TINTON FALLS, NJ – May 12, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced a strategic alliance with Deloitte. Together, Commvault and Deloitte aim to help organizations stay ahead of evolving threats by becoming more resilient, enabling the enterprise of the future.
In today’s digital landscape, there is an urgent need for incident response and comprehensive cyber resilience strategies. In fact, in Deloitte Global’s Future of Cyber 4th edition survey, 43% of US respondents cited keeping pace with the evolving threat landscape as one of the top strategic challenges to contend with. The escalating sophistication and frequency of cyber threats necessitates that enterprises adopt end-to-end cyber resilience measures to safeguard critical assets and maintain operational integrity.
By integrating Commvault’s advanced cyber resilience solutions with Deloitte’s cyber defense and response capabilities and breadth of industry experience, the alliance offers joint clients broad capabilities for cyber threat management, encompassing proactive prevention, detection, response, and recovery.
Commvault and Deloitte are working together to help businesses maintain operational continuity before, during, and after a cyber incident.
Before an attack: Commvault and Deloitte assist organizations in understanding and defining their minimum viability – the critical set of applications, assets, processes, and people required to operate their business following an attack or outage. Once defined, Commvault’s Cleanroom Recovery can assist enterprises in assessing their minimum viability and testing their recovery plans in advance, so they know when they’re attacked, they can rapidly recover.
During an attack: Deloitte’s cyber risk services combined with Commvault’s AI-enabled anomaly detection capabilities help joint clients identify and mitigate potential threats before they escalate.
Post-attack: Deloitte’s incident response capabilities combined with the Commvault Cloud platform – which includes unique resilience offerings like Cloud Rewind, Clumio Backtrack, and Cleanroom Recovery, help organizations quickly recover, minimize downtime, and operate in a state of continuous business.
“Our strategic alliance with Deloitte represents a significant advancement in cyber resilience,” said Alan Atkinson, Chief Partner Officer at Commvault. “By combining Commvault’s cyber resilience technologies with Deloitte’s deep technical knowledge in cyber detection and response, we are creating a formidable defense for our joint customers against today’s most sophisticated cyber threats.”
This collaboration is designed to scale with the evolving needs of enterprises, offering adaptive solutions that protect businesses as they grow. With deep industry experience, Commvault and Deloitte bring specialized insights to help enhance both protection and recovery efforts, aiding organizations to navigate cyber threats with confidence.
“In an era where cyber threats are more pervasive than ever, our collaboration with Commvault aims to advance cyber resilience for our joint clients,” said David Nowak, Principal, Deloitte & Touche LLP. “Together, we are offering a strategic and broad solution that not only helps our clients fortify their defenses but also helps with recovering from outages and cyberattacks.”
To learn more about how Commvault and Deloitte are helping clients achieve end-to-end cyber resilience, visit: www.commvault.com/deloitte.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting.
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
Tinton Falls, N.J. – April 29, 2025 – Commvault [Nasdaq: CVLT] today announced its financial results for the fourth quarter and fiscal year ended March 31, 2025.
“It was a record-breaking year at Commvault,” said Sanjay Mirchandani, President and CEO. “Commvault surpassed all key metrics, ended the year with over 12,000 subscription customers, and is firmly positioned as a growth company with subscription revenue up 45% in Q4. We continue to deliver cloud-first innovations that solve a hard problem for customers – strengthening their cyber resilience.”
Fiscal 2025 Fourth Quarter Highlights –
Total revenues were $275 million, up 23% year over year
Subscription revenue was $173 million, up 45% year over year
Income from operations (EBIT) was $27 million, an operating margin of 9.7%
Non-GAAP EBIT1 was $59 million, an operating margin of 21.5%
Operating cash flow was $77 million, with free cash flow1 of $76 million
Fourth quarter share repurchases were $30 million, or approximately 182,000 shares of common stock
Fiscal 2025 Full Year Highlights –
Total revenues were $996 million, up 19% year over year
Total annualized recurring revenue (ARR)2 grew to $930 million, up 21% year over year
Subscription revenue was $590 million, up 37% year over year
Subscription ARR2 grew to $780 million, up 31% year over year and represents 84% of Total ARR
Income from operations (EBIT) was $74 million, an operating margin of 7.4%
Non-GAAP EBIT1 was $210 million, an operating margin of 21.1%
Full year operating cash flow was $207 million, with full year free cash flow1 of $204 million
Full year share repurchases were $165 million, or approximately 1,215,000 shares of common stock
On April 17, 2025, our Board of Directors increased our share repurchase program to $250 million
Financial Outlook for First Quarter and Full Year Fiscal 20263–
We are providing the following guidance for the first quarter of fiscal year 2026, based on current macroeconomic conditions:
Total revenues are expected to be between $266 million and $270 million
Subscription revenue is expected to be between $166 million and $170 million
Non-GAAP gross margin is expected to be between 81% and 82%
Non-GAAP operating margin1 is expected to be approximately 21%
We are providing the following guidance for the full fiscal year 2026, based on current macroeconomic conditions:
Total revenues are expected to be between $1,130 million and $1,140 million
Total ARR2 is expected to grow between 16% and 17% year over year
Subscription revenue is expected to be between $727 million and $732 million
Subscription ARR2 is expected to grow between 22% and 23% year over year
Non-GAAP gross margin is expected to be between 81% and 82%
Non-GAAP operating margin1 is expected to be approximately 21%
Free cash flow1 is expected to be between $210 million and $215 million
The above statements are based on current targets using exchange rates as of March 31, 2025. These statements are forward-looking and made pursuant to the safe harbor provisions discussed in detail below. We do not undertake any obligation to update these forward-looking statements. Actual results may differ materially from anticipated results.
Commvault has provided in this press release the following non-GAAP financial measures: non-GAAP income from operations (EBIT), non-GAAP income from operations margin, non-GAAP gross margin, non-GAAP net income, non-GAAP diluted earnings per share, non-GAAP free cash flow, annualized recurring revenue (ARR), subscription ARR and SaaS ARR. This financial information has not been prepared in accordance with GAAP. Commvault uses these non-GAAP financial measures internally to understand, manage and evaluate its business and make operating decisions. Commvault believes that the use of these non-GAAP financial measures, when used as a supplement to GAAP financial measures, provides an additional tool for investors to use in evaluating ongoing operating results and trends, and in comparing its financial results with other companies in Commvault’s industry, many of which present similar non-GAAP financial measures to the investment community. Commvault has also provided its revenues on a constant currency basis. Commvault analyzes revenue growth on a constant currency basis in order to provide a comparable framework for assessing how the business performed excluding the effect of foreign currency fluctuations.
All of these non-GAAP financial measures should be considered as a supplement to, and not as a substitute for, financial information prepared in accordance with GAAP. Investors are encouraged to review the reconciliation of these non-GAAP measures to their most directly comparable GAAP financial measures, which are included in this press release.
Non-GAAP income from operations and non-GAAP income from operations margin. These non-GAAP financial measures exclude noncash stock-based compensation charges and additional Federal Insurance Contribution Act (FICA) and related payroll tax expense incurred by Commvault when employees exercise in-the-money stock options or vest in restricted stock awards. Commvault has also excluded restructuring costs, noncash amortization of intangible assets, litigation settlement, business combination costs, noncash impairment charges, changes in the estimated fair value of contingent consideration, and a gain related to a non-refundable escrow payment associated with assets held for sale from its non-GAAP results. These expenses are further discussed in Table IV. Commvault believes that these non-GAAP financial measures are useful metrics for management and investors because they compare Commvault’s core operating results over multiple periods. When evaluating the performance of Commvault’s operating results and developing short- and long-term plans, Commvault does not consider such expenses.
Although noncash stock-based compensation and the additional FICA and related payroll tax expenses are necessary to attract and retain employees, Commvault places its primary emphasis on stockholder dilution as compared to the accounting charges related to such equity compensation plans. Commvault believes that providing non-GAAP financial measures that exclude noncash stock-based compensation expense and the additional FICA and related payroll tax expenses incurred on stock option exercises and vesting of restricted stock awards allow investors to make meaningful comparisons between Commvault’s operating results and those of other companies.
There are a number of limitations related to the use of non-GAAP income from operations and non-GAAP income from operations margin. The most significant limitation is that these non-GAAP financial measures exclude certain operating costs, primarily related to noncash stock-based compensation, which is of a recurring nature. Noncash stock-based compensation has been, and will continue to be for the foreseeable future, a significant recurring expense in Commvault’s operating results. In addition, noncash stock-based compensation is an important part of Commvault’s employees’ compensation and can have a significant impact on their performance. The following table presents the stock-based compensation expense included in cost of revenues, sales and marketing, research and development and general and administrative ($ in thousands):
The table above excludes stock-based compensation expense related to the Company’s restructuring activities described in Note 6.
