N-able Expands Anomaly Detection to Thwart Identity-Based Backup Attacks
Event summary
- N-able has added real-time alerting for unauthorized backup policy changes to its Cove Data Protection platform.
- The feature targets identity-driven attacks that manipulate backup settings before deploying ransomware.
- 88% of basic web application breaches involved stolen credentials per Verizon's 2025 report.
- The update builds on last year's Honeypots feature for detecting brute-force attacks.
The big picture
The update addresses a growing trend of attackers targeting backup systems using stolen credentials, which can remain undetected for weeks. This represents an evolution in ransomware strategies that now focus on disabling recovery options before launching attacks. The feature positions N-able to compete in the increasingly critical backup security space, where proactive monitoring is becoming essential for data resilience.
What we're watching
- Attack Evolution
- How attackers will adapt their tactics as anomaly detection improves in backup systems.
- Market Differentiation
- Whether N-able can sustain competitive advantage with proactive backup monitoring features.
- Adoption Pace
- The pace at which enterprises will implement real-time backup policy monitoring.
Related topics