Media Contact	Investor Relations Contact
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

TINTON FALLS, NJ – January 29, 2024 – Commvault, a leading provider of cyber resilience and data protection solutions for hybrid cloud organizations, today announced that cybersecurity experts across a host of industries — from security to public sector to technology — have joined the Commvault Cyber Resilience Council.

Council members will advise Commvault on emerging security trends and cyber threats as well as highlight best-practices in cyber resilience, all of which can play a key role in shaping product development, defining partnership opportunities, and guiding business strategies.  

The council is chaired by Melissa Hathaway, who served as a top cybersecurity advisor for two presidential administrations, worked extensively with international institutions like NATO and the World Bank, and currently advises leading Fortune 500 companies as President of Hathaway Global Strategies.

“As tomorrow’s threats evolve and intensify, business resilience is increasingly challenged and vulnerable,” said Sanjay Mirchandani, President and CEO, Commvault. “Our newly formed Commvault Cyber Resilience Council will help us keep a pulse on this ever-changing landscape and enable us to continue delivering industry-leading cyber resilience to our customers.”

The members include:

“Each new member of the council brings a diverse wealth of experience, from governance and risk management, to developing cutting-edge security products and countering sophisticated cyber threats,” said Hathaway. “I look forward to collaborating with this esteemed group of experts as we work hand-in-hand with Commvault to combat widespread AI-driven threats and advance cyber resilience for organizations around the world.”

The council’s objective is underscored by the company’s recent introduction of Commvault Cloud, powered by Metallic AI, a unique cyber resilience platform built to meet the demands of the hybrid enterprise at the lowest TCO. It empowers businesses to secure data, anticipate risks, minimize damage, and rapidly recover – in the face of any threat.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyber attacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.

Media Contact	Investor Relations Contact
Kevin Komiega  Commvault  978-834-6898  kkomiega@commvault.com	Michael J. Melnyk, CFA  Commvault  646-522-6160  mmelnyk@commvault.com

New report from Commvault and Futurum shows organizations rallying around AI to counter AI-driven threats in 2024

TINTON FALLS, NJ — January 25, 2024 — Commvault, a leading provider of cyber resilience and data protection solutions for hybrid cloud organizations, today released a new report that found the traditional silos between ITOps and security teams are beginning to break down, as organizations realize the importance of increased collaboration to combat the onslaught of more sophisticated cyber attacks. 

Commissioned in partnership with The Futurum Group, the report, “Overcoming Data Protection Fragmentation for Cyber-Resiliency,” surveyed over 200 C-Suite and senior-level IT executives (more than half of which were CIOs, CSOs, and CISOs) in the Americas, EMEA, and Asia-Pacific regarding their cyber resilience positions. 

According to the report, nearly all (99%) respondents indicated that the relationship between ITOps and security has grown more connected over the past 12 months. For those who described the relationship between ITOps and security as “connected,” 64% stated they now have shared goals for maintaining the company’s security and 70% stated they have joint processes and procedures in place for daily operations. However, there is still work to do. For example, only 48% stated they have established joint processes and procedures in place to mitigate or recover from an incident. 

“Synergies between ITOps, security teams and the C-suite has never been more crucial as cyber criminals are deploying more sophisticated attacks powered by AI,” said Javier Dominguez, Chief Information Security Officer, Commvault. “But, with 19 cyber attacks every second, breaches are inevitable. It’s critical that ITOps and security teams jointly think about recovery as part of an end-to-end security practice tied to the NIST framework.” 

Using AI to Advance Security 

AI is expected to be a major theme in 2024 with more than two-thirds (68%) of respondents indicating the technology will boost their security efforts by identifying and responding to threats more quickly and accurately. Respondents identified several ways AI could improve their organization’s security posture, including: 

• Augmenting and automating employee training and security awareness (67%)
• Increasing efficiency by automating day-to-day operational processes associated with data protection (66%)
• Augmenting user authentication and access control (57%)
• Augmenting compliance monitoring and reporting (52%)

Data Fragmentation Creates Cyber Resilience Challenges 

Organizations continue to grapple with fragmented data protection solutions, which not only creates management complexities but cyber resilience challenges. More than 90% of respondents say fragmentation of data protection tools has a direct, negative impact on their organization’s cyber resiliency and 54% indicated that fragmentation hinders their organization’s cyber resiliency efforts. 

“Utilizing a host of fragmented data protection products can drive up costs, create management nightmares, give bad actors more avenues to exploit, and slow down recovery,” said Krista Macomber, Research Director, The Futurum Group. “This research serves as a good reminder that organizations should consider a modern platform that can reduce fragmentation, protect a vast array of workloads across any location, predict threats faster, and speed up response and recovery times.” 

To review the full survey results, click here.

Methodology

Commvault sought to learn how data sprawl and fragmentation of data protection tools are threatening organizations’ overall cyber-resiliency. To facilitate this research, Commvault commissioned The Futurum Group to conduct an independent effort in finding answers to these important issues.

The Futurum Group surveyed 205 C-Suite, VP and Director-level IT Operations and Security professionals. Surveys were collected in September 2023. Specifically, 84% of respondents held C-Level titles, 18% held security-related titles, and 14% held VP/IT-Director level titles. We focused on the C-Suite to get the view from the top, given the visibility and critical importance of cyber-resiliency. Well over half (57%) of respondents came from organizations with 1,000-5,000 employees. The major geographical regions (the Americas, EMEA, and APAC) were fairly evenly represented.

About Commvault 

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyberattacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.  

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

SINGAPORE/SYDNEY – 11 December 2023 – Commvault, a leading provider of cyber resilience and data protection solutions for hybrid organizations, today expanded its Asia Pacific (APAC) leadership team with two key senior appointments. In both cases, these leaders bring strong technology expertise to the table, a passion for helping customers achieve business outcomes, and a keen understanding of the role Commvault Cloud plays in driving cyber resilience. 

“The Asia region is critical to our growth, and I’m thrilled to step into this position at such a transformative time for the company. As organizations today are faced with non-stop cyber threats, the need for cyber resilience has never been greater. I’m looking forward to leading and contributing to the Commvault team’s excellent work in advancing the resilience of organizations in Asia,” said Borst.

“Enterprises across APAC are at an important juncture in their digital journey as the opportunities to do more with data have never been greater, but the need to protect, secure, and recover data has never been more important,” said Dean. “I’m excited to lead Commvault’s channels and alliances efforts and work hand-in-hand with our partners to help joint customers achieve their business goals and advance resilience. The partner ecosystem that we’ve built with security, AI, and cloud leaders is a testament to the power of collaboration in combatting a landscape marked by chaos and complexity.”

“Recognizing the tremendous potential and momentum within the APAC region, it was crucial to onboard leaders like Michel and Jo with proven industry experience and strong sales and partner expertise. I wish them great success on this journey,” said Martin Creighan, Vice President, Asia Pacific, Commvault.

In their new roles, Michel and Jo will focus on delivering advanced capabilities through the Commvault Cloud platform that can help customers and partners stay resilient. From best-in-class data protection and security to AI-powered data intelligence and the fastest recovery, Commvault Cloud enables enterprises to secure and recover their data, across any workload, any infrastructure, and from any location to any location.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyber attacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.

