Rubrik Automates Data Security With AI Across The Clouds

By Robert Kramer, Patrick Moorhead - December 5, 2023

When I started working in tech decades ago, I quickly learned how challenging it was to ensure data security, governance, compliance, backup and recovery. Data has consistently remained key—twenty years ago and today—making data control and protection imperative. The good news is that data security providers have made great strides as they work to stay ahead of bad actors who would like to compromise enterprise data. Even better, these vendors are now improving their offerings with AI.

One of the companies that has made significant advancements in all of these areas—most recently AI—is Rubrik, which offers a cyber resilience suite that now encompasses both proactive cyber posture and after-the-fact cyber recovery. Rubrik’s solutions are designed to keep cyberattacks from causing significant business impact, with a focus on backups, data protection, threat analytics and cyber recovery across enterprise infrastructures, cloud environments and SaaS applications.

Note that although Rubrik is a client of Moor Insights & Strategy, this article contains our independent analysis of the company, and no one at Rubrik was given final approval over it.

Rubrik’s Background, Offerings And Markets

Before we get to the company’s advances in AI, let’s cover some background. Rubrik, which is headquartered in Palo Alto, California, was founded in January 2014. Since then, it has expanded to more than 3,000 employees and achieved $600 million in recurring annual subscription revenue. Rubrik’s growth has established it as a leader in enterprise backup and recovery, and it now ranks ninth among Forbes’ top 100 private cloud companies.

Rubrik Security Cloud components
Rubrik

The company’s solutions address the specific needs and concerns of global enterprises, with continuous monitoring to guard against being compromised. The Rubrik Security Cloud architecture places a strong focus on four main areas: data protection, threat analytics, security posture and cyber recovery. For data protection, Rubrik creates secure backups and defends against threats such as ransomware. Threat analytics detects anomalies and identifies potential compromises in backups. Rubrik enhances data security posture by using a unified command center to control user access and reduce sensitive data exposure. Lastly, cyber recovery stresses threat containment once a problem has been identified, along with proactive simulations to validate cyber recovery workflows so data can be recovered in an orderly way post-incident.

Rubrik’s backbone for its offerings is a zero trust data security architecture. This framework, influenced by the National Institute of Standards and Technology zero trust model, is anchored by a unique file system from Rubrik that doesn’t expose backup data via open network protocols. The company also automatically encrypts cloud storage and backups; better, it stores the data in an immutable format, which is a feature not offered by all backup providers.

These capabilities address a range of use cases across different industries. In the healthcare sector, organizations use Rubrik to safeguard and retrieve sensitive EHR patient data. Financial service firms enhance customer data protection to automate workflows (eliminating manual tasks to allow faster response times), defend against ransomware attacks and ensure adherence to stringent data regulations such as GDPR. Government agencies also employ Rubrik for secure data management; its security cloud is designed to comply with standards such as CJIS, FedRAMP, StateRAMP, PERPA and the Department of Defense’s Cloud Computing Security Requirements Guide.

Rubrik’s AI capabilities
Rubrik

Bringing AI To Data Security

Rubrik has embraced AI-driven technologies, including a new AI assistant called Ruby. Built on Microsoft’s Azure OpenAI Service, Ruby is part of Rubrik’s strategy to use AI to improve customer organizations’ response to cyber threats, especially by making it easier for IT personnel—even ones without cybersecurity knowledge—to identify real threats and respond to them quickly. Rubrik says that Ruby incorporates expertise based on best practices the company has developed working with thousands of customers. Whenever Rubrik detects an indicator of compromise, Ruby notifies security staff and uses its interactive chat interface to guide them through the necessary steps to understand and counteract the threat.

In essence, Ruby brings the recent wave of AI-driven “copilot” functionality to the cybersecurity space. My colleagues at Moor Insights & Strategy have analyzed this type of functionality as it has been introduced at Microsoft, Google, Oracle, Intuit, Zoom and more, so it’s no surprise to see it deployed for enterprise security functions, too. In fact, cybersecurity moves so quickly that an interactive AI assistant may be especially welcome for overtaxed security operations professionals. Time will tell.

Ruby builds on the years of work in machine learning that underlie Rubrik’s Data Threat Engine. This approach detects suspicious data activities such as unusual deletions, modifications and encryptions while reducing false positives and false negatives. Rubrik has also built SentryAI, an in-house AI engine, to analyze customer telemetry data. This enables the company’s customer support teams to offer proactive, personalized recommendations for each customer.

Rubrik Expands Its Footprint Via Acquisition And Partnerships

Rubrik acquired Laminar, a data security posture management platform, in August 2023. Combining Laminar with Rubrik’s existing offerings should provide organizations with additional visibility for their data across all environments to prevent cyberattacks, expand their security posture beyond traditional network and endpoint protection and effectively defend against sophisticated cyber threats.

