Camp Rubrik: Data Security Foundations
  • Camp Rubrik: Data Security Foundations
    • Lab environment
    • Welcome to Zaffre
      • Tools you will be leveraging
      • SLA driven policy engine
      • Role Based Access Control (RBAC)
      • In-place Recovery Plans
    • Identify and Recover from an attack
      • The attack
        • Navigate the two storefronts
        • Ransom note
      • Anomaly Detection
        • Accessing Anomaly Detection
        • Visibility into the attack
        • Investigations page
        • Determining blast radius
        • Instant file recovery
      • Threat Hunting
        • Identifying the entry point of an adversary
        • Building a threat hunt
        • Monitoring a threat hunt in progress
        • Review a completed hunt
      • Sensitive Data Monitoring
        • Accessing Sensitive Data Monitoring
        • Visibility into sensitive data
        • Cyber incident response
        • Business as usual
        • Policies
        • Analyzers
        • Custom analyzers & policies
        • Reporting
      • All Clear To Recover
      • Cyber Recovery
        • Accessing Cyber Recovery
        • Forensic Analysis
        • Recovery Plans
        • In-Place recovery
      • Data Security Command Center
        • Accessing Data Security Command Center
        • Platform Security
        • Anomaly Detection
        • Data Security Posture
        • Data Protection and Recovery
        • Multi-factor Authentication (MFA) with Time-based One-Time Passwords (TOTP)
      • Conclusion
Powered by GitBook
On this page
Export as PDF
  1. Camp Rubrik: Data Security Foundations

Identify and Recover from an attack

Can you REALLY recover from a cyber attack? Ransomware will impact your environment disproportionately, leaving some assets infected and others clean. Learn how Rubrik solves that problem in this lab.

PreviousIn-place Recovery PlansNextThe attack

Cybersecurity authorities have observed a global increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations. Essential sectors of infrastructure including Healthcare, the Defense Industrial Base, Emergency Services, Food and Agriculture, Government Agencies, and Information Technology Sectors have been attacked. Victims of the most significant cyber and ransomware attacks of 2021 were hit with ransom demands totaling nearly $20 billion globally.

Introducing Rubrik Zero Trust Data Security for Ransomware Resiliency

The Rubrik Security Cloud is designed from the ground up to ensure organizations can get the data back if they are ever affected by ransomware. Unfortunately, that is just the beginning of the journey. How do organizations know what to recover and which recovery points to recover from? Was sensitive data in scope? Have you identified and disabled the malware strain that wreaked havoc? Do you have a way of orchestrating the recovery of whole applications and not just individual assets? These are the questions Rubrik set out to answer with our Rubrik Security Cloud that closely aligns to the NIST framework, the gold standard of best practices for protecting their most valuable asset.

This lab will walk you through a scenario designed to mimic a ransomware attack and the associated work that follows. You will see how easy it is with Rubrik to align IT and Security workflows and get back to business quickly.

The traditional approach to handling these kinds of attacks involves the recovery of a server from backup into a clean room, scanning for the malware, and repeating the process until a clean recovery point is identified. This is a painfully long process that can take days if not weeks of iteration in order to identify the clean recovery point. Once this clean recovery point is identified, it can be restored into production or can be used as a launching point for additional forensics.

Time is rarely a resource that is plentiful in the event of such an attack. This continuous iteration is also a blunt tool approach that rarely yields timely results. With Rubrik Security Cloud, you can remove this cycle of pain and also surgically recover impacted files as necessary, minimizing loss of data.