RSAC 2026: Cohesity Enhances Cyber Resilience with Next-Generation Malware Scanning Powered by Sophos

Cohesity, a player in AI-powered data security, announced the availability of next-generation malware scanning powered by Sophos, integrated natively into Cohesity Data CloudCohesity Data Cloud is the first and only data security platform to embed next-gen antivirus malware detection alongside advanced threat intelligence feeds, enabling organizations to detect malware that bypasses primary defenses and validate clean recoveries after cyberattacks.

As ransomware and supply-chain attacks grow more sophisticated, malware is increasingly present in backup data, creating the risk of reinfection during recovery. Cohesity’s Sophos-powered scanning detects zero-day, polymorphic, and fileless threats that evade signature-based tools. The feature is included with Cohesity Data Cloud Enterprise Edition and does not require a separate Sophos license.

“Cyber resilience is a team sport, and our focus is on delivering the best outcomes for customers by bringing together the strongest technologies regardless of who developed them,” said Vasu Murthy, CPO, Cohesity. “By deeply integrating market-leading Sophos next-gen malware detection into Cohesity Data Cloud, we’re giving customers a single, seamless experience that helps them uncover hidden threats in backup data and recover with confidence.”

The Sophos-powered engine uses signature-based detection, heuristic analysis, and file emulation techniques to inspect backups in three scenarios: during routine backups, before restoration, and after indicators of compromise (IOCs) or YARA-based matches are detected.

Incremental scanning of newly ingested data minimizes operational overhead while maintaining visibility into backup integrity. Triggered and pre-restore scans validate trusted recovery points when risk is identified. The result is deep, snapshot-level inspection far beyond approaches that rely solely on metadata.

Sophos X-Ops draws on one of the industry’s most extensive threat intelligence networks, spanning tens of millions of endpoints and hundreds of thousands of firewalls globally, using AI-powered classification to continuously sharpen detection of known and emerging malware families.

“Attackers are sophisticated. They have proven time and again that no environment is off limits, including what was once considered the safe haven of backup and recovery systems,” said Simon Reed, CSO, Sophos. “By embedding Sophos’ deterministic and ML-based detection into Cohesity’s platform, Sophos is helping customers reduce reinfection risk and recover with confidence.”

Key benefits of the new Sophos-powered malware scanning include:

• Advanced threat detection: Identifies known, unknown, and zero-day threats through heuristic and behavioral analysis
• Operational efficiency: Always-on incremental scanning, with automated scans triggered by IOC or YARA-based detections
• Clean recovery assurance: Pre-restore inspection to prevent reinfection and reduce recovery risk
• SOC integration: Shares scan results with SIEM and SOAR tools for centralized visibility and response

The addition of Sophos next-generation malware scanning further differentiates Cohesity as a leader in incident response and recovery, delivering one of the industry’s most comprehensive data security platforms.