Investor Relations Contact:
Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

Tinton Falls, N.J. – January 4, 2024 – Commvault (NASDAQ: CVLT) – Commvault will webcast a discussion of its third quarter fiscal year 2024 earnings results on Tuesday, January 30, 2024 beginning at 8:30 a.m. EST at http://ir.commvault.com.

Investors can access the live webcast by visiting http://ir.commvault.com. Investors may also access the call by dialing (800) 715-9871 or (646) 307-1963 and referencing Event ID 6296061. To avoid delays, we encourage participants to dial into the conference call fifteen minutes ahead of the scheduled start time. A replay of the webcast will also be available at http://ir.commvault.com.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyber attacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

NACD Directorship 100 Recognizes the Most Influential Corporate Directors
and Governance Experts

TINTON FALLS, NJ – December 14, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today announced that Nicholas Adamo, Chairman of Commvault’s Board of Directors, has been named oneof the most influential leaders by the National Association of Corporate Directors (NACD). Adamo was recognized on NACD’s annual list of leading corporate directors and governance advocates.

“This is a testament to Nick’s leadership and strategic counsel as we have accelerated our growth over the last few years, doubled down on innovation, and disrupted the industry with true cloud cyber resilience,” said Sanjay Mirchandani, Commvault President and CEO. “Nick has also shown an unwavering dedication to providing transparency and governance to our stakeholders. We would like to congratulate Nick on this tremendous accomplishment.”

Previously, Adamo spent more than 22 years as an executive and leader at Cisco Systems and consulted with a range of technology companies. Since joining Commvault’s Board in 2018, Adamo has helped the company extend its leadership in the industry, launch its hypergrowth SaaS portfolio which surpassed $100M in annual recurring revenue in two years, and continue to innovate its offerings to provide best-in-class cyber resilience to our customers.

The 2023 NACD Directorship 100 recognizes leading corporate directors and governance advocates in several categories, including attorneys, audit and risk professionals, board advisors, compensation experts, governance advisors, investors, media, policy advisors, recruiters, and regulators and rule makers. Adamo and honorees from companies including Best Buy, ScanSource, Inc., Equilar, American Eagle Outfitters, J.P. Morgan, Goldman Sachs and more were recognized at last night’s 2023 Directorship 100 Awards Gala in New York City.

“Exemplifying board leadership is a top priority for our organization, and this year’s peer-nominated Directorship 100 honorees demonstrate their excellence in governance,” said NACD president and CEO Peter Gleason. “The accomplishments and integrity of this year’s director honorees are inspiring.”

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyberattacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

SINGAPORE/SYDNEY – 11 December 2023 – Commvault, a leading provider of cyber resilience and data protection solutions for hybrid organizations, today expanded its Asia Pacific (APAC) leadership team with two key senior appointments. In both cases, these leaders bring strong technology expertise to the table, a passion for helping customers achieve business outcomes, and a keen understanding of the role Commvault Cloud plays in driving cyber resilience.   

“The Asia region is critical to our growth, and I’m thrilled to step into this position at such a transformative time for the company. As organizations today are faced with non-stop cyber threats, the need for cyber resilience has never been greater. I’m looking forward to leading and contributing to the Commvault team’s excellent work in advancing the resilience of organizations in Asia,” said Borst.

“Enterprises across APAC are at an important juncture in their digital journey as the opportunities to do more with data have never been greater, but the need to protect, secure, and recover data has never been more important,” said Dean. “I’m excited to lead Commvault’s channels and alliances efforts and work hand-in-hand with our partners to help joint customers achieve their business goals and advance resilience. The partner ecosystem that we’ve built with security, AI, and cloud leaders is a testament to the power of collaboration in combatting a landscape marked by chaos and complexity.”

“Recognizing the tremendous potential and momentum within the APAC region, it was crucial to onboard leaders like Michel and Jo with proven industry experience and strong sales and partner expertise. I wish them great success on this journey,” said Martin Creighan, Vice President, Asia Pacific, Commvault.

In their new roles, Michel and Jo will focus on delivering advanced capabilities through the Commvault Cloud platform that can help customers and partners stay resilient. From best-in-class data protection and security to AI-powered data intelligence and the fastest recovery, Commvault Cloud enables enterprises to secure and recover their data, across any workload, any infrastructure, and from any location to any location.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyber attacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

Anzevino to accelerate adoption of Commvault’s new cyber resilience platform that helps customers predict threats faster and make clean recoveries at the lowest TCO.

TINTON FALLS, N.J. – December 7, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today announced Anthony Anzevino as the new Senior Vice President for its Americas Field Organization.

Prior to joining Commvault, Anzevino held key sales and leadership positions with a host of cloud, data security and protection, and storage companies including Amazon Web Services (AWS), EMC, First Data Merchant Services, Veeam, and VMware. In his new role at Commvault, he aims to leverage his years of experience and insights to help customers and partners advance cyber resilience – essential in an era of non-stop and escalating cyberattacks.

“Enterprises are facing unprecedented times in terms of the volume and sophistication of ransomware and other cyberattacks, and Commvault has never played a more critical role in helping customers detect threats, and if necessary, rapidly recover,” said Riccardo Di Blasio, Commvault’s Chief Revenue Officer. “Based on years of relevant experience, Anthony understands the importance of cyber resilience and will be instrumental in working directly with customers and partners to accelerate growth and adoption of Commvault’s unique platform and technologies in a hybrid cloud world.”

“I am honored to step into this pivotal role at Commvault, especially at a time when the demand for robust cyber resilience solutions has never been greater. My focus will be on driving forward-thinking solutions that not only address our customers’ current challenges but also anticipate future data security and recovery needs,” said Anzevino. “Together with our talented team and partners, I am excited to shape a new era of cyber resilience that aligns with the complex demands organizations are facing today.”

Powered by Metallic AI, Commvault Cloud enables customers to secure, manage, and recover their data, across any workload, any infrastructure, and from any location using a single pane of glass. A cutting-edge platform built for the hybrid enterprise, Commvault Cloud is designed to deliver true cloud cyber resilience with the fastest recovery. And through deep integrations with a broad ecosystem of AI, cloud and security partners, Commvault Cloud is the ultimate weapon against ransomware. For more information, please visit www.commvault.com/platform.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyber attacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

Join Commvault at booth #1260 for an in-depth look at its new platform, Commvault Cloud, powered by Metallic AI

TINTON FALLS, NJ – November 21, 2023 – Commvault, a leading provider of cyber resilience and data protection solutions for hybrid cloud organizations, is excited to showcase Commvault Cloud, powered by Metallic AI, at AWS re:Invent 2023, running November 27- December 1. Exhibiting at Booth #1260, Commvault will provide AWS customers with the opportunity to see the new solutions in action for themselves, which are also now available in AWS Marketplace.

