Cohesity introduces Sophos-powered next-generation malware scanning in Cohesity Data Cloud

Cohesity said it made next-generation malware scanning powered by Sophos available within Cohesity Data Cloud, targeting malware detection in backup data and validation of restoration outcomes. The update focuses on reducing the risk of reinfection during recovery by adding malware scanning to backup workflows.

Cohesity linked the feature to scenarios where ransomware and supply-chain attacks increase the presence of malware in backup data, creating reinfection risk during recovery. It also said the scanning detects zero-day, polymorphic, and fileless threats that it described as bypassing primary defenses, and that it is intended to validate clean recoveries after cyberattacks.

According to Cohesity, the Sophos-powered engine inspects backups using signature-based detection, heuristic analysis, and file emulation techniques. Cohesity said scanning runs in three scenarios: during routine backups, before restoration, and after Indicators of Compromise (IOC) or YARA-based matches are detected. It also described incremental scanning of newly ingested data to minimize operational overhead while maintaining backup integrity visibility.

The company said the capability is included with Cohesity Data Cloud Enterprise Edition and does not require a separate Sophos license. Cohesity said the engine draws on Sophos X-Ops and that scan results are shared with Security Information and Event Management (SIEM) and Security Orchestration Automation Response (SOAR) tools. “Cyber resilience is a team sport, and our focus is on delivering the best outcomes for customers by bringing together the strongest technologies regardless of who developed them,” said Vasu Murthy, chief product officer, Cohesity. “By deeply integrating market-leading Sophos next-generation malware detection into Cohesity Data Cloud, we're giving customers a single, seamless experience that helps them uncover hidden threats in backup data and recover with confidence.” “Attackers are sophisticated. They have proven time and again that no environment is off limits, including what was once considered the safe haven of backup and recovery systems,” said Simon Reed, chief security officer, Sophos. “By embedding Sophos' deterministic and machine learning-based detection into Cohesity's platform, Sophos is helping customers reduce reinfection risk and recover with confidence.”