Highlight Threats and Reduce Risk With Veeam Threat Center

The Veeam Data Platform is continuously evolving to provide users with the tools they need for ultimate data protection. It provides a holistic solution for backups, including monitoring and orchestration capabilities that help ensure compliance and cyber resilience.

One major aspect of Veeam Data Platform is the monitoring capabilities powered by Veeam ONE. By using Veeam ONE, you get access to monitoring, reporting, and alerting for both your virtual and backup infrastructure. Veeam ONE’s powerful data collection engine organizes key metrics in your infrastructure to provide insight into performance, resource usage, capacity planning, and bottlenecks. These metrics allow business leaders and IT administrators to make better decisions based on how their machines are performing and meeting the demands of their customers.

Continuous monitoring of our IT infrastructure for suspicious activity is the key to maintaining cyber resilience. Through innovating Veeam ONE’s data collection capabilities, it can now provide deeper insights into security gaps and improvements needed to help strengthen your environment. With cyberthreats consistently trying to target backup environments, it was only a matter of time before the ultimate dashboard was created in Veeam ONE. Enter the Veeam Threat Center Dashboard, which was created to help strengthen your backup infrastructure. Through this comprehensive view of your environment, you can see how your environment checks up with security best practices, compliance requirements, and recovery health.

There are four parts to Veeam Threat Center: The Data Platform Scorecard, Malware Detection Map, service level agreement (SLA) Compliance Overview, and recovery point objective (RPO) anomalies. Veeam Threat Center immediately shows you where there are gaps in your security and data protection policies so you can remediate and fix them appropriately.

Remediate and Fix Vulnerabilities Fast Through the Global Scorecard

The Data Platform Scorecard contains four different areas that add up to an overall protection score. This view is going to show us our “homework”, including how we can secure environments more diligently according to best practices and data protection requirements.

The first percentage that’s listed is the platform security compliance score. This score shows the results of the security check performed in Veeam Backup & Replication. When the security check is performed, the tool will check your current configuration and provide best practices and guidelines from data protection and cybersecurity experts. The lower your score, the more vulnerable and exposed your backup infrastructure is to a cyberattack and the lower the chance is of a successful recovery. The results of this check provide a list of improvements that need to be implemented to reduce risk and strengthen your environment. For more details about what improvements are needed, there is a detailed report that lists all the guidelines so you can easily share what actions need to be taken with your colleagues or key business stakeholders.

The next score is the data recovery health score. This score is based on a malware detection scan that is performed during your backup policy. This process scans your backup data to gather information about suspicious activity and infected objects. This score easily shows us that not all the backup restore points are healthy, and some machines are experiencing activity that could be a sign of malware. Similar to the security and compliance score, there is an accompanying report that can show you which restore points are experiencing malware anomalies.

The data protection score is the result of meeting your RPOs. Meeting your RPOs ensures you meet the data loss tolerance of a business process or organization in general. This is the foundational metric for building a disaster recovery (DR) strategy. This score correlates with the RPOs set for the business and checks to see if your workloads are meeting them.

The last measure on this scorecard is your backup immutability status. It is important that you have an immutable copy of your backups to keep a copy safe from being modified or deleted.

At a glance, you can see that 20 out of the 33 workloads being protected in this environment are not in compliance. Depending on your organization’s requirements, this could help identify some gaps within your data protection strategy that need to be reconfigured.

Map and Locate Potential Threats Globally for Quick Decision-Making

The malware detection map shows you which aspect of your backup infrastructure is experiencing malware anomalies. If an attack occurs, the map will highlight the location where the activity is happening and identify affected restore points. This map is based on the malware scanning that is automatically configured to happen during the backup job.

By monitoring this window, you can identify and isolate infected items to help mitigate the spread of an attack. If you need more details on your infected workloads and restore points, you can run the malware detection report. This will provide you with critical information, including timestamps of when the antivirus scan identified the suspicious activity, which workload experienced the activity, how many restore points are included in your backup policy, and which restore points have been marked as suspicious or infected. This helps you differentiate between compromised and clean data.

Easily Monitor SLA Compliance

The SLA compliance overview analyzes protected job policies and the workloads to make sure you’re meeting the SLAs defined by your business. It provides a heatmap view of your backup policies and makes sure the workloads included in them meet retention requirements in order to identify any protection gaps.

Identify Missed RPOs

The RPO anomalies chart shows which objects in your infrastructure miss the defined RPO period. This can help you identify which parts of your infrastructure are susceptible to data loss when a disaster happens. To get more details about these workloads, you can run any of the protected virtual machines (VMs), files and objects, cloud workloads, or agent reports to identify which machines were not backed up due to error or weren’t backed up yet due to recent onboarding.

Monitor Risk and Recovery Compliance With the Veeam Data Platform

These four features make up Veeam Threat Center and provide you with a complete and comprehensive view of your entire data protection landscape. The dashboard allows you to visualize what areas of your infrastructure are susceptible to a cyberattack, thus allowing you to remediate and fix any gaps in your environment in real time. By collecting these different data points about your product configuration you can take the necessary steps to implement best practices and guidelines. This feature is available as part of both the Advanced and Premium editions of Veeam Data Platform, providing a seamless experience for Veeam Backup & Replication, Veeam ONE, and Veeam Recovery Orchestrator (Orchestrator).

The Veeam Threat Center dashboard that’s available within Orchestrator allows users to monitor risk while working with orchestration plans.

Veeam Backup & Replication now provides at-a-glance views of your environment with the help of monitoring capabilities through Veeam Threat Center and additional dashboard views like heatmaps and jobs calendar.

This is just the start of Veeam Data Platform, which can provide users with even more ways to their improve data protection and security posture, especially when it comes to backup infrastructure.


Veeam Data Platform 23H2 Update
Free trial
Veeam Data Platform
23H2 Update
We Keep Your Business Running

Stay up to date on the latest tips and news
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam’s Privacy Policy
You're all set!
Watch your inbox for our weekly blog updates.