The components that Commvault excludes in its non-GAAP financial measures may differ from the components that its peer companies exclude when they report their non-GAAP financial measures. Due to the limitations related to the use of non-GAAP measures, Commvault’s management assists investors by providing a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure. Commvault’s management uses non-GAAP financial measures only in addition to, and in conjunction with, results presented in accordance with GAAP.
Non-GAAP gross margin. Commvault defines this non-GAAP financial measure as GAAP gross margin adjusted to exclude cost of revenues related to noncash stock-based compensation.
Non-GAAP net income and non-GAAP diluted earnings per share (EPS). In addition to the adjustments discussed in non-GAAP income from operations, non-GAAP net income and non-GAAP diluted EPS incorporates a non-GAAP effective tax rate of 24%. Beginning in fiscal 2025, Commvault lowered its estimated non-GAAP effective tax rate from 27% to 24%. Commvault believes that a 24% rate more closely aligns with its effective tax rate expectations over the next few years.
Commvault anticipates that in any given period its non-GAAP tax rate may be either higher or lower than the GAAP tax rate as evidenced by historical fluctuations. The GAAP tax rates in recent fiscal years were not meaningful percentages due to the dollar amount of GAAP pre-tax income. For the same reason as the GAAP tax rates, the estimated cash tax rates in recent fiscal years are not meaningful percentages. Commvault defines its cash tax rate as the total amount of cash income taxes payable for the fiscal year divided by consolidated GAAP pre-tax income. Over time, Commvault believes its GAAP and cash tax rates will align.
Commvault considers non-GAAP net income and non-GAAP diluted EPS useful metrics for Commvault management and its investors for the same basic reasons that Commvault uses non-GAAP income from operations and non-GAAP income from operations margin. In addition, the same limitations as well as management actions to compensate for such limitations described above also apply to Commvault’s use of non-GAAP net income and non-GAAP diluted EPS.
Non-GAAP free cash flow. Commvault defines this non-GAAP financial measure as net cash provided by operating activities less purchases of property and equipment. Commvault considers non-GAAP free cash flow a useful metric for Commvault management and its investors in evaluating Commvault’s ability to generate cash from its business operations. In addition, the same limitations as well as management actions to compensate for such limitations described above also apply to Commvault’s use of non-GAAP free cash flow.
Forward-looking non-GAAP measures. In this press release, Commvault presents certain forward-looking non-GAAP metrics. Commvault cannot provide a reconciliation to the comparable GAAP metric without unreasonable efforts, as certain financial information, the probable significance of which may be material, is not available and cannot be reasonably estimated.
Conference Call Information
Commvault will host a conference call today, April 29, 2025 at 8:30 a.m. Eastern Time (5:30 a.m. Pacific Time) to discuss quarterly results. The live webcast and call dial-in numbers can be accessed by registering under the “News & Events” section of Commvault’s website at ir.commvault.com under the “Investor Events” heading. An archived webcast of this conference call will also be available following the call.
About Commvault
Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
Safe Harbor Statement
This press release may contain forward-looking statements, including statements regarding financial projections, which are subject to risks and uncertainties, such as competitive factors, difficulties and delays inherent in the development, manufacturing, marketing and sale of software products and related services, general economic conditions, outcome of litigation and others. For a discussion of these and other risks and uncertainties affecting Commvault’s business, see “Item 1A. Risk Factors” in our annual report on Form 10-K and “Item 1A. Risk Factors” in our most recent quarterly report on Form 10-Q. Statements regarding Commvault’s beliefs, plans, expectations or intentions regarding the future are forward-looking statements, within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. All such forward-looking statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. Actual results may differ materially from anticipated results. Commvault does not undertake to update its forward-looking statements.
Notes
A reconciliation of GAAP to non-GAAP results has been provided in Financial Statement Table IV included in this press release. An explanation of these measures is also included under the heading “Use of Non-GAAP Financial Measures.”
Annualized recurring revenue (ARR) is defined as the annualized recurring value of all active contracts at the end of a reporting period. It includes the following contract types: subscription (including term license contracts, SaaS and utility software), maintenance contracts related to perpetual licenses, other extended maintenance contracts (enterprise support), and managed services. It excludes any element of the arrangement that is not expected to recur, primarily perpetual licenses and most professional services. Subscription ARR includes only term license contracts, SaaS and utility software arrangements. Contracts are annualized by dividing the total contract value by the number of days in the contract term, then multiplying by 365.
ARR should be viewed independently of GAAP revenue, deferred revenue and unbilled revenue and is not intended to be combined with or to replace those items. ARR is not a forecast of future revenue. Management believes that reviewing this metric, in addition to GAAP results, helps investors and financial analysts understand the value of Commvault’s recurring revenue streams presented on an annualized basis.
Commvault does not provide forward-looking guidance on a GAAP basis as certain financial information, the probable significance of which cannot be determined, is not available and cannot be reasonably estimated. See “Use of Non-GAAP Financial Measures” for additional explanation.
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
TINTON FALLS, NJ – April 28, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced it has won the Outstanding Cyber Resilience award from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine.
This recognition celebrates the Commvault Cloud platform, powered by Metallic AI, for its innovative approach to providing advanced cyber resilience and marks the second consecutive year Commvault has been recognized by the prestigious Global InfoSec Awards program. Commvault was honored with the “Trailblazing Cyber Resilience” Global InfoSec Award during last year’s RSAC Conference.
“We are honored to be recognized by Cyber Defense Magazine for our leadership in Outstanding Cyber Resilience,” said Tim Zonca, VP, Portfolio Marketing, Commvault. “This award underscores our commitment to providing innovative solutions like Commvault Cloud Cleanroom Recovery, empowering organizations to improve readiness and accelerate recoveries in the face of constant cyber threats.”
“Commvault embodies three major features we judges look for to become winners: understanding tomorrow’s threats, today, providing a cost-effective solution and innovating in unexpected ways that can help mitigate cyber risk and get one step ahead of the next breach,” said Gary S. Miliefsky, Publisher of Cyber Defense Magazine.
Judged and independently voted on by CISSP, FMDHS, CEH, and certified security professionals, Commvault received the “Outstanding Cyber Resilience” award for the breadth and depth of its cyber resilience platform with offerings including Cleanroom Recovery, Clumio Backtrack, and Cloud Rewind. The Commvault Cloud platform uniquely enables organizations to protect, test, and rapidly recover their data, applications, and production workloads – whether their data is on-premises, across public, private and hybrid clouds, over SaaS, or in multi-cloud environments – helping ensure they’re able to quickly get back up and running following a disruptive event.
Commvault is thrilled to be a member of this coveted group of winners. See the full list on the Cyber Defense Awards website.
Learn more about Commvault’s award-winning solutions at the RSA Conference
Commvault will be showcasing the latest enhancements to Cleanroom Recovery at RSAC 2025. To learn more and demo the solution, visit booths #N-5678 and #N-4308. Additional information can be found on the Commvault Cloud product page.
About Commvault
Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO
About the Global InfoSec Awards
This is Cyber Defense Magazine’s thirteenth year of honoring InfoSec innovators from around the Globe. Our submission requirements are for any startup, early stage, later stage, or public companies in the INFORMATION SECURITY (INFOSEC) space who believe they have a unique and compelling value proposition for their product or service.
Cyber Defense Magazine is the premier source of cyber security news and information for InfoSec professions in business and government. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products, and services in the information technology industry. We deliver electronic magazines every month online for free, and special editions exclusively for the RSAC Conferences. CDM is a proud member of the Cyber Defense Media Group. Learn more about us at https://www.cyberdefensemagazine.com and visit https://www.cyberdefensetv.com and https://www.cyberdefenseradio.com to see and hear some of the most informative interviews of many of these winning company executives.
TINTON FALLS, NJ – APRIL 28, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced an expanded partnership with CrowdStrike, a global leader in cybersecurity. Together, the companies are delivering a trusted pathway to CrowdStrike’s elite incident response services, supported by Commvault’s recovery expertise — helping organizations worldwide recover faster and stay better prepared for cyberattacks.
Through this expanded partnership, the two companies are delivering coordinated cyber recovery and incident response services to help joint customers improve readiness, respond faster, and achieve cleaner recoveries.
With ransomware attacks happening every 14 seconds¹ and average recovery times spanning 24 days², IT and security teams, as well as system integrators, are looking for vendors who are collaborating and combining best-in-class services and solutions. These efforts not only address what happens before and during an attack but also support recovery when it becomes a critical lifeline for organizations.
“Today’s threat landscape demands more than just security – it requires resilience,” said Alan Atkinson, Chief Partner Officer at Commvault. “Our expanded partnership with CrowdStrike brings together exceptional incident response capabilities from CrowdStrike and leading data recovery and resilience solutions from Commvault to help joint customers identify and quickly address cyber incidents and recover swiftly and effectively.”
