Some of the more advanced security features in VBR (and linked tools)

SIEM integration(splunk)

• Add the Splunk server in VBR
• Add the Splunk server in V-One
• Modify some V-One alerts to send trigger-events
• Create a Splunk-timeline of events
• Create a Splunk-heatmap of events
• Create a Splunk-cake diagram of events
• Make drilldowns to the events from the diagrams
• FINAL RESULT: Trigger ransomware or Veeam-configs to check events in Splunk

OR… if you have the Veeam Data Platform Advanced licenses feel free to use the ready-made SPLUNK-plugin.

YARA rule scanning and secure restore

• Create a YARA rule and use it in Surebackup
• Scan a backup using a Yara rule (mount)
• Add an additional filemask to scan
• Verify (including logs) 2 different events: inline detection and post-processing
• Restore a potentially infected machine