Show attendees can expect a packed schedule from Commvault, ranging from in-booth demos and giveaways to partner speaking sessions with NetApp (Booth #950) and Hitachi Vantara (Booth #1532) and an exploration of real-world case studies. Can’t-miss activities include:

• Wed, Nov 29 at 1:30 pm PST | Security Zone: Speaking Session – STG104-S “Simplifying Cost-Optimized Cyber Response & Recovery at Massive Scale”

  • Product leaders from Commvault will discuss its new platform capabilities and how joint innovation with AWS allows Commvault to protect customer data at petabyte scale while meeting strict regulatory requirements and staying resilient in the face of cyber threats. Register today!

• Tues, Nov 28 – Thurs, Nov 30 starting at 10:00 am PST | Commvault Booth #1260

  • Only Commvault Cloud can meet the demands of the hybrid enterprise at the lowest TCO. Stop by the booth to see it in action or schedule a one-on-one meeting with a Commvault expert.

• Tues, Nov 28 at 11:00 am PST | NetApp Booth #960

  • Discover how Commvault is partnering with NetApp and AWS to drive cyber resilience and seamless protection and mobility across hybrid cloud environments, including support for Amazon FSx for NetApp ONTAP.

• Wed, Nov 29 at 4:00 pm PST | Hitachi Vantara Booth #1532

  • Find out how Commvault is partnering with Hitachi and AWS to provide customers with innovative AI-driven threat detection and security across their hybrid cloud environments.

Together, Commvault and AWS accelerate how customers modernize their business and enable faster innovation. Whether it’s cyber resilience with comprehensive security and accelerated backup and recovery, continuous cost optimization, or workload migration and conversion, Commvault delivers the tools to identify risk, remediate, and recover business-critical AWS workload.

To learn more about how Commvault and AWS protect customer data, visit Booth #1260 during AWS re:Invent and trial Commvault Cloud in AWS Marketplace.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 646-522-6160 mmelnyk@commvault.com

TINTON FALLS, NJ – November 15, 2023 – Commvault, a leading provider of cyber resilience and data protection solutions for hybrid cloud organizations, today announced its participation in the Microsoft Security Copilot Partner Private Preview. Commvault was selected based on its proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.

“In the context of security, AI’s impact is likely to be profound, tilting the scales in favor of defenders and empowering organizations to defend at machine speed. At Microsoft, we are privileged to have a leading role in advancing AI innovation, and we are so grateful to our incredible ecosystem of partners, whose mission-driven work is critical to helping customers secure their organizations and confidently bring the many benefits of AI into their environments,” said Vasu Jakkal, Corporate Vice President, Microsoft Security.

Commvault is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility. To learn more, read the announcement.

“Commvault’s participation in the Microsoft Security Copilot Partner Private Preview aligns with our focus on delivering exceptional data intelligence to customers and partners via our recently announced cyber resilience platform, Commvault Cloud, powered by Metallic AI,” said David Ngo, Chief Technology Officer, Hyperscalers, Commvault. “Together with Microsoft, we’re leveraging AI to give customers the upper hand to take action and keep data safe, whether that’s detecting ransomware sooner, accelerating recoverability, or automating reporting.”

Security Copilot is an AI-powered security product designed to enable security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft’s global threat intelligence and more than 65 trillion daily signals.

About Commvault
Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

Key integrations between Commvault Cloud and security and AI partners can help customers advance data insights as well as threat detection, protection, mitigation, and recovery  

NEW YORK – COMMVAULT SHIFT – November 8, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today announced that it’s marrying modern cyber resilience technologies from Commvault with advanced security and data intelligence from pioneers in cybersecurity, artificial intelligence, and cloud.

Industry leaders in these areas are integrating with the newly announced Commvault Cloud platform to provide joint customers with more ways to rapidly detect, protect, and respond to potential threats and attacks while also improving data visibility and governance. Commvault is working with partners across the security tool chain, including: security information and event management (SIEM), security orchestration, automation, and response (SOAR), network detection and response, vulnerability and threat detection and assessment, incident management, and data governance and privacy.

The timing of these security and AI integrations is ideal as companies face unprecedented volumes of cyber threats and have major concerns about what bad actors can do in terms of business disruption and brand reputations. According to a recent IDC study commissioned by Commvault, 61% of respondents believed that data loss within the next 12 months due to increasingly sophisticated access is “likely” to “very likely.”¹ 

Given these on-going concerns, Commvault believes collaboration is key. Earlier this year, Commvault announced integrations with Microsoft Sentinel and Palo Alto Networks. Today the full expansive set of security and AI partners that are integrating with Commvault Cloud includes:

• Avira (part of Gen): aims to protect the online world by providing cybersecurity products and services, both direct to consumers as well as via APIs for many of the industry’s best-known cybersecurity companies.
• Darktrace: using AI that learns in real-time on the unique data of each business, Darktrace’s Cyber AI products are designed to help organizations of all sizes prevent, detect, respond to, and heal from cyber disruption.
• Databricks: combines the best of data warehouses and data lakes to offer an open and unified platform for data and AI.
• Entrust: a global data security and identity solutions provider that is a leader in post-quantum cryptography and data encryption to secure data from current and future threats, advancing cyber resiliency.
• Netskope: a global SASE cybersecurity leader, helps organizations apply zero trust principles and AI/ML innovations to protect data and defend against cyber threats.
• Palo Alto Networks: leveraging Cortex XSOAR, accelerates incident response times to outpace cyberthreats, so organizations can embrace technology with confidence.
• Trellix: the Trellix Intelligent Virtual Execution (IVX) sandbox allows organizations to safely analyze and inspect malware in an isolated environment, enabling better understanding of zero-day threat patterns in both backup data and production networks.

“To be effective for cyber resilience, data security products must integrate with products in the cyber-recovery ecosystem,” said Christophe Bertrand, Practice Director, ESG. “Our recent research on the state of ransomware preparedness shows that organizations around the world want their data protection vendors to work directly with core security tools and service providers. These integrations between security and AI ecosystem partners and Commvault Cloud can play a key role in helping companies advance their security posture while also elevating data governance.”

“By integrating with a broad ecosystem of new security and AI partners via our Commvault Cloud platform, we are not only meeting customers where they need to be met at this critical moment, but we can collectively and jointly bring faster, smarter, and more connected security insights to organizations around the world,” said Rajiv Kottomtharayil, Chief Product Officer, Commvault.

Quotes from Integration Partners

Avira: “The integration between Avira and Commvault could not come at a better time for customers who are increasingly bombarded by cyber threats,” said Alexander Vukcevic, Director, Protection Labs and QA, Avira. “Our AI/ML-driven threat intelligence, prediction, analysis and antimalware technologies augment Commvault Cloud’s powerful security features to help customers rapidly identify potentially malicious activity faster, enabling better protection against existing and emerging threats like ransomware, polymorphic and shapeshifting attacks.”

Darktrace: “As the threat landscape evolves, Darktrace’s Self-Learning AI is a powerful tool to help stretched teams detect novel and unknown threats, manage security incidents more efficiently, and restore their systems back to health quickly,” said Matt Bovbjerg, Vice President of Integrations, Darktrace. “The planned integration between Darktrace HEAL™ and the Commvault Cloud platform will provide our joint customers with robust tools that help them prepare for, respond to and recover from potential cyber threats.”