“Cyber resilience isn’t just about recovery, it’s about being ready at every stage of an attack,” said Daniel Bernard, Chief Business Officer at CrowdStrike. “Our expanded partnership with Commvault brings together industry-leading threat intelligence, incident response expertise, and robust recovery capabilities to help organizations identify risks faster, recover smarter, and strengthen their overall security posture. In an AI-accelerated world of relentless and sophisticated threats, security and IT teams need to operate as one, and this collaboration helps make that possible.”
Delivering Proactive Preparedness and Rapid Recovery
This expanded partnership delivers a unified suite of services, including CrowdStrike’s elite incident response services and Commvault’s Guardian retainer-based services offerings, which provide readiness assessments, recovery validation, recovery testing, and incident response recovery assistance. For customers, this means:
Faster incident response and recovery: In the event of a cyber incident, CrowdStrike’s real-time threat visibility pinpoints the scope of the attack, while Commvault’s recovery solutions enable rapid restoration. This integrated approach streamlines the incident response process and helps minimize disruption.
Enhanced risk mitigation: Jointly conducted cyber resilience maturity assessments and advanced scenario-based readiness exercises — including continuous recovery testing with Cleanroom Recovery — strengthen cyber resilience.
Unified incident management: Integrated response workflows between Commvault and CrowdStrike enable faster collaboration during crises, accelerating time to resolution for joint customers.
Tailored support and scalability: Commvault’s incident response recovery services provide scalable, subscription-based support tailored to each customer’s specific resilience needs.
Access to industry expertise: Customers benefit from the combined expertise of Commvault and CrowdStrike, with tailored guidance and hands-on support from trusted cybersecurity and recovery professionals.
Today’s announcement builds on existing integrations between Commvault and CrowdStrike, including an integration between Commvault Cloud and the AI-native CrowdStrike Falcon® cybersecurity platform. To learn more about how this integration helps organizations identify malicious activities, run targeted scans, and restore compromised data to a known-good state, click here.
Availability
The unified suite of services aimed at advancing incident response, cyber recovery and resilience, is available today.
Experience Commvault in Action at the RSA Conference
Commvault will showcase these integrated offerings and services during RSAC 2025 from April 28-May 1 in San Francisco. Visit Commvault in the North Hall at Booths #4308 and #5678. Attendees can learn more about the Commvault-CrowdStrike partnership and the Commvault Cloud platform, participate in demonstrations, and engage in discussions with industry thought leaders on how solutions like Cloud Rewind and Cleanroom Recovery can transform their resilience strategies.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
TINTON FALLS, NJ – APRIL 28, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced that Commvault Cloud has achieved GovRAMP Authorized status for its cyber resilience SaaS solutions. This authorization is crucial for state and local government agencies, as well as educational institutions (SLED), enabling them to securely handle critical and sensitive data while supporting rigorous security verification standards.
GovRAMP (formerly StateRAMP) offers a standardized approach for assessing the security posture of cloud products and services utilized by state and local governments and educational institutions. GovRAMP recognizes three verified statuses: Ready, Provisionally Authorized, and Authorized—each representing a milestone in the verification process based on NIST 800-53 Rev. 5 controls and requiring a government sponsor for the latter two.
Achieving GovRAMP Authorized status at a High impact level signifies that Commvault Cloud meets the most rigorous security and risk management standards, demonstrating Commvault’s unwavering commitment to cyber resilience and building trust within the public sector. Commvault Cloud underwent a comprehensive third-party assessment and review by the GovRAMP Program Management Office to earn this status.
This achievement distinguishes Commvault as the only cyber resilience vendor to hold GovRAMP Authorized at a High impact level, FedRAMP High Authorized, and FIPS 140-3 validated status for its SaaS cyber resilience solutions. This unique combination furthers Commvault’s position as a premier cyber resilience and data protection provider for federal, state, local, and educational entities across the United States.
“We’re proud to achieve GovRAMP Authorization, especially when nearly all ransomware attacks (99%) on SLED organizations target backups,1 underscoring the critical need for cyber resilience,” said Michael Carroll, Area Vice President, Commvault. “Being the only vendor to secure GovRAMP Authorized at a High impact level, FedRAMP High, and FIPS 140-3 authorizations demonstrates our unique ability to support the most rigorous security demands of public sector organizations as they accelerate cloud transformations and bolster cyber resilience.”
Achieving GovRAMP Authorization delivers significant benefits for SLED organizations using Commvault Cloud, including:
Enhanced Security: Protects data against breaches and unauthorized access according to the highest security standards.
Verification Assurance: Supports federal and state regulatory requirements, reducing the risk associated with non-compliance.
Organizational Trust and Credibility: Builds confidence among government agencies by adhering to recognized, rigorous security frameworks.
Seamless Adoption: Simplifies the procurement and implementation process for agencies requiring GovRAMP Authorized solutions.
Innovation and Flexibility: Enables SLED organizations to leverage advanced, secure cloud solutions for cyber resilience.
The value of Commvault’s focus on security and resilience is echoed by customers like Phillip Winder, Chief of Information Technology at State of Delaware Department of Corrections.
“Commvault’s cutting-edge solutions have bolstered our cyber resilience capabilities and set a new standard for innovation. Advanced threat detection and rapid response capabilities help ensure that our critical operations remain uninterrupted, even in the face of sophisticated cyberattacks,” said Winder.
“With Commvault, we’ve been able to fortify our cyber defenses and streamline our incident response processes. The continuous monitoring and advanced data security features have been instrumental in preventing disruptions to our operations, allowing us to focus on our core mission,” Winder added.
Commvault Cloud’s GovRAMP Authorized status is available immediately for U.S.-based SLED customers. For more information about Commvault Cloud and Commvault’s commitment to the public sector, please visit the Commvault Government page or read today’s blog.
Learn More about Commvault’s Cyber Resilience Offerings at RSA Public Sector Day
Commvault is an exhibiting sponsor at Carahsoft’s annual RSA Public Sector Day on April 28 during RSAC™ Conference. Register now to meet with Commvault at the Hilton San Francisco Union Square between 11:00 am – 3:00 pm PT.
About GovRAMP
StateRAMP dba GovRAMP is the leading authority on cloud security standards for state and local governments, providing a standardized approach to assessing and authorizing cloud services. GovRAMP empowers government agencies and their vendors to navigate the complexities of cloud security with confidence. Learn more at GovRAMP.org.
About Commvault
Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
TINTON FALLS, NJ – April 28, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced highly differentiated capabilities with its Cleanroom Recovery offering that usher in a new era in end-to-end recovery following cyberattacks.
Studies show that it takes enterprises 24 days, on average, to recover after a cyber incident.¹ Much of that time is not only spent recovering the data, but the infrastructure – databases, applications, and operating systems – that power and run the data. Commvault accelerates the infrastructure recovery process by bringing what’s called “Factory Reset” to the company’s Cleanroom Recovery technology.
With Factory Reset, which is generally available today, after an attack takes place, companies can rapidly restore their infrastructure within a cleanroom, using a pre-defined, validated, clean image, and, unlike traditional resets, offers a customizable recovery point-in-time.
“Commvault Cleanroom Recovery isn’t just about having an isolated environment; it delivers tangible results that impact the business. Previously, recovery could take more than seven hours, causing significant disruption. Today, our Cleanroom environment ensures zero wait time for most applications—services are ready instantly,” said Nate Hauenstein, IT Global Infrastructure & Operations Director, Chart Industries, Inc. “Reducing that downtime so dramatically is critical – it minimizes disruption, protects revenue, and proves the value of investing in advanced, validated recovery solutions like Commvault.”
Commvault Cloud Threat Scan + Cleanroom
Commvault is not just focused on recovering clean infrastructure, but clean data after a cyberattack. This is why Commvault is also bringing its threat scanning capabilities to Cleanroom Recovery. With Commvault Cloud Threat Scan, organizations can scan their recovered data in a cleanroom as another way of making sure their data is clean. This gives security and IT teams an added layer of confidence and can help enterprises remain in a state of continuous business after bad actors strike.
Extending Cleanroom Recovery to Managed Service Providers
As more and more companies determine what’s required to be minimally viable following an attack, managed service providers (MSPs) are also focused on helping enterprises be resilient. Commvault is now extending the power of Cleanroom Recovery to MSPs so that they can offer this technology to their customers.
“One of the key benefits of Cleanroom Recovery is the peace of mind it provides. Our clients know that their data is being handled with the utmost care and precision,” said James Watts, Managing Director, Databarracks. “With these new capabilities, Commvault is delivering a controlled environment with increased accessibility and choice, real-time threat detection that helps minimize the risk of reinfection, and a recovery process that’s as efficient and reliable as possible.”
“We’re thrilled for the new enhancements to Cleanroom Recovery. The integration with Commvault Cloud Threat Scan is a differentiator in the market, offering real-time threat detection and response. Plus, the automated recovery of file shares and the Factory Reset with pave/repave capabilities significantly reduce downtime and help ensure that our clients’ systems are restored to a pristine state,” said Greg Jehs, VP Managed Services, Meridian IT. “Simply put, the continuous innovation and growth around Cleanroom Recovery enables us to provide our clients with the best service possible.”
