NetApp® (NASDAQ: NTAP), the Intelligent Data Infrastructure company, today announced new industry-leading cyber resilience capabilities that further strengthen the most secure storage on the planet. The newly enhanced and renamed NetApp Ransomware Resilience service enables customers to make their data infrastructure a leading part of their comprehensive security strategy with integrated AI-powered ransomware detection and two new capabilities: a first-in-the-industry ability for enterprise storage to detect data breaches; and isolated recovery environments to enable safe and clean recovery of mission-critical data.
As enterprises face their most pressing challenges—AI innovation, data modernisation, cyber resilience, and cloud transformation—they need a secure, reliable, and efficient data infrastructure. While investments in AI are creating unprecedented opportunity for enterprises, they are also expanding their attack surfaces. NetApp makes data infrastructure a critical part of enterprise security strategy, leveraging AI to protect enterprise data and eliminate operational disruption.
“To effectively protect your data from a cyberattack, you need to know it happened as early as possible to take action,” said Gagan Gulati, Senior Vice President and General Manager, Data Services at NetApp. “With new AI-powered capabilities to detect early indicators of data exfiltration attempts on top of our existing leading capabilities to detect ransomware attacks on both structured and unstructured data, we’re making enterprise data even safer. Storage is the last line of defence to protect our customers’ most valuable asset—data—and we are constantly innovating on top of the most secure storage on the planet.”
Key cyber-resilience updates from NetApp include:
- NetApp Ransomware Resilience: Formerly called the NetApp Ransomware Protection service, NetApp Ransomware Resilience makes protecting and recovering ONTAP workloads from ransomware attacks easier, faster, and more effective without requiring deep security expertise or training. The newly enhanced Ransomware Resilience service helps drive comprehensive, orchestrated, workload-centric ransomware defence across file and block storage all via a single control plane.
- Data Breach Detection: NetApp Ransomware Resilience now includes data breach detection, an AI-driven capability that identifies anomalous user and file system behaviors that are early indicators of potential data exfiltration and thus a breach attempt. Upon identification, Ransomware Resilience automatically alerts the customer via their security information and event management (SIEM) solution, arming them with forensics to enable decisive and swift action. By proactively identifying breaches, NetApp customers can block further unauthorised transfer of sensitive data, stopping cyber threats before they can cause extensive unauthorised data exposure.
- Isolated Recovery Environments: NetApp Ransomware Resilience is also introducing isolated recovery environments to ensure safe and malware-free workload recovery. An isolated recovery environment utilises deep and proprietary AI-powered scanning to precisely identify maliciously impacted data and the point at which it was modified. Ransomware Resilience then guides the customer through the workload restoration process for a fast and easy malware-free recovery of the most recent safe data, preventing reinfection.
These enhancements extend NetApp’s existing leadership in cyber resilience, complementing existing capabilities such as AI-powered detection built directly into ONTAP. The award-winning NetApp ONTAP Autonomous Ransomware Protection with Artificial Intelligence (ARP/AI)—which now fully supports data stored in both file and block protocols—has demonstrated 99 percent detection of tested, advanced full-file encryption ransomware attacks with zero false positives in external testing and validation, indicating a strong ability to operate in a business context without contributing to alert fatigue.
“NetApp embraces a secure-by-design approach that positions its storage solutions not just as a last line of defence against cyber threats, but also as an early line of defence,” said Philip Bues, Sr. Research Manager, Cloud Security and Confidential Computing at IDC. “As malicious actors continue to evolve, adding techniques such as double extortion to their ransomware attack patterns, today’s announcements show that NetApp is keeping pace to back up its claim as one of the industry’s most secure storage platforms. The new data breach detection capability gives enterprises a critical advance warning enabling them to stop and respond to cyber threats before they impact the business. It demonstrates that NetApp is more than a storage company, it is an invested, trusted partner that is addressing the most pressing priorities of its customers.”
Today, NetApp announced other updates across its portfolio including enhanced AI capabilities which deliver on the company’s AI vision by unifying high-performance storage and intelligent data services into a secure and scalable offering.
To learn about these updates and others across the NetApp portfolio, visit: https://www.netapp.com/product-updates
At NetApp INSIGHT 2025 in Las Vegas, October 14–16, NetApp will present sessions and demos, showcasing how it is driving transformation across industries. Tune in to the keynote sessions at: https://www.netapp.com/insight/
No ransomware detection or prevention system can completely guarantee safety from a ransomware attack. Although it’s possible that an attack might go undetected, NetApp technology acts as an important additional layer of defence, and our research indicates NetApp technology has resulted in a high degree of detection for certain file encryption-based ransomware attacks.