Entrust: “It is critical for enterprises to protect data integrity in ways that safeguard the organization and enable growth and scale in multi-cloud environments. Entrust KeyControl Key Management Server (KMS) and nShield Hardware Security Modules (HSMs) enable customers to integrate innovative key management capabilities and robust, post-quantum ready cryptography with Commvault Cloud and the company’s cyber resilience capabilities, protecting the confidentiality and integrity of critical data and enabling customers to better defend against persistent attacks,” said John Grimm, VP of Strategic Alliances, Entrust.

Netskope: “With the integrated data context and visibility the Netskope Zero Trust Engine provides in combination with Commvault Cloud, customers can leverage AI-powered threat and data protection with ultra-sensitive data awareness to protect people and data anywhere they go,” said David Willis, VP, Technology Alliances, Netskope.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.

---

References

1. Goodwin, P. (2023). The cyber-resilient organization: maximum preparedness with bulletproof recovery [White paper]. IDC. https://www.commvault.com/resources/analyst-report/idc-whitepaper-the-cyber-resilient-organization

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

• Brings together data protection, security, intelligence, and recovery on one platform
• Offers AI capabilities to defeat cyber threats; includes integration with Microsoft Azure OpenAI Service
• Advances reliable recovery with industry’s first cleanroom recovery service
• Introduces four packaged bundles, including Platinum Resilience: a new standard in cyber resilience hosted in the cloud

NEW YORK – COMMVAULT SHIFT – November 8, 2023 – Commvault, a leading provider of cyber resilience and data protection solutions for hybrid cloud organizations, today announced Commvault Cloud, powered by Metallic AI – a new, unique platform that is changing the game in how IT and security teams can radically improve cyber resilience in an era of non-stop ransomware and malicious cyberattacks.

Commvault Cloud unifies all of the company’s SaaS and software offerings on one platform, where visibility and control can be managed holistically via a single pane of glass. But Commvault Cloud goes much further. This new platform is purpose-built for cyber resilience, designed to enable users to predict threats faster, make clean recoveries, and accelerate threat response times – all at the lowest possible TCO. And, with Commvault Cloud’s unique architecture, customers can secure and recover their data, across any workload, any infrastructure, and from any location to any location.

The need for modern cyber resilience has never been greater. If, for example, an organization is unable to recover from an attack in a matter of hours, that can directly impact brand reputations and customer loyalty. Yet, according to a recent IDC research study of more than 500 ITOps and SecOps respondents, 59% expect a cyber recovery to take days or weeks, which is unacceptable when trying to keep businesses up and running.¹

“Achieving enterprise-grade cyber resilience is more than building taller walls or deeper moats. It requires a new approach that looks holistically across the entire landscape, from best-in-class data protection and security to AI-powered data intelligence and lightning-fast recovery,” said Sanjay Mirchandani, President and CEO, Commvault. “With these advanced capabilities and a rich and growing partner ecosystem, our unique and consolidated platform is the new standard in cyber resilience.”

Advancing Cyber Resilience and Data Intelligence with AI and Commvault Cloud

Commvault is introducing innovations that can help customers realize the full benefits of AI and improve cyber resilience. And, unlike others that use AI to simply generate content, Commvault is using AI in a way that can help customers take action. Here is how it works.

With Commvault Cloud users will have access to Arlie – short for “Autonomous Resilience” – a new AI co-pilot that is at their beck and call 24/7 and can respond to inquiries in plain, simple language. But behind the scenes, a lot more is taking place. Arlie will interface with generative AI models that not only consolidate information and reports, but provide users with personalized actionable responses. For example, users may be able to use Arlie to verify or validate a clean point of recovery for critical systems, or generate requested code in seconds.

Arlie will integrate on the backend with Azure OpenAI Service. New AI-enabled capabilities that support this type of personal/human interaction within Commvault Cloud will include:

• Active insights: Gives users real-time threat analysis and report summaries showing the latest information about their cyber resiliency health, removing the need to sift through filters and reports to prioritize the most pressing information.
• Code assistance: Offers a “no-code” way to build an integration or code an action: users simply type a description of what they want to do, and the code assistant will generate the code on the spot.
• Custom walk-throughs: Provides context-sensitive, guided product walk-throughs that make it easy for users to set-up, customize, and tune Commvault Cloud to their specifications. They simply ask “how to” questions and receive step-by-step documentation with annotated screenshots.
• Root cause remediation: Constantly monitors the performance of Commvault Cloud using generative AI to find issues and offer real-time recommendations on how to optimize cyber resilience.

Commvault is also announcing AI and security advancements that are coded directly into Commvault Cloud and “show up” as intelligent insights baked into daily workflows. Capabilities that match this description include:

• Advanced threat prediction: Utilizes real-time predictive threat analysis to find AI-driven ransomware, including detection of shape-shifting AI malware, before they impact customers’ backups and ability to recover cleanly.
• Cloudburst™ Recovery: Improves business continuity by utilizing infrastructure-as-code and cloud-scaling to automate rapid and frictionless recovery of data to any location. Users benefit from exceptional portability, as well as a low TCO as a result of the accelerated process.

“Organizations rely heavily on their digital data to keep the operations running efficiently and customer services functional. This is why ransomware is so disruptive,” said Jennifer Glenn, Research Director for IDC Security and Trust Group. “Whether on-premises, in the cloud or hybrid, the need for modern, AI-supported cyber resilience, such as Commvault’s offering, are incredibly important for today’s businesses.” 

Advancing Clean Recoveries with Commvault Cloud and Microsoft Azure

After a cyberattack, having a clean backup is critical, and so is having a clean location for recovery. That’s why Commvault is announcing Cleanroom Recovery. With Commvault Cloud, and in collaboration with Microsoft Azure, customers can use this service to recover to a cleanroom in the cloud “at the ready,” helping to ensure rapid, frictionless, and reliable recoveries. This offering is great for customers that want to conduct incident response testing on a routine basis.

Commvault Cloud Goes Platinum

Commvault is introducing Platinum Resilience, a fully managed service that provides unmatched protection, engagement, and responsiveness to cybersecurity threats and disaster situations. This service, which is being introduced to select customers as part of an early access preview program with full availability planned in early CY 2024, provides the following:

• Everything from A-Z: Enterprise-grade backup and recovery, advanced AI driven automation, cyber deception, recovery testing and readiness checks, advanced reporting, security audits, custom telemetry, and so much more.
• A dedicated, secured, isolated control plane: For powerful and comprehensive hybrid data protection and resilience, with the ease of use of the cloud. 
• A ransomware readiness and response team available 24×7: To optimize everything from setup to ongoing testing and validation to recovery upon a cyber event.

Commvault is so confident that Platinum Resilience offers the best in end-to-end cyber resilience, it comes with the Commvault Protection Warranty to give everyone from IT managers to board members peace of mind that recovery from an attack is guaranteed.

Customers wishing to be part of the early access program should click here. Commvault is also offering a variety of other packaged bundled solutions that provide exceptional choice based on the needs of the customer.  

