Incident Response

W16 Bridging the Gap: How Backup Telemetry is Transforming Threat Detection and Incident Response

05/14/2025

3:30pm - 4:30pm

Shankar Subramaniam

VP & GM, Security

Druva

In today's evolving threat landscape, where backup data is both a target and a critical recovery asset, cybersecurity demands a new kind of visibility – one that seamlessly connects IT and security operations. Join Shankar Subramaniam, VP/GM of Security at Druva, as he explores how integrating backup telemetry into Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) platforms is reshaping threat detection and accelerating response times. This session will delve into the future of cyber resilience, spotlighting how data protection tools, when part of the security fabric, provide actionable insights that reduce risk, enhance compliance, and minimize downtime after cyber incidents. Gain practical knowledge on building a unified strategy that uses backup data as both a shield and a sensor.

You will learn:

  • The Strategic Role of Backup in Security Operations
    Understand why traditional backup architectures fall short in today’s threat landscape, and how integrating telemetry into SIEM/XDR platforms offers a unified, threat-aware approach that improves organizational cyber resilience.
  • Accelerating Threat Detection Through Contextual Insights
    Learn how real-time event ingestion and streamlined incident correlation from backup data can significantly reduce mean time to detect (MTTD) and mean time to respond (MTTR), enhancing the effectiveness of your incident response workflows.
  • Designing for Compliance, Recovery, and Continuity
    Explore how leveraging backup data in security workflows not only helps meet audit and regulatory requirements but also enables faster remediation actions – such as snapshot quarantining and restore orchestration – ensuring business continuity with minimal disruption.