To broaden its customer reach, Rubrik also partners with leading technology companies including Microsoft, NetApp, Cisco, AWS and Pure Storage. Among other things, these partnerships offer security for hybrid Azure environments, integration with Microsoft 365 Backup, protection across AWS and automated data management using NetApp APIs. Additionally, Rubrik provides automated data protection for platforms such as Oracle and VMware. Rubrik’s recent partnership with Aon further expands its data protection solutions, giving Rubrik customers access to Aon cyber resiliency services and Aon clients access to the Rubrik Security Cloud.

Competitive Landscape

Rubrik faces competition from several significant players in the data protection sector. These competitors, including Cohesity, Veeam, Commvault, Veritas, Dell EMC, IBM, NetApp, AWS, HYCU and Azure, offer a diverse array of solutions, covering backup and recovery, data security, data resiliency, data observability and data governance.

Within this competitive arena, Cohesity stands out for its emphasis on hyper-converged data protection, closely mirroring Rubrik’s specialization. Veeam offers wide-ranging backup and recovery solutions, while Commvault boasts an expansive data protection suite. Dell EMC has a range of backup and recovery tools, whereas NetApp, predominantly known for storage, extends to data management and protection as well. Veritas, known for its data security solutions such as NetBackup, and HYCU both continue to play significant roles in the data protection industry. IBM Security, which has an expansive ecosystem, is also a substantial player in this domain. When considering vendors in this sector, I suggest evaluating product offerings, market influence, customer reviews and fiscal strength to identify the optimal fit for your organization or sector.

Occasionally, I prefer using a traditional SWOT (strengths, weaknesses, opportunities, threats) analysis to better understand goals and objectives. In businesses where I’ve worked, SWOTs have been instrumental in identifying current or potential problems, helping understand areas that require improvement, or showing how to be more efficient with processes or resources. As I perform an abbreviated SWOT analysis of Rubrik, I see that it faces notable challenges in the competitive cloud data management market, contending with other established firms that can threaten its market position. A potential weakness could be perceived in the complexity of its technology, which may require additional training or support for customers and prospects. Rubrik not having a strong focus on its solutions’ integration with on-premise ERP system data could limit its future application scope and be seen as a weakness. The company must continually innovate to keep pace with rapid technological changes and diverse regional data protection laws, threats that could shape its operational strategies.

However, these challenges also present opportunities. By establishing additional strategic technology partnerships, particularly with ERP vendors, Rubrik could enhance its market presence at the same time it capitalizes on emerging markets’ adoption of digital technologies. While Rubrik addresses its threats and weaknesses, it also has significant opportunities for expansion.

My Take

Rubrik has grown to become one of the key players in the data security market, which is expected to reach $215 billion in 2024. The company is prioritizing data protection through its Security Cloud with a multi-tiered protection model. The Ruby AI assistant appears promising and aligns with the growth needs of the data security market. Many companies have launched AI products early to keep up with competitors and market demands. It remains to be seen whether Ruby was released at the right time after thorough testing, or if it was rushed to market due to these pressures.

The growth of Rubrik through acquisition and its partner program is noteworthy, as it enables the company to expand its offerings and give customers access to complementary technologies. Rubrik’s subscription-based pricing is in line with industry standards, offering customers flexibility. As Rubrik continues its growth path, competitors will undoubtedly intensify their efforts. I am keen to see how Rubrik continues with its vision to meet the ever-changing demands of data security.

Robert Kramer
VP & Principal AnalystatMoor Insights & Strategy| + posts

Robert Kramer is vice president and principal analyst covering enterprise data, including data management, databases, data lakes, data observability, data analytics, and data protection. Robert has over 30 years of proven experience with startups, IT companies, global marketing, detailed strategies, business modeling, and planning, working with enterprise companies, GTM assets, management, and execution.

Patrick Moorhead
+ posts

Patrick founded the firm based on his real-world world technology experiences with the understanding of what he wasn’t getting from analysts and consultants. Ten years later, Patrick is ranked #1 among technology industry analysts in terms of “power” (ARInsights)  in “press citations” (Apollo Research). Moorhead is a contributor at Forbes and frequently appears on CNBC. He is a broad-based analyst covering a wide variety of topics including the cloud, enterprise SaaS, collaboration, client computing, and semiconductors. He has 30 years of experience including 15 years of executive experience at high tech companies (NCR, AT&T, Compaq, now HP, and AMD) leading strategy, product management, product marketing, and corporate marketing, including three industry board appointments.