Ushering New Opportunities for Customers on Oracle Cloud Marketplace

Commvault also announced today that customers can access the power of Commvault Cloud via private offers through the Oracle Cloud Marketplace, a centralized repository of enterprise applications offered by Oracle and Oracle partners. Through this integration, customers can now procure and provision tested Commvault solutions directly from the Oracle Cloud Marketplace.

Commvault Cloud is also available on: Microsoft Azure Marketplace, AWS Marketplace, Google Cloud Marketplace, and Salesforce AppExchange. 

Supporting Quotes: Partners

Dell Technologies: “The new API integration between Dell’s industry-leading purpose-built backup appliances and Commvault Cloud, powered by Metallic AI, comes at a time of escalating threats and the need for rapid and comprehensive cyber resilience,” said David Noy, Vice President, Product Management, Data Protection, Dell Technologies. “We believe this integration will simplify management, increase performance and efficiency, and provide seamless access to our unique cyber recovery vaults.”

Fujitsu: “We are excited about the innovation Commvault is bringing to solve customers’ cyber resilience challenges,” said Christian Leutner, Head of European Platform Business, Fujitsu. “Their focus on security, data protection, AI and business continuity is perfectly aligned with our strategic focus at Fujitsu.”

Hitachi Vantara: “Cyber resiliency in today’s hybrid cloud environments is one of the most critical issues facing our customers,” said Dan McConnell, SVP Product Management, Enterprise Infrastructure, Hitachi Vantara. “Today’s announcement establishes Commvault as a leader in the space. Hitachi Vantara and Commvault are strategically aligned in helping customers address this issue.”

HPE: “Data is the fuel of the AI era, and HPE is radically simplifying how our customers store, manage and protect it, so they can extract full value,” said Kyle Fitze, Vice President for Partner Enabled and OEM Products, HPE Storage. “Building on our long-standing relationship and integrations with Commvault, we’re thrilled to offer new Commvault Cloud capabilities to our joint customers as a complement to HPE technologies. The built-in security and AI capabilities will play a vital role in helping enterprises optimize and protect their data.”

Microsoft: “Together, Microsoft and Commvault brought Cyber Resilience with the power of the Microsoft Cloud as a service to thousands of enterprises. Then, we added the power of air-gapped, immutable, and indelible storage in the cloud. Now we are building on that with Commvault’s Cleanroom Recovery with Microsoft. It’s designed to enable customers to confidently recover to Azure by providing a clean location and recovery environment – which is critical in the face of an attack,” said Alvaro Celis, VP Solution Areas ISVs, Microsoft.

Oracle: “As enterprises face heightened cyber threats, the availability of Commvault’s cyber resilience platform on the Oracle Cloud Marketplace can help customers keep their data protected, secure, and resilient,” said David Hicks, Group Vice President, Worldwide ISV Cloud Business Development, Oracle.

Pure Storage: “Speed and scale are at the heart of Pure Storage’s collaboration with Commvault and together we have a singular vision: to build massively scalable solutions that prioritize our customers’ needs,” said Mark Bridges, Head of Global Alliances, Pure Storage. “We are reinforcing our longstanding relationship to provide ultra-fast recovery at scale, empowering our customers to operate with confidence – especially in today’s digital age where threats like ransomware are a constant.”

VAST Data: “VAST Data is revolutionizing accelerated computing by delivering ground-breaking infrastructure that provides the performance, scale and simplicity required for managing today’s most-demanding workloads – all at transformative economics,” said George Axberg III, Vice President, Data Protection, VAST Data. “By combining Commvault’s next-gen autonomous resilience capabilities with the VAST Data Platform, together we are advancing AI-powered-cyber resiliency for our joint customers, offering data protection, security against ransomware, and faster return to normal operations across core, edge, and cloud environments.”

Supporting Quotes: Customers

American Pacific Mortgage: “Every security and IT leader is pressured to do more with less,” said Michele Buschman, CIO, American Pacific Mortgage. “That’s why I’m excited to see Commvault using AI to drive cyber recovery with the power CISOs require, and with the cloud simplicity, speed, and scale my team wants on a daily basis.”

Persistent: “At Persistent, we know cyber resilience,” said Rajiv Sodhi, Senior Vice President for Hyperscaler Business and Strategic Alliances, Persistent. “We proactively chose to become an early adopter of Commvault Cloud, enhancing our own security posture with fast recovery and AI capabilities. We are excited to now bring a new standard for cyber resilience to our clients through our partnership with Commvault.”

Related Announcements and Availability

Today, Commvault also announced extensive integrations with leading security and AI partners that can help customers improve their security posture and get more value from their existing infrastructure. For more on that, please read this press release.

The following offerings are targeted for general availability by the end of the calendar year in tandem with Commvault’s next software release: Unified management between the company’s SaaS and software offerings on one platform with Commvault Cloud, Commvault’s AI co-pilot Arlie, active insights, code assistance, custom walk-throughs, root cause remediation, advanced threat prediction, Cloudburst™ Recovery, and Cleanroom Recovery. 

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience. The company empowers customers to uncover, take action, and rapidly recover from cyberattacks – keeping data safe and businesses resilient. The company’s unique AI-powered platform combines best-in-class data protection, exceptional data security, advanced data intelligence, and lightning-fast recovery across any workload or cloud at the lowest TCO. For over 25 years, more than 100,000 organizations and a vast partner ecosystem have relied on Commvault to reduce risks, improve governance, and do more with data.

---

References

1. Goodwin, P. (2023). The cyber-resilient organization: maximum preparedness with bulletproof recovery [White paper]. IDC.

Investor Relations Contact
Michael J. Melnyk, CFA 732-870-4581 mmelnyk@commvault.com

(Download Financial Tables)

Tinton Falls, N.J. – October 31, 2023 – Commvault [Nasdaq: CVLT] today announced its financial results for the fiscal second quarter ended September 30, 2023. 

“Our Q2 total revenue growth accelerated, driven by our hyper-growth SaaS platform, and we delivered robust operating margin leverage,” said Sanjay Mirchandani, President and CEO. “Next week, at Commvault SHIFT, we’ll unveil our cyber resilience platform, combining our leading data protection capabilities with comprehensive new security and AI-powered innovations that are critical for customers in an era of escalating cyber-attacks.”

Fiscal 2024 Second Quarter Highlights –

• Total revenues were $201.0 million, up 7% year over year
• Total ARR¹ grew to $711 million, up 18% year over year
• Subscription revenue was $97.8 million, up 25% year over year
• Subscription ARR¹ grew to $530 million, up 32% year over year
• Income from operations (EBIT) was $17.6 million, an operating margin of 8.8%
• Non-GAAP EBIT² was $42.0 million, an operating margin of 20.9%
• Operating cash flow of $40.3 million, with free cash flow² of $40.1 million
• Second quarter share repurchases were $31.3 million, or approximately 442,000 shares of common stock

Financial Outlook for Third Quarter and Full Year Fiscal 2024 –

We are providing the following guidance for the third quarter of fiscal year 2024:

• Total revenues are expected to be between $206 million and $210 million
• Subscription revenue is expected to be between $106 million and $110 million
• Non-GAAP operating margin² is expected to be approximately 21%

We are providing the following updated guidance for the full fiscal year 2024:

• Total revenues are expected to be between $812 million and $822 million
• Total ARR¹ is expected to grow 14% year over year
• Subscription revenue is expected to be between $408 million and $418 million
• Non-GAAP operating margin² is expected to grow between 50 to 100 basis points year over year
• Free cash flow² is expected to be approximately $170 million

The above statements are based on the incorporation of actual second quarter results and current targets. These statements are forward looking and made pursuant to the safe harbor provisions discussed in detail below. We do not undertake any obligation to update these forward-looking statements. Actual results may differ materially from anticipated results.

