New orchestration tool automates incident response workflows, joining a growing crowd of vendors targeting faster, smarter ransomware recovery.
Cohesity has launched RecoveryAgent, an AI-driven orchestration and automation tool aimed at streamlining and accelerating cyber incident response and recovery. Targeted at users of Cohesity DataProtect and FortKnox, RecoveryAgent is designed to automate critical recovery tasks, from malware scanning and threat hunting to mass recovery across on-premises and cloud environments. The platform enables organizations to create customizable recovery blueprints that detail the exact sequence of actions needed after a cyber event, such as identifying clean data copies and restoring systems in priority order. Testing and compliance checks can be run within isolated environments, allowing IT teams to validate recovery plans without impacting live operations.
The new offering arrives as vendors across the data protection and security market push hard into cyber resilience. Rubrik recently introduced Ruby, an AI-powered assistant intended to speed up cyber incident resolution and guide users through recovery steps. Commvault has enhanced its cyber recovery portfolio with integrations to incident response tools like CrowdStrike Falcon, aiming to streamline threat detection and data recovery orchestration. Meanwhile, Veeam emphasizes pre-attack, during-attack, and post-attack workflows through its Cyber Secure program, aiming for a full lifecycle approach to data resilience. This broader market shift highlights a clear trend: combining AI, orchestration, and automation to move beyond passive backup toward active cyber defense and recovery readiness.
With RecoveryAgent, Cohesity aims to position itself firmly within this emerging paradigm. Unlike traditional backup workflows that often rely on manual playbooks and slow system restores, RecoveryAgent’s use of prebuilt and customizable workflows helps organizations to automate and accelerate their incident response. Its non-disruptive testing capability, performed in sandboxed environments, is critical in an era when downtime and data loss can have catastrophic operational and financial impacts. Cohesity’s platform also supports role-based access control and audit trails to ensure compliance and governance needs are met during recovery operations, aligning with enterprise security and regulatory requirements.
Overall, Cohesity’s move is consistent with where the broader market is heading, but the competitive stakes are rising. As cyberattacks grow in sophistication and frequency, organizations increasingly demand recovery solutions that are proactive, verifiable, and integrated with their broader security ecosystems. Cohesity’s focus on blueprint-driven, automated recovery is well aligned with these needs, but differentiation will depend on execution and ecosystem integrations over time. The competitive landscape is heating up, and vendors that can tightly weave cyber recovery into customers’ existing security operations, while keeping workflows simple and reliable, are likely to stand out.
