Skip to main content

Veeam App

Download With Dependencies

The Veeam Apps allow Veeam Data Platform Advanced and Premium customers to combine the automation and orchestration features of the Cortex product suite with a simple and powerful Veeam Data Platform that goes beyond backup providing businesses with reliable data protection, seamless recovery, and streamlined data management.

Overview

Secure backup is critical to your cyber resilience. Veeam Data Platform provides comprehensive capabilities to extend the principles of Zero Trust to data backup and recovery including Proactive Threat Hunting, Immutability Everywhere, and Secure Access.

Using the data received from Veeam Backup & Replication and Veeam ONE REST APIs, the app creates custom incidents related to malware detection and the health state of the backup infrastructure components. These incidents can be managed through the built-in Veeam Incident dashboard and resolved manually or automatically with built-in Veeam playbooks.

The content pack includes:

  • Veeam Incident Dashboard: an overview of all API activities and incidents handled by the Veeam App
  • Leverage custom incident types and fields related to malware detection and the health state of the backup infrastructure components
  • Predefined incident classifiers and incoming mappers for incident types
  • Ingestion of the most important security alerts and detections:
    • Configuration Backup State
    • Malware Detection
    • Backup Repository State
    • Triggered Alarm
  • Predefined playbooks to remediate incidents:
    • Start configuration backup
    • Start Instance VM Recovery manually
    • Start Instance VM Recovery automatically
    • Resolve alarms triggered by Veeam ONE

Documentation

Veeam Helpcenter User Guide

Screenshots

The XSOAR Dashboard

Veeam - Start Instant VM Recovery Automatically

Overview

Secure backup is critical to your cyber resilience. Veeam Data Platform provides comprehensive capabilities to extend the principles of Zero Trust to data backup and recovery including Proactive Threat Hunting, Immutability Everywhere, and Secure Access.

This app allows Veeam Data Platform Advanced and Premium users to monitor various security activities in their Veeam backup infrastructure and use leverage pre-defined automation playbooks via REST API for:

  • Veeam Backup & Replication
  • Veeam ONE

Monitoring:

The app gets information from the event forwarding capabilities via syslog servers integrated with Veeam Backup & Replication and Veeam ONE, parses the data and displays it on the Veeam Data Platform Monitoring dashboard. For events and alarms with Medium, High and Critical severity, the app displays them on the Veeam Security Activities dashboard.
It includes:

  • Built-in dashboards to monitor job statuses and security activities on a daily basis.
  • Built-in reports.
  • Multiple data source support.

Information:\
The Monitoring Dashboards and data processing will become available at the marketplace after pending Cortex XSIAM platform updates have been implemented. To manually download and import the dashboards, reports, and correlation rules please follow this link.

Automation:

Using the data available in Palo Alto Networks Cortex XSIAM you can leverage built-in Veeam playbooks such as:

  • Start configuration backup
  • Start Instance VM Recovery manually
  • Start Instance VM Recovery automatically
  • Resolve alarms triggered by Veeam ONE

Documentation

Veeam Helpcenter User Guide for XSIAM Monitoring

The documentation also includes examples of correlation rules for Veeam security activities.

Veeam Helpcenter User Guide for XSOAR Automation

Screenshots

The Security Dashboard

The Monitoring Dashboard

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByPartner
CreatedSeptember 4, 2024
Last ReleaseDecember 18, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.