity Resilience
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
