❗ Important
Our Cloud services are being updated in stages. If you do not see the updates mentioned here yet, they will be available in your region soon. To know more, see Druva Cloud Upgrade Process.
April 17, 2025
AWS GovCloud (US) Update
We’re excited to announce that the AWS GovCloud (US) will now support the following Cyber Resiliency features for Enterprise Workloads:
Curated Threat Intelligence and IOC Library integration: Druva offers its threat intelligence feeds (Druva-published IOC Sets) to enhance malware and ransomware detection across all Cyber Resiliency features, viewable with custom sets in the IOC Library.
Cyber Resiliency refreshed UI: Redesigned user interface for seamless experience.
Quick Scan capability for Restore Scan and Curated Snapshot features.
April 10, 2025
This release has minor bug fixes.
Fixed Issue
Issue | Description |
PHN-155936 | Restore Scan - For Enterprise Workloads (File Server and NAS): Fixed the issue wherein Quick Scan parameters configured via the restore UI were not honoured during data scanning. |
March 27, 2025
Feature
Strengthen Azure Virtual Machine security with Quarantine Bay
Protect your organization from ransomware spread by leveraging the Quarantine Bay feature to isolate infected Azure Virtual Machine (VM) snapshots.
This enhancement restricts data access and restore operations, preventing further infection.
You can access Quarantine Bay by following this path in the Druva Cloud Platform Console: Global Navigation Bar > Cyber Resiliency > Ransomware Recovery > Quarantine Bay.
For more information, see Quarantine for Azure Virtual Machines.
Enhancement
Curated Snapshot feature enhanced with new scan options
The Curated Snapshot feature now includes two distinct scan options to optimize malware detection.
Quick Scan (Default): A faster option with minimal impact on performance, ideal for regular use. It improves malware scan time by focusing on specific file types commonly associated with malware and recently modified files.
Deep Scan: A thorough scan of all file types for comprehensive malware detection, ideal for post-breach or suspected infection scenarios. It may require longer processing times, especially for large backups.
When Quick Scan is disabled, Deep Scan will be performed.
To view and update these new options, from the Druva Cloud Platform Console,
navigate to Global Navigation Bar > Cyber Resiliency > Ransomware Recovery > Curated Snapshot > Create Curated Snapshot > Snapshot Details
Here is a quick preview:
For more information, see
Known Issue
Issue | Description |
PHN-155936 | Restore Scan - For Enterprise Workloads (File Server and NAS), Quick Scan parameters configured via the restore UI are not honoured during data scanning. This issue will be fixed in the upcoming release. |
February 27, 2025
Enhancement
Enhancement to Restore Scan feature
We have now enhanced the Restore Scan feature with two new scan options:
Quick Scan (Default): A faster option with minimal impact on restore performance, ideal for regular use. It improves scan time by focusing on specific file types commonly associated with malware and recently modified files.
Deep Scan: A comprehensive option that scans all file types for thorough detection. It is best suited for post-breach restores or when malware is suspected. Due to its exhaustive nature, Deep Scan may take longer, particularly for large backups.
To view and update these new options, from the Druva Cloud Platform Console,
navigate to Global Navigation Bar > Cyber Resiliency > Ransomware Recovery > Restore Scan > Settings and click Edit.
Here is a preview
Here is a preview
Customer Action Required: None
For more information, see Enable Restore Scan.
February 13, 2025
This release has minor bug fixes.
AWS GovCloud (US) Update on February 10, 2025
We’re excited to announce that the AWS GovCloud (US) will now support Cyber Resiliency features for Enterprise Workloads. For more information, see the Enterprise Workloads Release Notes.
January 30, 2025
New Feature
Introducing curated Threat Intelligence and IOC Library integration
We’re excited to introduce the availability of Druva-curated Threat Intelligence (Druva-published IOC Sets) that will be used across all Cyber Resiliency features for malware and ransomware scans.
The Druva-published IOC Sets and the custom IOC Sets can be viewed under the IOC Library.
Here is a preview
Here is a preview
IOC Library is a centralized place to create and store multiple IOC Sets for IOCs - file hashes or file extensions belonging to different malware and ransomware families.
The IOCs for the Druva-published IOC Sets are sourced from widely trusted sources. For example, CISA advisories are one of the many sources referred to by Druva. The Druva-published IOC Sets are updated periodically with new IOCs. You will receive a notification when a new IOC Set is published by Druva.
📝 Note:
Druva-published IOC Set is available with only a Premium Security license.
You can create a custom IOC Set with the Accelerated Ransomware Recovery license.
This enhancement helps with better tracking and IOC management.
Here’s what you can do with the IOC Library integration:
The IOC Sets are directly used for scanning malware when you define scan criteria or parameters for malware checks for Restore Scan, Sandbox Recovery, and Curated Snapshot features.
Run proactive threat hunting on backups (VMware and EC2) using the Druva-published IOC Sets to ensure that backed-up data is free of infection from this prevalent malware.
Customer Action Required: None
For more information, see IOC Library.
January 16, 2025
This release has minor bug fixes.
January 03, 2025
Enhancement
Refreshed Cyber Resiliency User Interface
The Cyber Resiliency user interface is now redesigned to provide a seamless experience. Furthermore, the Security Center dashboard is refreshed to display critical information and advanced threat summary details in a consolidated view, enhancing accessibility to key insights. Here are some of the key enhancements:
1. Categorization of Cyber Resiliency Features
The features are rearranged on the Global Navigation Bar to simplify navigation ensuring streamlined access to the required information.
The Posture and Observability section will have the following features:
Access Events
Data Anomalies
Rollback Actions
The Ransomware Recovery section will have the following features:
Quarantine Bay
Curated Snapshots
Restore Scan
Threat Hunting
2. Renamed below Cyber Resiliency FeaturesThe features are relabelled more accurately representing its functionality and purpose.
Security Command Center to Security Center
Security Events to Access Events
Unusual Data Activity (UDA) to Data Anomalies
📝 Note
The Unusual Data activity functionality under the Security Events is now moved to a separate module under the Posture and Observability section.
Malicious File Scan to Restore Scan
November 21, 2024
This release has minor bug fixes.
November 07, 2024
This release has minor bug fixes.
October 24, 2024
This release has minor bug fixes.