(Download Financial Tables)

Use of Non-GAAP Financial Measures
Commvault has provided in this press release the following non-GAAP financial measures: non-GAAP income from operations (EBIT), non-GAAP income from operations margin, non-GAAP net income, non-GAAP diluted earnings per share, non-GAAP free cash flow, annualized recurring revenue (ARR) and subscription ARR. This financial information has not been prepared in accordance with GAAP. Commvault uses these non-GAAP financial measures internally to understand, manage and evaluate its business and make operating decisions. In addition, Commvault believes these non-GAAP operating measures are useful to investors, when used as a supplement to GAAP financial measures, in evaluating Commvault’s ongoing operational performance. Commvault believes that the use of these non-GAAP financial measures provides an additional tool for investors to use in evaluating ongoing operating results and trends, and in comparing its financial results with other companies in Commvault’s industry, many of which present similar non-GAAP financial measures to the investment community. Commvault has also provided its revenues on a constant currency basis. Commvault analyzes revenue growth on a constant currency basis in order to provide a comparable framework for assessing how the business performed excluding the effect of foreign currency fluctuations.

All of these non-GAAP financial measures should be considered as a supplement to, and not as a substitute for, financial information prepared in accordance with GAAP. Investors are encouraged to review the reconciliation of these non-GAAP measures to their most directly comparable GAAP financial measures, which are included in this press release. (Download Financial Tables)

Non-GAAP income from operations and non-GAAP income from operations margin. These non-GAAP financial measures exclude noncash stock-based compensation charges and additional Federal Insurance Contribution Act (FICA) and related payroll tax expense incurred by Commvault when employees exercise in the money stock options or vest in restricted stock awards. Commvault has also excluded restructuring costs and noncash amortization of intangible assets from its non-GAAP results. These expenses are further discussed in Table IV. Commvault believes that these non-GAAP financial measures are useful metrics for management and investors because they compare Commvault’s core operating results over multiple periods.  When evaluating the performance of Commvault’s operating results and developing short- and long-term plans, Commvault does not consider such expenses. 

Although noncash stock-based compensation and the additional FICA and related payroll tax expenses are necessary to attract and retain employees, Commvault places its primary emphasis on stockholder dilution as compared to the accounting charges related to such equity compensation plans. Commvault believes that providing non-GAAP financial measures that exclude noncash stock-based compensation expense and the additional FICA and related payroll tax expenses incurred on stock option exercises and vesting of restricted stock awards allow investors to make meaningful comparisons between Commvault’s operating results and those of other companies.

There are a number of limitations related to the use of non-GAAP income from operations and non-GAAP income from operations margin.  The most significant limitation is that these non-GAAP financial measures exclude certain operating costs, primarily related to noncash stock-based compensation, which is of a recurring nature. Noncash stock-based compensation has been, and will continue to be for the foreseeable future, a significant recurring expense in Commvault’s operating results.  In addition, noncash stock-based compensation is an important part of Commvault’s employees’ compensation and can have a significant impact on their performance. The following table presents the stock-based compensation expense included in cost of revenues, sales and marketing, research and development and general and administrative ($ in thousands):

The components that Commvault excludes in its non-GAAP financial measures may differ from the components that its peer companies exclude when they report their non-GAAP financial measures. Due to the limitations related to the use of non-GAAP measures, Commvault’s management assists investors by providing a reconciliation of each non-GAAP financial measure to the most directly comparable GAAP financial measure. Commvault’s management uses non-GAAP financial measures only in addition to, and in conjunction with, results presented in accordance with GAAP. 

Non-GAAP net income and non-GAAP diluted earnings per share (EPS).  In addition to the adjustments discussed in non-GAAP income from operations, non-GAAP net income and non-GAAP diluted EPS incorporates a non-GAAP effective tax rate of 27%. 

Commvault anticipates that in any given period its non-GAAP tax rate may be either higher or lower than the GAAP tax rate as evidenced by historical fluctuations. The GAAP tax rates in recent fiscal years were not meaningful percentages due to the dollar amount of GAAP pre-tax income.  For the same reason as the GAAP tax rates, the estimated cash tax rates in recent fiscal years are not meaningful percentages. Commvault defines its cash tax rate as the total amount of cash income taxes payable for the fiscal year divided by consolidated GAAP pre-tax income. Over time, Commvault believes its GAAP and cash tax rates will align.

Commvault considers non-GAAP net income and non-GAAP diluted EPS useful metrics for Commvault management and its investors for the same basic reasons that Commvault uses non-GAAP income from operations and non-GAAP income from operations margin. In addition, the same limitations as well as management actions to compensate for such limitations described above also apply to Commvault’s use of non-GAAP net income and non-GAAP diluted EPS.

Non-GAAP free cash flow.  Commvault defines this non-GAAP financial measure as net cash provided by operating activities less purchases of property and equipment. Commvault considers non-GAAP free cash flow a useful metric for Commvault management and its investors in evaluating Commvault’s ability to generate cash from its business operations. In addition, the same limitations as well as management actions to compensate for such limitations described above also apply to Commvault’s use of non-GAAP free cash flow.

Conference Call Information
Commvault will host a conference call today, October 31, 2023 at 8:30 a.m. Eastern Time (5:30 a.m. Pacific Time) to discuss quarterly results. The live webcast and call dial-in numbers can be accessed by registering under the “Events” section of Commvault’s website. An archived webcast of this conference call will also be available following the call.

About Commvault
Commvault (NASDAQ: CVLT) is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected. For over 25 years, more than 100,000 organizations have relied on Commvault to keep their data secure and ready to drive business growth.  Learn more at Commvault.com or follow us at @Commvault.

Safe Harbor Statement
This press release may contain forward-looking statements, including statements regarding financial projections, which are subject to risks and uncertainties, such as competitive factors, difficulties and delays inherent in the development, manufacturing, marketing and sale of software products and related services, general economic conditions, outcome of litigation and others. For a discussion of these and other risks and uncertainties affecting Commvault’s business, see “Item IA. Risk Factors” in our annual report on Form 10-K and “Item 1A. Risk Factors” in our most recent quarterly report on Form 10-Q. Statements regarding Commvault’s beliefs, plans, expectations or intentions regarding the future are forward-looking statements, within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. All such forward-looking statements are made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995. Actual results may differ materially from anticipated results. Commvault does not undertake to update its forward-looking statements.