“The integration of Factory Reset and Threat Scan into Cleanroom Recovery is a testament to the evolving nature of cyber threats and the need for resilience that spans infrastructure and data,” said Matt Bynum, Senior VP, Managed Services, Verinext. “These features will enable us to provide a more robust and comprehensive service, helping us ensure that our clients’ infrastructures are not only restored but also free from any malicious elements.”
Building on a Good Thing
These advancements with Cleanroom Recovery build on previously announced capabilities that empower enterprises to advance resilience. For example, with Cleanroom Recovery organizations have the ability to rapidly and regularly test and, if necessary, retest their cyber recovery plans with ease across their IT infrastructure. Additionally, AI-enabled Cleanpoint™ Validation automatically empowers customers to rapidly identify the last clean recovery point. And, with Cleanroom Recovery, users can customize recovery sequences, so data is recovered in a logical order.
“When we built Cleanroom Recovery, we intentionally architected it as a cloud-native solution to fundamentally change how organizations approach recovery — not just after an incident, but proactively through automated, high-frequency testing,” said Pranay Ahlawat, Chief Technology and AI Officer at Commvault. “Unlike traditional approaches, cloud-based cleanrooms enable customers to spin up multiple isolated recovery environments in parallel, without concerns around compromised firmware or underlying hardware. And we’re not stopping at data recovery — we’re doubling down on infrastructure recovery, automation, and orchestration. As threat actors become more sophisticated, we’re helping our customers stay ahead with aggressive innovation and operational resilience at scale.”
Learn More about Cleanroom Recovery at the RSA Conference
Commvault will be showcasing the latest enhancements to Cleanroom Recovery at RSAC 2025. To learn more and demo the solution, visit booths #N-5678 and #N-4308. Additional information can be found on the Cleanroom Recovery product page.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
TINTON FALLS, NJ – APRIL 16, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, is excited to bring fast, clean, and complete cyber recovery and resilience to RSAC™ Conference 2025, running April 28-May 1 in San Francisco. This year, Commvault is expanding its presence across the city, offering conference attendees multiple and unique ways to experience a new era in cyber resilience and cyber preparedness.
Rewind and Rebuild at Booths #N-5678 and #N-4308
First, RSAC attendees can visit booths #N-5678 and #N-4308 at the Moscone Center and take part in modern and highly interactive demo experiences. Rewind to the future with the Commvault Cloud experience at #N-5678 and demo the full Commvault Cloud platform at #N-4308. From Cleanroom Recovery and Air Gap Protect to Clumio Backtrack, Threat Scan and Risk Analysis, attendees will learn how Commvault delivers the fastest, most complete cyber resilience.
Mission: Recoverable at the Alloy Collective | April 29-May 1
Next, take a short walk from the Moscone Center to the Alloy Collective to experience the harrowing challenges of living through a high-fidelity cyberattack via the Commvault® Recovery Range™, powered by SimSpace. Recovery Range, making its debut at RSAC, is the first hands-on cyber range that enables CSOs, CISOs, CIOs, and security & IT operators to not only battle sophisticated cyber threats and real-world attacks but also gain the critical skills required to navigate and rapidly recover from these cyber crises. Think you have what it takes to save your organization while racing against the clock? Now’s the time to find out! Space is limited, register today for one of the open sessions:
Tuesday, April 29 | 11:00am – 12:00pm PT or 1:30pm – 2:30pm PT
Wednesday, April 30 | 11:00am – 12:00pm PT or 1:30pm – 2:30pm PT
Thursday, May 1 | 9:00am – 10:00am PT
https://play.vidyard.com/TJeNouq6epSwg3JW8BAqKy
Speaking Sessions and Public Sector Engagements at RSAC
A Modern Data Protection Architecture to Support Continuous Business | April 30 at 2:10pm PT | Expo South Briefing Center #1400
Join Commvault’s Vidya Shankaran, Field CTO – Emerging Technologies, to explore a modern approach to cyber resilience with built on cloud-first principles that enable fast, clean recovery and improved resilience. Use automation, clean point detection, and recovery-as-code to cleanly rebuild and recover clouds, apps, and data, and enable continuous business in the face of cyberattacks and ransomware. Register here to hold your spot.
Carahsoft Public Sector Day at Hilton San Francisco Union Square | April 28
Commvault is an exhibiting sponsor at Carahsoft’s Public Sector Day. Stop by between 11:00am – 3:00pm PT to learn more about Commvault’s Cyber Resiliency offerings. For additional details, click here.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
TINTON FALLS, NJ and BOSTON – APRIL 3, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, and SimSpace, a global leader in high-fidelity cyber range solutions, today announced the Commvault® Recovery Range™, powered by SimSpace.
Commvault Recovery Range is the first hands-on cyber range that will enable defenders to battle sophisticated cyber threats and real-world attacks while also equipping them with the skills required to navigate and rapidly recover from cyber crises.
Traditional cyber ranges focus on detecting and containing attacks, leaving response and recovery scenarios outside of their scope. Commvault Recovery Range goes much farther in a setting that models the defender’s own production environment. Utilizing SimSpace’s award-winning cyber range platform and Commvault’s exceptional recovery offerings, Commvault Recovery Range will provide an immersive learning experience where defenders can practice the entire end-to-end incident lifecycle, from detection through validated Cleanpoint™ Recovery.
The need for this type of end-to-end cyber resilience training has never been greater. Research shows an organization falls victim to ransomware every 14 seconds¹, and the average downtime from an attack can span upwards of 24 days² – costing enterprises millions of dollars in lost revenue, reputational damage, and operational disruption. Preparation that starts with the attack and ends with a rapid, clean recovery can make all the difference in reducing downtime and helping organizations run in a state of continuous business.
“Together with SimSpace, we are offering companies something that’s truly unique in the market – the physical, emotional, and psychological experience of a real-world cyberattack and the harrowing challenges often experienced in attempting to rapidly recover,” said Bill O’Connell, Chief Security Officer, Commvault. “In combining SimSpace’s authentic cyberattack simulations with Commvault’s leading cyber recovery capabilities, we’re giving companies the ability to strengthen their security posture, cyber readiness, and business resilience.”
“In an era of relentless cyber threats, we created SimSpace to give security and IT professionals an authentic, hands-on understanding of how attacks unfold in the most realistic environments possible,” said William, “Hutch”, Hutchison, CEO of SimSpace. “Our partnership with Commvault, takes the experience to the next level – by integrating the critical recovery component, we’re delivering a complete cyber preparedness lifecycle that helps organizations minimize downtime and prevent devastating losses.”
With Commvault Recovery Range, defenders will experience:
Hands-on attack simulations: Defenders step into a hyper-realistic environment that mirrors their actual networks, infrastructure, and day-to-day operations – complete with simulated users logging in and out, sending emails, and interacting with applications. During this high-fidelity experience, defenders face sophisticated attacks, like Netwalker, that can be challenging to detect. They are forced to make decisions and execute strategic responses under pressure as the clock is ticking.
Real-world recovery exercises: Unlike other cyber ranges, users will face no-win recovery scenarios and learn the hard way the importance of validating backups, cleaning infected data, and executing swift restorations. Recovery exercises include using Commvault Cloud for threat scanning, Air Gap Protect for immutable storage, Cleanroom Recovery for on-demand recovery testing, and Cloud Rewind to automatically rebuild cloud-native apps – so defenders can recover their business rapidly, without reinfecting it.
Drills that bring disparate teams together: Managing and recovering from an attack cannot happen in silos. In the Commvault Recovery Range, CSOs, CISOs, CIOs, IT Ops, and SecOps must all work together to emerge with a cohesive strategy for handling crises and restoring core services swiftly.
“Creating muscle memory in cyber recovery operations requires more than a degree and years of experience. It takes continued practitioner-level training, where security and IT teams engage together in live-fire exercises. That’s how you properly prepare, know you have the right technology in place, and create confidence in your teams’ ability to recover. When a cyber incident occurs and time-to-recovery really matters, this training will be critical,” said Roland Cloutier, Founder, The Business Protection Group and former Global Chief Security Officer, TikTok.
“The Commvault Recovery Range will make a huge difference for our resiliency planning,” said Michele Buschman, Chief Information Officer, American Pacific Mortgage. “The realistic attack scenarios and recovery drills will help instill a sense of confidence in our recovery process and in understanding exactly what we need to do to get back up and running quickly – essential to keeping our business running smoothly.”
“IT teams can’t prepare for a cyberattack with just a playbook any more than a football team can practice on just a chalk board,” said Phil Goodwin, Research Vice President, IDC. “Teams need to practice under game conditions. This new Commvault Recovery Range puts cyber response teams into a realistic simulation where ITOps, SecOps, and line-of-business teams must work together – facing real-world attack scenarios requiring uncertain decisions while attempting to recover. Exercise participants learn where they have gaps and what best-in-class cyber-preparedness should look like when the inevitable attack takes place. It’s great to see Commvault and SimSpace partnering to bring this unique experience to the industry. This is a huge advancement in modern cyber preparedness training.”
