Commvault recently announced an expanded integration with Microsoft Security to better connect threat detection with trusted recovery.
The new integration uses Microsoft Sentinel, Microsoft Security Copilot, and the Commvault Cloud platform to streamline resilience operations (ResOps) and enable real-time data insights, helping organizations move quickly from identifying a threat to validating and restoring clean data faster with greater confidence.
The Commvault and Microsoft integration enables closer alignment between security and recovery teams through coordinated workflows. Security alerts from Commvault Cloud are ingested into Microsoft Sentinel data lake where security operations center (SOC) analysts can enrich these incidents with partner intelligence to access impact and validate scope.
Integrated capabilities
As part of this announcement, Commvault is introducing two integrated capabilities that directly bridge the gap between threat detection and trusted recovery. The first is a modernized Microsoft Sentinel Connector, which streams alerts and signals generated from Commvault Cloud Threat Scan and Risk Analysis.
It includes malware detections, backup anomalies, and sensitive data exposure into Microsoft Sentinel in real time. This enables security teams to correlate backup-layer intelligence with broader threat signals, improving early detection of ransomware patterns while seamlessly integrating into existing SOC workflows without added complexity.
The second capability is Commvault’s Investigation Agent within Microsoft Security Copilot, purpose-built for cyber recovery investigations. The agent autonomously analyzes suspicious activity and draws on Commvault’s recovery-layer intelligence to determine the full scope of an incident, including impacted hosts, anomalous encryption patterns, and validated restore points.
Modern approach
“By uniting and automating critical workflows, Commvault and Microsoft are ushering in a modern approach that can diminish the time between detection and recovery, advance the collaboration between IT and security teams, and keep enterprises running in a state of continuous resiliency,” commented Michelle Graff, SVP, Global Channels and Partnerships, Commvault.
“In today’s threat landscape, the need to connect AI-enabled intelligence with automated recovery has never been greater,” stated Krishna Kumar Parthasarathy, CVP, Sentinel Platform, Microsoft Security.