---

1. Annualized Recurring Revenue (ARR) is defined as the annualized recurring value of all active contracts at the end of a reporting period.  It includes the following contract types: subscription (including term licenses, SaaS and utility software), maintenance contracts related to perpetual licenses, other extended maintenance contracts (enterprise support), and managed services.  It excludes any element of the arrangement that is not expected to recur, primarily perpetual licenses and most professional services. Subscription ARR includes only term licenses, SaaS and utility software arrangements. Contracts are annualized by dividing the total contract value by the number of days in the contract term, then multiplying by 365.

ARR should be viewed independently of GAAP revenue, deferred revenue and unbilled revenue and is not intended to be combined with or to replace those items. ARR is not a forecast of future revenue. Management believes that reviewing this metric, in addition to GAAP results, helps investors and financial analysts understand the value of Commvault’s recurring revenue streams versus prior periods.

2. A reconciliation of GAAP to non-GAAP results has been provided in Finance Statement Table IV included in this press release. An explanation of these measures is also included under the heading “Use of Non-GAAP Financial Measures.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

Hathaway brings over three decades of cybersecurity and digital risk management strategy for governments, global organizations, and Fortune 500 companies

TINTON FALLS, NJ – October 30, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today announced that Melissa Hathaway will join Commvault as a strategic advisor and serve as the chairperson for Commvault’s newly formed Cyber Resilience Council. Under Hathaway’s leadership, the council will advise on emerging security trends and cyber threats as well as highlight best-practices in cyber resilience, all of which can play a key role in shaping product development, defining partnership opportunities, and guiding business strategies.

Hathaway brings a unique combination of policy, technical expertise, and boardroom experience to Commvault. As President of Hathaway Global Strategies, she consults Fortune 500 companies on cybersecurity, enterprise risk management, and technology assessment. She advises clients regarding emerging cyber threats, policy initiatives, regulation, and other industry matters that may affect their current and future business.

Hathaway has worked with the highest levels of governments. She served in two presidential administrations, leading the Cyberspace Policy Review for President Barack Obama and the Comprehensive National Cybersecurity Initiative for President George W. Bush. She received the National Intelligence Reform Medal and the National Intelligence Meritorious Unit Citation for her leadership.

She has also worked extensively with international institutions like NATO, the International Telecommunications Union, the Organization of American States, and the World Bank, and is affiliated with distinguished institutions, including Harvard Kennedy School’s Belfer Center for Science and International Affairs, Canada’s School of Public Service, and Toronto Metropolitan University.

At Commvault, she is poised to steer the Cyber Resilience Council towards making meaningful and lasting impacts.

“I’m delighted to serve as a strategic advisor to Commvault and work with members of the Cyber Resilience Council,” Hathaway said. “In an era of non-stop and escalating cyber threats, the need for cyber resilience has never been more imperative. Commvault plays a leading role in helping companies detect, respond and, if necessary, quickly recover from attacks. I look forward continuing to work with Commvault to advance resilience for organizations globally.” 

“We are thrilled to have Melissa Hathaway, a true luminary in the field of cybersecurity, lead our Cyber Resilience Council,” said Sanjay Mirchandani, President and CEO, Commvault. “Her deep expertise, coupled with our mission, will undoubtedly help Commvault continue to pave the way for a safer, more resilient digital future.”

To learn more about the Commvault Cyber Resilience Council, its roadmap, upcoming events, and next steps, please visit the Commvault website.

About Commvault
Commvault (NASDAQ: CVLT) is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected. For over 25 years, more than 100,000 organizations have relied on Commvault to keep their data secure and ready to drive business growth. Learn more at www.commvault.com or follow us @Commvault.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

Helping ensure exceptional data security and rapid recoverability for Australian government agencies and IT partners

TINTON FALLS, NJ – October 26, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today announced that its portfolio of SaaS-delivered data protection solutions has achieved Australia’s Infosec Registered Assessor Program (IRAP) certification at PROTECTED level. Administered by the Australian Cyber Security Centre (ACSC), the IRAP framework ensures that technology providers meet the highest security and integrity protocols in line with the Australian government’s information security standards.

IRAP provides a common framework to certify a solution’s security posture and resiliency from advanced threats. By conducting an in-depth examination of software architecture, design, and security protocols, IRAP certification ensures Commvault’s SaaS data protection solutions meet stringent ISM (Information Security Manual) security requirements, and that government agencies and contractors can confidently adopt Commvault solutions. It also further exemplifies Commvault’s commitment to global data security, adding to its current position as the only SaaS data protection portfolio to meet FedRAMP High (In Process) status, with the approved ATO signed by the Department of Treasury on July 12, 2023.

“While IRAP is an Australian-centric security framework, this certification underlines the country’s global commitment to upholding best-in-class security standards, resonating with frameworks like FedRAMP. Achieving IRAP certification is a testament to our mission of providing industry-leading protection of data against ransomware and the evolving cyber threat landscape,” said Martin Creighan, Vice President for Asia Pacific, Commvault.

With cyber threats continuing to escalate, private and public sector entities are under increased pressure to bolster their data security and cyber recovery measures. In fact, according to a new Commvault report commissioned in partnership with IDC, both IT and business leaders understand the constant risk and dire consequences of a cyber attack, with 61% of respondents believing that data loss within the next 12 months is “likely” to “highly likely” to occur due to increasingly sophisticated access.¹

Combatting these concerns, Australia’s IRAP assessment falls under the Security Legislation Amendment (Critical Infrastructure) Bill, introduced to Parliament in 2020. The amendment has a National Security focus and was put in place to manage risks posed in particular by foreign involvement in Australia’s critical infrastructure, considering that a significant amount of the country’s infrastructure is privately owned. 

Commvault’s entire portfolio of SaaS-delivered data protection solutions are IRAP-certified and are built into its commercial offering.  

Commvault’s enhanced security capabilities and solutions for cyber resilience are not only designed to offer exceptional compliance capabilities, but also offer peace of mind in terms of rapid recovery – critical in an age of escalating and non-stop cyber threats. Join Commvault virtually on November 9^th, 2023 for SHIFT: The Global Cyber Resilience Event to “Leave the Chaos Behind” and explore a new approach to cyber resilience that combines security, data protection, data intelligence, cloud, and recovery.

About Commvault
Commvault (NASDAQ: CVLT) is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected. For over 25 years, more than 100,000 organizations have relied on Commvault to keep their data secure and ready to drive business growth. Learn more at www.commvault.com or follow us @Commvault.

References
1. Goodwin, P. (2023). The cyber-resilient organization: maximum preparedness with bulletproof recovery [White paper]. IDC. https://www.commvault.com/resources/analyst-report/idc-whitepaper-the-cyber-resilient-organization

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

Helping ensure exceptional data security and rapid recoverability for Australian government agencies and IT partners

TINTON FALLS, NJ – October 26, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today announced that its portfolio of SaaS-delivered data protection solutions has completed an assessment by the Infosec Registered Assessor Program (IRAP) at the PROTECTED level. Administered by the Australian Cyber Security Centre (ACSC), the IRAP framework ensures that technology providers meet the highest security and integrity protocols in line with the Australian government’s information security standards.