“For years, the industry has focused cyber range training primarily on threat detection and mitigation, often treating recovery as a separate, less-practiced discipline. The Commvault Recovery Range fundamentally closes that gap by uniquely bringing together SimSpace’s realistic, high-fidelity attack simulation and Commvault’s expertise in recovery,” said Krista Case, Research Director, Futurum Group. “Commvault and SimSpace are truly helping organizations build the muscle memory needed not just to fight off attackers, but to rapidly and safely get back to business afterward.”
The Path to Minimum Viability
Another reason Commvault is partnering with SimSpace is to help companies understand their “minimum viability,” i.e., the critical applications, assets, processes, and people required for an organization to recover following a cyberattack. Minimum viability is tantamount to achieving continuous business. And tools like Commvault Recovery Range will make it even easier for companies to understand what their minimum viability is – testing their skills so that when an attack happens, they know what to do. To learn more about minimum viability and what this means for enterprises globally, click here and check out The Ultimate Guide to Minimum Viability.
Experience Commvault Recovery Range in Action at the RSA Conference
Commvault and SimSpace will be showcasing Commvault Recovery Range during RSAC 2025 from April 28-May 1 in San Francisco at the Alloy Collective. Space is limited. Get a sneak peek now and register here to be immersed in a live, realistic cyberattack, experiencing everything from detection to recovery.
Commvault will also be exhibiting in the North Hall at RSAC 2025, Booths #4308 and #5678. Attendees are invited to visit the booths and learn more about the Commvault Cloud platform, participate in demonstrations and have discussions with industry thought leaders on how solutions like Cloud Rewind and Cleanroom Recovery can transform their resilience strategies.
SimSpace will also be exhibiting at Booth #3103, offering attendees an opportunity to engage directly with experts and experience immersive, hands-on demonstrations of its high-fidelity cyber ranges. Visitors will learn how to defeat tomorrow’s threats today by swiftly recovering from cyberattacks through the industry’s most realistic simulations.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
About SimSpace SimSpace is a pioneer in delivering advanced cyber range and simulations designed to empower organizations to proactively defend against emerging cyber threats. Our award-winning platform provides highly realistic, immersive environments that precisely replicate real-world attack scenarios and network infrastructures. By enhancing security posture, team readiness, and operational resilience, SimSpace helps organizations swiftly respond to cyber incidents, safeguard critical assets, and maintain trust and business continuity. Discover more about transforming your cybersecurity strategy at www.simspace.com.
Tinton Falls, N.J. – April 2, 2025 – Commvault (NASDAQ: CVLT) – Commvault will webcast a discussion of its fourth quarter fiscal year 2025 earnings results on Tuesday, April 29, 2025 beginning at 8:30 a.m. EST at http://ir.commvault.com.
Investors can access the live webcast by visiting http://ir.commvault.com. Investors may also access the call by dialing Toll Free: (800) 715-9871 or International: (646) 307-1963 and referencing Event ID 7414480. To avoid delays, we encourage participants to dial into the conference call fifteen minutes ahead of the scheduled start time. A replay of the webcast will also be available at http://ir.commvault.com.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
TINTON FALLS, NJ – MARCH 31, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced the appointment of Bill O’Connell as its Chief Security Officer (CSO). O’Connell joins Commvault with nearly 20 years of cybersecurity, risk, and data privacy experience, including prior leadership roles at Roche and ADP.
“Commvault is at the forefront of delivering industry-leading cyber resilience to enterprises worldwide,” said O’Connell. “I look forward to further strengthening Commvault’s position as a trusted partner and innovator, helping employees, customers, and partners protect their most critical assets in an evolving threat landscape.”
Most recently, O’Connell led technical, operational, and strategic programs to protect critical data and infrastructure at Roche, and prior to that, he held numerous security leadership positions at ADP, overseeing all application, software, and product security for the company globally.
“Bill’s vast experience in cyber, product security, data privacy, and incident response will significantly advance our expertise as a cyber resilience leader,” said Sanjay Mirchandani, President and CEO, Commvault. “We are thrilled to welcome Bill to the Commvault leadership team.”
A University of Maryland alumnus, O’Connell holds Bachelor’s and MBA degrees, as well as a graduate certificate in Cyber Security Policy. He previously served as Chair of the National Cyber Security Alliance Board of Directors and remains actively involved in various industry working groups focused on threat intelligence and privacy.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO..
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
TINTON FALLS, NJ – March 4, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced the appointment of Ha Hoang as its new Chief Information Officer (CIO). With over 25 years of experience in leading enterprise technology transformations for Fortune 500 companies, Ha brings a wealth of expertise in cloud strategy, SaaS optimization, and global infrastructure operations.
In her role as CIO, Hoang will focus on advancing next-generation cloud, security and AI technology initiatives and operations. She will also work closely with Commvault’s engineering and product teams to drive innovation. Additionally, she will engage directly with customers, showcasing how Commvault’s technology can drive new levels of resilience and provide exceptional business value.
Before joining Commvault, Hoang was Group Vice President of Cloud Engineering and Infrastructure at UKG, where she led global cloud transformation projects. She also held leadership roles at McKinsey & Company and Wipro, consistently driving technology strategies that delivered clear business results.
“Commvault is leading the way in cloud-first cyber resilience, delivering innovations that help customers and partners remain resilient in an era of escalating cyber threats and attacks,” Hoang said. “I look forward to working internally to advance cloud, security and AI initiatives and operations while also engaging with customers and partners to showcase, firsthand, how they can advance resilience via Commvault technologies.”
“Ha’s proven track record of building and deploying innovative cloud solutions and cutting-edge technologies that can advance critical business objectives and operations makes her a perfect fit for Commvault,” said Danielle Sheer, Chief Trust Officer at Commvault. “Her customer-first approach also aligns perfectly with our commitment to delivering best-in-class cyber resilience solutions. We’re thrilled to have her lead our enterprise technology initiatives as we continue to innovate and meet the evolving needs of our customers.”
Hoang is a graduate of California State University, East Bay.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
LAS VEGAS – March 3, 2025 – From the HIMSS25 global health conference, Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced that its cutting-edge cyber resilience and recovery technologies can be used to rapidly recover Electronic Health Records (EHR), including Epic and Meditech environments.
The need for this type of technology is critical. Healthcare organizations are under attack by cyber criminals. In just the first half of 2024, more than 31 million patient records were exposed in data breaches,¹ with attacks on hospitals costing the U.S. healthcare system over $21.9 billion since 2018.² Bad actors know that hospitals and medical facilities rely on and utilize highly sensitive data to provide patient care. If criminals can gain access to that data, they can hold it for ransom. It’s a vicious cycle that can put patient care in jeopardy. While healthcare providers may not be able to stop attacks, they can focus on recovery and resilience.
By enabling hospitals to accelerate clean data recovery through its Cleanroom Recovery offering while also rapidly recovering cloud data, applications, and configurations via Cloud Rewind, Commvault can help healthcare organizations quickly recover from cyber incidents, maintain continuous patient care, and help comply with evolving HIPAA guidelines.
“These days, providing continuous care involves all facets of a healthcare organization, from operational processes to experienced medical staff,” said Michael Carroll, Area Vice President, Healthcare, Commvault. “It starts with understanding what’s truly essential for minimum viable operations. In healthcare, that means, in part, ensuring that patient records, treatment plans, and scheduling systems are back online quickly following an attack. With Commvault, medical organizations can have peace of mind and focus on what matters most – delivering great care and saving lives.”
Addressing Healthcare’s Cyber Resilience Crisis
Commvault’s Cleanroom Recovery and Cloud Rewind deliver exceptional cyber resilience for healthcare environments by enabling:
Clean, Air-Gapped Recovery: Cleanroom Recovery creates an on-demand production-ready failover environment in the cloud designed for ransomware-free restoration of medical records and other essential healthcare data from air-gapped backups.
Proactive Cyber Testing: Healthcare organizations can also use Cleanroom Recovery to test their recovery plans so that if and when they are attacked, they know in advance that they can recover.
Near-instant Cloud Rollbacks for EHR Protection: Cloud Rewind enables providers to automatically discover, protect, and quickly recover entire application environments, including critical healthcare applications like EHR systems. This can also play a key role in delivering uninterrupted patient care after a cyberattack.
Built on Microsoft Azure
Built on Azure, Commvault’s Cleanroom Recovery and Cloud Rewind offer cloud-native cyber resilience for healthcare providers.
“Through our relationship with Commvault, we are delivering cloud-powered cyber resilience solutions that help enable healthcare organizations to protect patient data, minimize downtime, and maintain operational continuity,” said David Houlding, Director of Global Healthcare Security & Compliance Strategy, Microsoft.
