Business
Commvault Connects AI Threat Detection, Investigation, and Trusted Recovery with Microsoft Security
Integrations with Microsoft Sentinel and Microsoft Security Copilot Designed to Strengthen Customers' Cyber Resilience OperationsTINTON FALLS, N.J., March 23,
About this update from Commvault Systems, Inc.
[{"type":"text","content":"Integrations with Microsoft Sentinel and Microsoft Security Copilot Designed to Strengthen Customers' Cyber Resilience OperationsTINTON FALLS, N.J., March 23, 2026 /PRNewswire/ -- Commvault (NASDAQ: CVLT), a leader in unified resilience at enterprise scale, today announced an expanded integration with Microsoft Security to better connect threat detection with trusted recovery. The new integration uses Microsoft Sentinel, Microsoft Security Copilot, and the Commvault Cloud platform to streamline resilience operations (ResOps) and enable real-time data insights, helping organizations move quickly from identifying a threat to validating and restoring clean data faster with greater confidence.\n \n \n \n \n \n \n \nThis new integration enables coordinated workflows between security and recovery teams. Security alerts from Commvault Cloud are ingested into Microsoft Sentinel data lake where security operations center (SOC) analysts can enrich these incidents with partner intelligence to access impact and validate scope. In the coming quarters, these insights can drive automated, policy-based recovery workflows to accelerate and orchestrate clean recovery.As part of this announcement, Commvault is delivering integrated capabilities that bridge the gap between threat detection and trusted recovery.Modernized Microsoft Sentinel Connector: Streams alerts and signals generated by Commvault Cloud Threat Scan and Risk Analysis, including malware detections, backup anomalies, and sensitive data exposure, into Microsoft Sentinel in real time. This provides security teams with visibility into backup-related risks alongside broader threat intelligence and helps organizations identify ransomware patterns earlier while incorporating backup telemetry into existing SOC workflows.Commvault's Investigation Agent in Security Copilot: Specifically designed for cyber recovery investigations, Commvault's Investigation Agent in Microsoft Security Copilot autonomously analyzes suspicious activity and uses Commvault's recovery-layer intelligence to determine scope including impacted hosts, anomalous encryption patterns, and validated restore points. By correlating these insights with broader Microsoft security signals, it can help eliminate manual coordination between security and backup teams while reducing mean time to clean recovery (MTCR).\"This isn't j...