Language

Product

Druva Strengthens AWS Ecosystem Support with Threat Hunting Capabilities for Amazon EC2 and Amazon RDS Air-Gapped Backups

Steven Duff, Product Marketing and Ruso Bhattacherjee, Content Marketing

Exciting news from Druva today! We're introducing Threat Hunting for Amazon EC2 and Amazon RDS Air-Gapped Backups to deliver comprehensive data protection and security for AWS workloads. These new capabilities complement Druva’s existing coverage for AWS workloads, including for EC2, EBS, RedShift, DocumentDB, and Neptune, and enable businesses built on AWS to keep their backup data effectively isolated from their primary environments—protecting them from credential breaches and evolving cyber threats.

Without the right tools, blindly restoring backups can bring undetected threats back into your environment. That’s why Druva’s new threat hunting capabilities for Amazon EC2 are a game changer. They enable you to find indicators of compromise (IOCs) that traditional security tools might miss, isolate suspicious data, and restore only the clean, safe files—quickly and seamlessly.

Additionally, Druva is expanding its AWS workload offerings—with new enhanced support for Amazon RDS. With Druva support for Amazon’s Relational Database Service (Amazon RDS), you can air-gap your data and completely isolate backups from your AWS environment. This ensures your data stays safe from credential compromise and cyber threats, giving you a strong foundation for true cyber resilience. With Druva’s 100% SaaS, cloud-native solution, you get peace of mind knowing that your backup data is completely isolated from your primary Amazon RDS data. Pair that with enhanced threat hunting capabilities for Amazon EC2 and you’re equipped to detect threats faster, quickly stop the spread of infections, and ensure uninterrupted access to clean, recovery-ready data.

How Threat Hunting Strengthens Your Amazon EC2 Data Security

Securing backup data is now table stakes for an effective cyber resilience strategy. Malware-related breaches are quickly evolving and more dangerous than ever. Why? Because they can quietly linger in your systems for months—even years—while adversaries spread through your network, steal sensitive data, and compromise your backups. Traditional security measures aren’t enough to keep malware from slipping in and reinfecting your systems during recovery. How can you be certain that you’ve identified any threats in your backups so you don’t accidentally restore compromised data?

That’s why proactive measures, like scanning backups for potential threats, are so important. And that’s exactly where Druva’s threat hunting capabilities for Amazon EC2 backups come in. Our comprehensive approach lets you actively search for and address threats hiding in your backed up data. Threat hunting is about getting ahead of the game—finding those hidden dangers by identifying IOCs in both your historical and recent backup data.

With this feature, IT and security teams have a unified view of threats—and they can define the scope of resources, adjust scan depth, set IOC parameters, and even decide how often to run threat hunts, whether proactively or on-demand. Plus, the results integrate seamlessly with your existing security systems like XDR, SIEM, and SOAR, making it easier to coordinate response efforts across both security and IT operations. With this proactive strategy, you can quickly isolate, analyze, and neutralize threats, stopping infections from making their way back into your production environment.

We don’t stop there. Druva also gives IT and security teams the insights they need to tackle incident response (IR) workflows with confidence. Here’s what makes our approach stand out:

  • Faster response: Our detailed logs and audit trails make it easier for IR teams to pinpoint and analyze incidents, so they can respond quickly and effectively.

  • Centralized threat hunting: With rich metadata at your fingertips, you can identify and remediate IOCs—like suspicious file types or patterns—across your entire data environment.

  • Flexible scanning options: Users can customize scanning parameters, defining the scope and frequency of threat hunts to meet specific security needs.

  • Enhanced forensics: Gain access to deep, context-rich data insights that help you determine whether sensitive data was compromised or if compliance regulations were breached.

Druva’s threat hunting for Amazon EC2 gives security teams the tools they need to quickly contain threats, cut down response times, and minimize the impact on operations—all while making it easier to manage security and compliance for your Amazon EC2 backups.

Why Druva’s Air-Gapped Backup Solution is a Game Changer for Amazon RDS

Amazon RDS is a fully managed web service that plays a critical role by providing reliable relational databases in the AWS Cloud. While AWS offers native data backup options, they don’t fully isolate backup data from the primary RDS data. This lack of isolation leaves backups vulnerable to ransomware attacks and credential breaches, especially when both primary and backup data are tied to the same AWS organization.

While AWS’s native backups (and third-party options) don’t support air-gapping for RDS databases, Druva’s support for Amazon RDS ensures secure, fully decoupled protection for RDS instances. With this innovative approach, businesses can protect their critical data against ransomware attacks and credential compromises by keeping backups completely separate from their AWS organization. Here’s why Druva’s solution is a breakthrough for safeguarding Amazon RDS data:

  • Fully decoupled backups: Druva minimizes exposure to ransomware and credential breaches with its air-gapped solution to ensure RDS backups are entirely separated from your AWS environment.

  • Immutable backups: With Druva, your backups are tamper-proof and guaranteed to stay intact and recoverable, even during a security breach, thanks to the data lock features.

  • Simplified management: Druva eliminates the need for backup infrastructure with an agentless, SaaS-based design that enables you to manage AWS workloads like EC2 and RDS effortlessly from a single, unified console.

  • Broader AWS database coverage: Druva gives your business greater resilience across more AWS databases by extending its air-gapped backup support to Amazon DocumentDB and Amazon Neptune.

  • Cost efficiency: Druva keeps costs under control without compromising protection by reducing the need for redundant backup copies and eliminating egress fees for cross-region data transfers. 

Druva: Your Comprehensive Cloud-Native Data Protection Partner for AWS

Druva simplifies securing and managing AWS workloads with unmatched efficiency and resilience. As the only fully SaaS-based data protection solution built on AWS, Druva combines scalability, security, and simplicity to protect your critical workloads and databases—wherever they reside.

With new Amazon RDS air-gapped backups and EC2 threat hunting capabilities, Druva takes AWS data security to the next level, strengthening enterprise-grade protection for EC2, EBS, RDS, RedShift, and DynamoDB. From secure air-gapped backups to rapid recovery and disaster recovery, Druva delivers a robust, autonomous data security platform built for cloud-first businesses.

Resources

  • To learn more about how Druva can protect critical data across the AWS ecosystem, visit Druva booth #1075 at AWS re:Invent in Las Vegas on December 2-6, 2024.

  • To learn more about Druva’s advanced data security features for AWS workloads, visit our AWS solution webpage.

  • For more information on Druva’s Amazon RDS Air-Gapped Backups, read the datasheet.