“Commvault gives us the confidence we need that in the event of a ransomware attack we can minimize the impact and maintain our operations and provide uninterrupted patient care,” said Matthew Magbee, Datacenter & Platform Application Manager, Sonic Healthcare USA.
Attend a Live Demonstration at HIMSS
Commvault will be showcasing its cyber resilience solutions for healthcare organizations at HIMSS25 from March 3-6 in Las Vegas. Attendees are invited to visit Commvault’s booth #C1027 for live demonstrations and discussions on how these solutions can transform their resilience strategies. To schedule a demo or learn more, click here.
More Information
Cleanroom Recovery and Cloud Rewind are available now. To learn more about Commvault’s cyber resilience for healthcare, visit our website.
For additional details on how Commvault supports healthcare customers, please view today’s related news.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
LAS VEGAS – March 3, 2025 – From the HIMSS25 global health conference, Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced continued momentum with customers in the healthcare and life sciences industries as organizations increasingly rely on Commvault to protect, manage, and recover critical patient and research data.
Healthcare industry leaders like Hamilton Health Sciences and multiple Fortune 500 healthcare providers are leveraging Commvault’s cyber resilience solutions to protect Electronic Health Records (EHR), including Epic and Meditech environments, and minimize operational downtime. Additionally, healthcare organizations are relying on Commvault to lower the total cost of ownership while confidently safeguarding patient information. Examples include:
The British Medical Association was able to reduce backup and recovery infrastructure costs, freeing resources for innovation and ground-breaking research.
Allina Health reduced technical debt and inconsistent backups of critical systems while vastly improving customer experience.
Baptist Health reduced its restore time by six, allowing its team to get critical data out sooner.
Bilthoven Biologicals gained comprehensive reporting and peace of mind about the validity of backups and tightened mitigation with immutability, multi-factor authentication, and modern air gap controls.
Building on the references above, healthcare providers also shared quotes highlighting the value and impact Commvault’s solutions are providing to their organizations.
“Commvault gives us the ability to rapidly recover critical patient data, helping to ensure that our hospitals remain fully operational even in the face of ransomware attacks,” said Clint Monchamp, Director, Storage and BCDR, Prime Healthcare Services.
“We love the simplicity of the Commvault dashboard. With just a few clicks, we can restore a virtual machine or backups after an attack which is vital in our line of work as a pharmaceutical company with very sensitive data,” said Paul Vries, IT Consultant, Bilthoven Biologicals. “Commvault gives us confidence that our data is safe and our important services can be up and running quickly.”
“Without Commvault, it was very difficult to get the information we needed and lock it down,” said Ryan Hooley, Senior Director of Enterprise Architecture and Reliability, Baptist Health. “The beauty of the tool is we always have a copy on the backend, so data is forensically stable.”
Commitment to Bringing Resilience to Healthcare Data
Healthcare providers, pharmaceutical companies, and life sciences organizations trust Commvault’s solutions to advance cyber resilience, help meet regulatory compliance, and accelerate recovery from cyberattacks. To learn more about unique resilience and recovery offerings that Commvault is providing to healthcare organizations, including Cleanroom Recovery and Cloud Rewind, read this press release also issued at the HIMMS conference.
“Healthcare organizations are prime cyberattack targets, with ransomware among the top 10 threats in Q2 2024¹ and data breaches averaging $9.77 million²,” said Brian Brockway, CTO, Commvault. “These threats put patient care at serious risk. At Commvault, we work with healthcare and life sciences organizations to secure mission-critical data and deliver continuous patient care with exceptional backup and recovery from cyber threats.”
More Information
Commvault will be showcasing its cyber resilience solutions for healthcare organizations at HIMSS25 from March 3-6 in Las Vegas. Attendees are invited to visit Commvault’s booth #C1027 for live demonstrations and discussions on how these solutions can transform their resilience strategies. To learn more about Commvault’s cyber resilience for healthcare, visit our website.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
TINTON FALLS, NJ – February 19, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for hybrid environments, will be handing out the prescription for uninterrupted patient care at HIMSS25 in Las Vegas from March 3-6. By visiting Booth #C1027, hospitals and healthcare providers can learn how to guard against one of the most lethal threats to patient data – ransomware – while uncovering how to sustain continuous business operations. Attendees are encouraged to explore Commvault’s speaking sessions and immerse themselves in a cyber meltdown simulation designed to underscore the critical need for comprehensive cyber resilience.
Building the Business Case for Enhanced Cyber Readiness Investments
March 4 | 2:40 PM | Cybersecurity Command Center – Theater A | Caesars Forum Alliance Ballroom
Having a solid cyber resilience strategy in place can make all the difference for fast and effective data recovery. Join Microsoft’s David Houlding, Director of Global Healthcare Security & Compliance Strategy and Commvault’s Mike Carroll, Area Vice President, to discuss best practices for protecting data across cloud and hybrid environments. Learn why proactive investments in cyber readiness are crucial for any healthcare organization.
Healthcare Minutes to Meltdown: Experience a Cyber Meltdown
March 4 | 3:00 PM | Smith & Wollensky Private Room Venetian Canal Shops, Level 2
When every second counts, even small gaps in preparedness can devastate patient care. In this immersive simulation, discover how cyberattacks can cripple critical systems, disrupt operations, and lead to catastrophic outcomes – and learn what your organization can do to stay ahead of bad actors.
Fortify Healthcare: Cyber Resilience Against Growing Threats
March 5 | 10:00 AM | Cybersecurity Command Center – Theater A | Caesars Forum Alliance Ballroom
Being cyber resilient means having effective safeguards in place – and knowing exactly how to activate them when needed. Join Commvault’s Vice President, Product Experience, Michael Stempf as he details the latest defense and recovery tactics you can integrate into any healthcare environment.
When it comes to patient care, taking risks is not an option. With Commvault Cloud, organizations can protect sensitive records, accelerate recovery, and minimize downtime.
To learn more about how Commvault enables cyber resilience for healthcare organizations, click hereor schedule a check-upwith Commvault at HIMSS, Booth #C1027. Additional dosage details can be found here.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
TINTON FALLS, NJ – February 10, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced that the Commvault Cloud Platform can be easily deployed from major cloud marketplaces utilizing CIS-hardened images. These CIS-hardened images are pre-configured with CIS-recommended settings and controls and will be available on the following marketplaces: Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and VMware.
CIS-hardened images are software files that are pre-configured to align with the Center for Internet Security (CIS) Benchmarks. Hardening helps reduce configuration vulnerabilities, such as overly-permissive network policies that can create opportunities for malicious actors. In fact, configuration errors are one of the most common causes of cloud vulnerabilities, contributing to 23% of cloud infrastructure attacks, according to industry research.¹ Commvault’s CIS-hardened images are designed to reduce these risks by pre-configuring deployment to meet rigorous security benchmarks out-of-the-box, bringing confidence to IT and security teams.
With today’s announcement, Commvault continues to deliver on its cybersecurity focus, with these deployment options joining other security certifications, such as FedRAMP® High Authorized, ISO27001:2013, SOC 2, Type II, and FIPS 140-2, among others. Customers will be able to use the new CIS-hardened images to quickly and confidently configure and deploy Commvault Cloud and benefit from:
Pre-built Compliance Checks: CIS-hardened images provide organizations with secure, hardened environments from the moment of deployment and give customers confidence their control plane has been installed and configured using industry-recognized best practices.
Enhanced Cybersecurity: The CIS-hardened images minimize vulnerabilities by addressing common misconfiguration risks, offering peace of mind against attacker exploitation.
Streamlined Compliance Mapping: CIS Benchmarks are mapped to key security frameworks such as NIST CSF, HIPAA, PCI-DSS, and ISO 27001, simplifying adherence to complex regulatory requirements.
Broad Marketplace Availability: Organizations will be able to deploy Commvault Cloud directly from AWS, Azure, Google Cloud, or VMware marketplaces, enabling fast and secure installations with minimal effort.
The timing of this announcement also comes as more and more organizations are accelerating their move to the cloud. In fact, according to IDC, spending on public cloud services is expected to double to $1.6 trillion by 2028.² In the last year, Commvault has introduced a host of cloud-first offerings designed to make customers more resilient in the cloud, including Cleanroom Recovery, Cloud Rewind, and Clumio Backtrack. Now, the company is taking resilience in the cloud to the next level via CIS-hardened images for popular cloud marketplaces.
“Organizations demand solutions that are not only secure and compliant but also straightforward to deploy,” said Chris Montgomery, CTO – Security, Americas at Commvault. “With CIS-hardened images, we can eliminate the guesswork, providing IT teams with a secure, pre-configured foundation to accelerate their cyber resilience strategies while meeting industry standards.”
