Skip to content
Data Protection, Metallic, Ransomware

Commvault expands its security offerings with new detection technology

I’m excited to share that Commvault has acquired TrapX, a cyber deception firm, to enhance Commvault customers’ capability to proactively detect, defend, and recover from unknown threats.


Editor’s note: This post was originally published in January 2022. Since then, TrapX’s deception technology has been integrated into our data security and resilience platform, enhancing how we help customers secure, defend, and recover from threats. Learn more about threat detection with Threatwise.


More than a decade ago, Sanjay and I were part of the leadership team that led RSA Security through one of the most high-profile nation-state breaches of our time – one we wouldn’t wish on our worst enemies. Unfortunately, as we’ve seen over the past two years, attacks like this have become mainstream in the form of ransomware and they are more frequent, sophisticated, and detrimental to businesses than ever before. And while a well-implemented data protection system or service, with capabilities like air-gapping and built-in security controls, is the last line of defense for a company, we at Commvault know that early detection is the difference between a close call and a disaster. That’s why I’m excited to share that Commvault has acquired TrapX, a cyber deception firm, to enhance Commvault customers’ capability to proactively detect, defend, and recover from unknown threats, as announced in our FY22 Q3 earnings call.

Protecting the crown jewels from the known and the unknown

Data is the crown jewel of your business, and it’s what the bad actors are after. Data protection has always been core for business continuity and compliance, as well as cost control and productivity. Now, the conversation with our customers has expanded from one of IT operations and infrastructure, to a matter of security, with IT and Security teams converging on their strategies. With the staggering rise in cyberattacks, the immense pressure to support a work-from-anywhere workforce, and the need to navigate increasingly complex hybrid environments, the pressure is on to achieve comprehensive security across all layers of the tech stack. This requires a much more active and expanded set of data management services than most companies currently have in place.  

At Commvault and Metallic, we know how critical it is to put the right measures in place to safeguard your data. It’s difficult enough to navigate threats that are known, but what about threats that are hidden until it’s too late? Customers need to detect and protect against the threats they see, as well as the ones they are blind to. All security experts agree – defenses will be breached. It’s how quickly you know about it and what you do next that matters.

Data security – with a side of SaaS

Cyber deception has emerged as a vital piece in layered cybersecurity strategies, offering sophisticated tools that detect and divert attacks before they cause harm. We believe this new acquisition will set Commvault apart as the only vendor in our industry to offer customers active data management capabilities that are integrated with their security investments.

The new capabilities we’re integrating into our portfolio are just the next step in the laser focus we have on building and delivering differentiated data security services, including our Metallic SaaS offerings. These include Metallic Cloud Storage Service, designed for air-gapped ransomware protection, as well as Security IQ, which helps Metallic customers stay ahead of evolving threats with advanced security tools and insights. In addition, Metallic has achieved FedRAMP High In Process – In PMO Review the only solution in our space to meet all 420 security controls required.

We know that companies need the simplified management and reduced infrastructure that smart SaaS solutions can deliver. We’re looking forward to leveraging this new technology to bring the next SaaS-delivered data security service to market with availability later this year. We want our customers to rest easy knowing we have their data covered – beyond any buzz words of zero trust, immutability, or warranties on recoverability.

What Happened After the TrapX Acquisition   

Since welcoming TrapX to the Commvault family in 2022, we’ve advanced our security and resilience offerings in several ways:   

  • Deception technology integration: TrapX’s cyber deception tools were integrated into Commvault’s security platform, giving organizations earlier threat detection and visibility.   
  • Expanded threat response: These capabilities complement Commvault’s data protection, helping customers accelerate response and reduce dwell time when attacks occur.   
  • Stronger cyber resilience: The TrapX acquisition laid the foundation for ongoing innovation in cyber deception, insider threat detection, and proactive defense strategies within our portfolio.   

Today, these advancements form a core part of Commvault’s mission: empowering organizations to secure, defend, and recover their data with confidence.    

Learn more about our Commvault Cloud platform to see how we continue to evolve.

More related posts


Thumbnail_Blog-Hoping-to-Certainty-2025-Linkedin

From Hope to Certainty: Cracking the Code to Recovery from Cyberattacks

Read more about From Hope to Certainty: Cracking the Code to Recovery from Cyberattacks
Thumbnail_Blog-Threathwise-2025-Linkedin

Protecting Against the Threats of Tomorrow: How to Implement Early Warning Signals

Read more about Protecting Against the Threats of Tomorrow: How to Implement Early Warning Signals
Thumbnail_Blog_Clumio-Apache-Iceberg-on-AWS

Closing the Gap in Data Lakehouse Protection: Clumio for Apache Iceberg on AWS

Read more about Closing the Gap in Data Lakehouse Protection: Clumio for Apache Iceberg on AWS