“As a security-first organization, having confidence in how our solutions are deployed is critical,” said Marek Duranik, Storage & Data Protection Associate Director at Merck. “Commvault’s CIS-hardened images give us the assurance that we’re starting from a strong security baseline, allowing our teams to focus on protecting and recovering critical data.”
Availability and Pricing Commvault’s CIS-hardened images will be available globally this quarter and at no additional cost to customers. Built on a hardened Rocky Linux 8 operating system, the images are designed to protect both the software and infrastructure layers.
For More Information For more information, visit Commvault’s website or access the Commvault Cloud Platform on your preferred hyperscaler marketplace.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
Tinton Falls, N.J. – January 28, 2025 – Commvault [Nasdaq: CVLT] today announced its financial results for the fiscal third quarter ended December 31, 2024.
“Once again, Commvault has delivered a record-breaking quarter with accelerating revenue growth,” said Sanjay Mirchandani, President and CEO, Commvault. “Our innovative approach to cyber resilience continues to win large net-new accounts and fuel our expansion business. As we look to the future, we believe our unified platform which enables customers to anticipate, prepare for, and recover from inevitable attacks will be more critical than ever.”
Fiscal 2025 Third Quarter Highlights –
Total revenues were $262.6 million, up 21% year over year
Total annualized recurring revenue (ARR)1 grew to $890 million, up 18% year over year, or 21% on a constant currency basis2
Subscription revenue was $158.3 million, up 39% year over year
Subscription ARR1 grew to $734 million, up 29% year over year, or 32% on a constant currency basis2
Income from operations (EBIT) was $13.6 million, an operating margin of 5.2%
Non-GAAP EBIT3 was $54.6 million, an operating margin of 20.8%
Operating cash flow was $30.1 million, with free cash flow3 of $29.9 million
Third quarter share repurchases were $31.9 million, or approximately 200,000 shares of common stock
Financial Outlook for Fourth Quarter and Full Year Fiscal 2025⁴ –
We are providing the following guidance for the fourth quarter of fiscal year 2025:
Total revenues are expected to be between $260 million and $264 million
Subscription revenue is expected to be between $160 million and $164 million
Non-GAAP operating margin3 is expected to be between 20% and 21%
We are providing the following updated guidance for the full fiscal year 2025:
Total revenues are expected to be between $980 million and $985 million
Total ARR1 is expected to grow between 19% and 20% year over year
Subscription revenue is expected to be between $575 million and $580 million
Subscription ARR1 is expected to grow between 28% and 30% year over year
Non-GAAP operating margin3 is expected to be between 20% and 21%
Free cash flow3 is expected to be between $170 million and $200 million
The above statements are based on the incorporation of actual third quarter results and current targets. These statements are forward-looking and made pursuant to the safe harbor provisions discussed in detail below. We do not undertake any obligation to update these forward-looking statements. Actual results may differ materially from anticipated results.
Commvault has provided in this press release the following non-GAAP financial measures: non-GAAP income from operations (EBIT), non-GAAP income from operations margin, non-GAAP net income, non-GAAP diluted earnings per share, non-GAAP free cash flow, annualized recurring revenue (ARR) and subscription ARR. This financial information has not been prepared in accordance with GAAP. Commvault uses these non-GAAP financial measures internally to understand, manage and evaluate its business and make operating decisions. Commvault believes that the use of these non-GAAP financial measures, when used as a supplement to GAAP financial measures, provides an additional tool for investors to use in evaluating ongoing operating results and trends, and in comparing its financial results with other companies in Commvault’s industry, many of which present similar non-GAAP financial measures to the investment community. Commvault has also provided its revenues, ARR, and subscription ARR on a constant currency basis. Commvault analyzes revenue growth, ARR, and subscription ARR on a constant currency basis in order to provide a comparable framework for assessing how the business performed excluding the effect of foreign currency fluctuations.
All of these non-GAAP financial measures should be considered as a supplement to, and not as a substitute for, financial information prepared in accordance with GAAP. Investors are encouraged to review the reconciliation of these non-GAAP measures to their most directly comparable GAAP financial measures, which are included in this press release.
Non-GAAP income from operations and non-GAAP income from operations margin. These non-GAAP financial measures exclude noncash stock-based compensation charges and additional Federal Insurance Contribution Act (FICA) and related payroll tax expense incurred by Commvault when employees exercise in-the-money stock options or vest in restricted stock awards. Commvault has also excluded restructuring costs, noncash amortization of intangible assets, litigation settlement, business combination costs, noncash impairment charges, and the change in the estimated fair value of contingent consideration from its non-GAAP results. These expenses are further discussed in Table IV. Commvault believes that these non-GAAP financial measures are useful metrics for management and investors because they compare Commvault’s core operating results over multiple periods. When evaluating the performance of Commvault’s operating results and developing short- and long-term plans, Commvault does not consider such expenses.
Although noncash stock-based compensation and the additional FICA and related payroll tax expenses are necessary to attract and retain employees, Commvault places its primary emphasis on stockholder dilution as compared to the accounting charges related to such equity compensation plans. Commvault believes that providing non-GAAP financial measures that exclude noncash stock-based compensation expense and the additional FICA and related payroll tax expenses incurred on stock option exercises and vesting of restricted stock awards allow investors to make meaningful comparisons between Commvault’s operating results and those of other companies.
There are a number of limitations related to the use of non-GAAP income from operations and non-GAAP income from operations margin. The most significant limitation is that these non-GAAP financial measures exclude certain operating costs, primarily related to noncash stock-based compensation, which is of a recurring nature. Noncash stock-based compensation has been, and will continue to be for the foreseeable future, a significant recurring expense in Commvault’s operating results. In addition, noncash stock-based compensation is an important part of Commvault’s employees’ compensation and can have a significant impact on their performance. The following table presents the stock-based compensation expense included in cost of revenues, sales and marketing, research and development and general and administrative ($ in thousands):
The table above excludes stock-based compensation expense related to the Company’s restructuring activities described in Note 7.
The components that Commvault excludes in its non-GAAP financial measures may differ from the components that its peer companies exclude when they report their non-GAAP financial measures. Due to the limitations related to the use of non-GAAP measures, Commvault’s management assists investors by providing a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure. Commvault’s management uses non-GAAP financial measures only in addition to, and in conjunction with, results presented in accordance with GAAP.
Non-GAAP net income and non-GAAP diluted earnings per share (EPS). In addition to the adjustments discussed in non-GAAP income from operations, non-GAAP net income and non-GAAP diluted EPS incorporates a non-GAAP effective tax rate of 24%. Beginning in fiscal 2025, Commvault lowered its estimated non-GAAP effective tax rate from 27% to 24%. Commvault believes that a 24% rate more closely aligns with its effective tax rate expectations over the next few years.
Commvault anticipates that in any given period its non-GAAP tax rate may be either higher or lower than the GAAP tax rate as evidenced by historical fluctuations. The GAAP tax rates in recent fiscal years were not meaningful percentages due to the dollar amount of GAAP pre-tax income. For the same reason as the GAAP tax rates, the estimated cash tax rates in recent fiscal years are not meaningful percentages. Commvault defines its cash tax rate as the total amount of cash income taxes payable for the fiscal year divided by consolidated GAAP pre-tax income. Over time, Commvault believes its GAAP and cash tax rates will align.
Commvault considers non-GAAP net income and non-GAAP diluted EPS useful metrics for Commvault management and its investors for the same basic reasons that Commvault uses non-GAAP income from operations and non-GAAP income from operations margin. In addition, the same limitations as well as management actions to compensate for such limitations described above also apply to Commvault’s use of non-GAAP net income and non-GAAP diluted EPS.
Non-GAAP free cash flow. Commvault defines this non-GAAP financial measure as net cash provided by operating activities less purchases of property and equipment. Commvault considers non-GAAP free cash flow a useful metric for Commvault management and its investors in evaluating Commvault’s ability to generate cash from its business operations. In addition, the same limitations as well as management actions to compensate for such limitations described above also apply to Commvault’s use of non-GAAP free cash flow.
Forward-looking non-GAAP measures. In this press release, Commvault presents certain forward-looking non-GAAP metrics. Commvault cannot provide a reconciliation to the comparable GAAP metric without unreasonable efforts, as certain financial information, the probable significance of which may be material, is not available and cannot be reasonably estimated.
Conference Call Information
Commvault will host a conference call today, January 28, 2025 at 8:30 a.m. Eastern Time (5:30 a.m. Pacific Time) to discuss quarterly results. The live webcast and call dial-in numbers can be accessed by registering under the “News & Events” section of Commvault’s website at ir.commvault.com under the “Investor Events” heading. An archived webcast of this conference call will also be available following the call.
About Commvault
Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
Safe Harbor Statement
This press release may contain forward-looking statements, including statements regarding financial projections, which are subject to risks and uncertainties, such as competitive factors, difficulties and delays inherent in the development, manufacturing, marketing and sale of software products and related services, general economic conditions, outcome of litigation and others. For a discussion of these and other risks and uncertainties affecting Commvault’s business, see “Item 1A. Risk Factors” in our annual report on Form 10-K and “Item 1A. Risk Factors” in our most recent quarterly report on Form 10-Q. Statements regarding Commvault’s beliefs, plans, expectations or intentions regarding the future are forward-looking statements, within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. All such forward-looking statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. Actual results may differ materially from anticipated results. Commvault does not undertake to update its forward-looking statements.
Notes
Annualized recurring revenue (ARR) is defined as the annualized recurring value of all active contracts at the end of a reporting period. It includes the following contract types: subscription (including term license contracts, SaaS and utility software), maintenance contracts related to perpetual licenses, other extended maintenance contracts (enterprise support), and managed services. It excludes any element of the arrangement that is not expected to recur, primarily perpetual licenses and most professional services. Subscription ARR includes only term license contracts, SaaS and utility software arrangements. Contracts are annualized by dividing the total contract value by the number of days in the contract term, then multiplying by 365.
ARR should be viewed independently of GAAP revenue, deferred revenue and unbilled revenue and is not intended to be combined with or to replace those items. ARR is not a forecast of future revenue. Management believes that reviewing this metric, in addition to GAAP results, helps investors and financial analysts understand the value of Commvault’s recurring revenue streams presented on an annualized basis.
Constant currency amounts for ARR and subscription ARR are calculated using the foreign exchange spot rate from the prior year period and applying this rate to foreign-denominated results in the current corresponding period. Commvault analyzes ARR and subscription ARR on a constant currency basis in order to provide a comparable framework for assessing how the business performed excluding the effect of foreign currency fluctuations. Investors are encouraged to review the reconciliations of the reported ARR and subscription ARR amounts to their respective constant currency amounts included in our “Q3’25 Earnings Presentation,” which can be accessed under the “Financial Information” section of Commvault’s website at ir.commvault.com.
A reconciliation of GAAP to non-GAAP results has been provided in Financial Statement Table IV included in this press release. An explanation of these measures is also included under the heading “Use of Non-GAAP Financial Measures.”
Commvault does not provide forward-looking guidance on a GAAP basis as certain financial information, the probable significance of which cannot be determined, is not available and cannot be reasonably estimated. See “Use of Non-GAAP Financial Measures” for additional explanation.
More related posts
Commvault Encourages Organizations to Adopt a Four-Step Approach to Resilience in the Age of Frontier AI
TINTON FALLS, NJ – January 27, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today announced a new integration with the CrowdStrike Falcon® cybersecurity platform. The collaboration leverages CrowdStrike’s rich security data and world-class threat intelligence within the Commvault Cloud, delivering layered threat detection and fast data recovery for joint customers.
Commvault’s integration with the AI-native CrowdStrike Falcon platform marks a significant step forward in addressing today’s rapidly evolving cyber threats. By adding another layer of enriched threat insights from the Falcon platform within Commvault Cloud, organizations can gain faster, more comprehensive visibility to streamline incident response, helping customers achieve continuous business, even in the face of sophisticated attacks. When CrowdStrike prevents and detects malicious activity or a suspicious event, administrators can view the alert in Commvault Cloud, run Threat Scan to check for threats, and rapidly restore affected data to a previous, known-good state.
The collaboration underscores Commvault’s commitment to proactively addressing the needs of modern enterprises and delivering solutions that enhance both cyber resilience and continuous business.
“The average organization has seen 8 cyber incidents in the last year, 4 of which are considered major.¹ At Commvault, we are committed to empowering businesses with the tools they need to not only safeguard their data but to enhance their overall cyber resilience,” said Alan Atkinson, Chief Partner Officer, Commvault. “By partnering with CrowdStrike, we are combining our deep expertise in cyber resilience with their advanced threat detection capabilities, empowering our joint customers with faster response times and a stronger cyber resilience posture.”
The integrated solution from Commvault and CrowdStrike leverages real-time threat intelligence from the Falcon platform, with Commvault Cloud’s cloud-first cyber resilience capabilities. The key benefits of the integrated solution include:
Proactive Threat Detection: CrowdStrike’s Indicators of Compromise (IOCs) and AI-driven insights are designed to help businesses identify threats earlier, enabling faster response time and mitigation.
Accelerated Clean Data Recovery: Organizations can rapidly recover clean data by identifying the last known clean version, minimizing downtime and maintaining continuity – critical as recent global research shows 62% of respondents say either downtime or data loss associated with attacks has been disruptive.²
Streamlined Operations: The integration enables seamless collaboration between SecOps and ITOps teams, enhancing response and recovery processes through a unified workflow.
Continuous Business: By reducing response times and downtime, the solution helps enterprises maintain critical operations even during sophisticated cyberattacks.
This latest collaboration with CrowdStrike builds on Commvault’s growing ecosystem of leading security partners. Together with CrowdStrike, Commvault continues to push the boundaries of what’s possible in threat detection, mitigation, and recovery, helping customers maintain business operations in the face of growing cyberattacks.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
¹ DeMattia, A., & Gruber, D. (2024). Trends in CR/DR Plans: Contrast and Convergence – Final Survey Results [Unpublished data]. TechTarget, Inc.
TINTON FALLS, NJ – January 14, 2025 – Commvault, a leading provider of cyber resilience and data protection solutions for the hybrid cloud, today introduced an expansion of its platform to provide full and automated forest recovery for the world’s most widely used enterprise identity and access solution, Microsoft Active Directory.
As organizations continue to combat non-stop cyberattacks and threats, Commvault® Cloud Backup & Recovery for Active Directory Enterprise Edition is the latest addition to the Commvault Cloud platform, which already protects a vast array of workloads and is designed to keep customers resilient, operational, and in a state of continuous business.
Active Directory, often called the “backbone of enterprise IT,” manages authentication for more than 610 million users worldwide¹ and controls access to critical business systems, protecting everything from workstation logins to physical building access. If Active Directory goes offline, business operations can come to a halt. Bad actors know this all too well, which is why they make Active Directory a primary target in up to 9 out of 10 cyberattacks². When disaster strikes, recovering Active Directory is vital, yet traditionally has been very hard to do, requiring intricate, time-consuming, manual processes, as described by Microsoft’s Forest Recovery Guide.
Commvault is changing this with Backup & Recovery for Active Directory Enterprise Edition. It brings a new level of resilience to Active Directory by enabling automated, rapid recovery of the Active Directory forest, which includes users, groups, permissions, and domain controllers across the organization. This new offering eliminates slow and error-prone manual processes often associated with Active Directory forest recoveries. With Backup & Recovery for Active Directory Enterprise Edition, enterprises will be able to:
Make Active Directory recovery a snap via automated runbooks: Automated forest recovery runbooks streamline the multi-step process required for Active Directory forest recovery, including tasks like transferring key roles from an unavailable domain controller to a functioning one, which is essential for a clean recovery. These runbooks can also be used for regular testing in non-production environments to enhance cyber readiness.
Enable fast recovery of the most important Active Directory infrastructure: Visual topology views of an organization’s Active Directory environment enable simple and rapid identification of which domain controllers to restore first and how they should be recovered to accelerate availability of Active Directory services.
Accelerate recovery times and advance resilience: Manually recovering an Active Directory forest can take days or even weeks to complete, but with Commvault, organizations can recover it in a fraction of the time. Commvault’s Cloud platform integrates Active Directory forest recovery with granular recovery of both Active Directory and Entra ID, the cloud-based identity service, providing comprehensive protection.
“Active Directory is the heart that keeps our business functioning and in the event of a ransomware attack, recovering it will be one of our top priorities,” said Jeffrey Day, Deputy Chief Information Security Officer, Nevada Department of Transportation. “Commvault’s innovation with Active Directory forest recovery will provide us with the confidence and peace of mind that not only can we recover our Active Directory data, but we will be able to do so quickly and accurately. And, having this offering integrated directly into the same cyber resilience platform that we use to protect mission-critical workloads is a win-win.”
“Recovering Active Directory is foundational to maintaining continuous business after a cyberattack, yet traditional methods are too complex and prone to error,” said Pranay Ahlawat, Chief Technology and AI Officer, Commvault. “With automated Active Directory forest recovery, we are giving customers game-changing recovery capabilities, and by integrating this into our unique cyber resilience platform with broad workload support, we’re bringing a new era of continuous business to our customers that nobody can match.”
“With identity-based attacks on the rise, it has never been more critical to protect Active Directory,” said Krista Case, Research Director, Futurum Group. “Commvault’s approach, which includes automated workbooks and folding Active Directory recovery into the same platform that also protects a wide range of other workloads, addresses several critical requirements we hear from practitioners, including the need to streamline security operations and to accelerate recoveries.”
Availability and Pricing Commvault Cloud Backup & Recovery for Active Directory Enterprise Edition is targeted for general availability within the first half of 2025 and priced per user.
About Commvault Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations keep data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere—at the lowest TCO.