IRAP provides a common framework to assess a solution’s security posture and resiliency from advanced threats. By conducting an in-depth examination of software architecture, documentation, design, and security protocols, an IRAP assessment ensures government agencies and contractors can confidently adopt Commvault solutions by being informed of their compliance and risk status as well as their security responsibilities. It also further exemplifies Commvault’s commitment to global data security, adding to its current position as the only SaaS data protection portfolio to meet FedRAMP High (In Process) status, with the approved ATO signed by the Department of Treasury on July 12, 2023.

“While IRAP is an Australian-centric security framework, this assessment underlines the country’s global commitment to upholding best-in-class security standards, resonating with frameworks like FedRAMP. Completing an IRAP assessment is a testament to our mission of providing industry-leading protection of data against ransomware and the evolving cyber threat landscape,” said Martin Creighan, Vice President for Asia Pacific, Commvault.

With cyber threats continuing to escalate, private and public sector entities are under increased pressure to bolster their data security and cyber recovery measures. In fact, according to a new Commvault report commissioned in partnership with IDC, both IT and business leaders understand the constant risk and dire consequences of a cyber attack, with 61% of respondents believing that data loss within the next 12 months is “likely” to “highly likely” to occur due to increasingly sophisticated access.¹

The scope of the assessment included Commvault’s Software as a Service Cloud Service Offering (named Metallic) deployed within the Australian Region of Microsoft Azure Cloud.

Commvault’s enhanced security capabilities and solutions for cyber resilience are not only designed to offer exceptional compliance capabilities, but also offer peace of mind in terms of rapid recovery – critical in an age of escalating and non-stop cyber threats. Join Commvault virtually on November 9^th, 2023 for SHIFT: The Global Cyber Resilience Event to “Leave the Chaos Behind” and explore a new approach to cyber resilience that combines security, data protection, data intelligence, cloud, and recovery.

About Commvault

Commvault (NASDAQ: CVLT) is the gold standard in cyber resilience, helping more than 100,000 organizations to uncover, take action, and rapidly recover from cyber attacks—keeping data safe and businesses resilient and moving forward. Today, Commvault offers the only cyber resilience platform that combines the best data security and rapid recovery at enterprise scale across any workload, anywhere with advanced AI-driven automation—at the lowest TCO.

References
1. Goodwin, P. (2023). The cyber-resilient organization: maximum preparedness with bulletproof recovery [White paper]. IDC. https://www.commvault.com/resources/idc-whitepaper-the-cyber-resilient-organization-maximum-preparedness-with-bulletproof-recovery

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

SHIFT attendees to hear the latest on AI-driven innovations, critical security advancements, and comprehensive partnerships that shape the future of cyber resilience featured at virtual event on November

TINTON FALLS, NJ – October 18, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today announced the kickoff of SHIFT, a highly anticipated, worldwide set of events focused on one of the most pressing issues in the enterprise today: cyber resilience. The first event, which is invite-only, takes place in New York City on November 8, followed by a series of global simulcasts on November 9 in local time zones. To register for one of the simulcasts on November 9, click here.

Today’s landscape is rife with challenges, from ransomware and other cyber threats, to the exponential increase in data scattered across on-premises, hybrid, and multi-cloud environments, to evolving threats fueled by the rise in AI. The technology world is at a turning point where the need for a new approach to data security and cyber resilience has never been clearer. SHIFT is not just an event; it’s a call to action. Together, Commvault and its partners are working to redefine cyber resilience for the AI and ransomware era.

Attendees will gain insights into the complex and evolving landscape of cyber threats. They will also learn about Commvault’s transformative approach to cyber resilience, bringing together the worlds of security, data protection, data intelligence, cloud, and recovery. And, they will discover modern solutions that offer enterprise-ready cyber resilience to protect their data wherever it lives and help ensure rapid, predictable recovery in the face of escalating cyber threats at the lowest TCO.

At SHIFT, Commvault will introduce and shed light on:

• A groundbreaking reveal: Commvault’s most exciting announcement in its 27-year legacy.
• AI-driven cyber resilience: Strategies to harness AI’s power to bolster security across hybrid infrastructures while getting greater insights from data.
• Data security innovations: Redesigned solutions that can play a critical role advancing an end-to-end security posture.
• Strategic partnerships: Extensive advancements and endorsements across the partner ecosystem, from cloud service providers and global service integrators to strategic alliance partners and AI and security collaborations.
• Real-world testimonials: Insights from customers, partners, and industry luminaries on how Commvault’s innovations are reshaping their cyber resilience strategies.
• Expert panels: Engaging roundtable discussions will further enrich the event, featuring stories from customers and partners on their success and resilience journeys.

The speaker lineup boasts an impressive array of experts. A sampling of speakers includes:

• Sanjay Mirchandani, Commvault’s CEO, will discuss a transformative solution for enterprise-level cyber resilience.
• Melissa Hathaway and Moriah Hara, respected cybersecurity advisors, will talk about the growing threat of cybercrime, cyber terrorism, and ransomware, and what this means for the enterprise.
• Rajiv Kottomtharayil, Commvault’s Chief Product Officer, will also share perspectives on the latest cyber threats and Commvault’s innovative solutions that can give customers an unfair advantage against bad actors.

Attendees that would like to register for the simulcast on November 9 can choose from one of the following times:

• Europe: 9:30 am GMT
• Asia Pacific / Japan: 11:30 am SGT
• Americas: 1:00 pm ET

And, for a listing of all upcoming webinars and events in the months ahead, please click here.

About Commvault

Commvault (NASDAQ: CVLT) is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected. For over 25 years, more than 100,000 organizations have relied on Commvault to keep their data secure and ready to drive business growth. Learn more at www.commvault.com or follow us @Commvault.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

New hire signals Commvault’s continued commitment to redefining cyber resilience and securing modern hybrid enterprises

TINTON FALLS, NJ – October 16, 2023 – Commvault^®, an enterprise data protection leader for today’s global businesses,announced that veteran security leader Alex Janas has joined the company as its new Field Chief Technology Officer overseeing security. With Janas’ appointment, Commvault is doubling down on its commitment to redefine data protection and deliver cyber resilience with industry-leading threat detection and rapid recovery capabilities.

“The line between IT operations and security operations is blurring, creating an IT collision of new vulnerabilities that enterprises need to properly control,” said Rahul Pawar, CTO, Global Services and Solutions, Commvault. “Alex’s experience going head-to-head with the toughest cyber threats out there gives us the invaluable insight to develop an offensive security posture and help keep our customers safe from these ongoing, pervasive autonomous threats.”

Janas comes to Commvault with nearly 20 years of private sector cybersecurity experience, as well as offensive security skills he developed as an Analyst, Operator, and Technical Director while working at the National Security Agency. He is a proud recipient of the Master Operator designation, a prestigious honor bestowed upon a select cadre of Computer Network Operations (CNO) personnel. His career stands as a testament to his deep expertise, unwavering commitment to national security, and protection of the private sector while leading and mentoring other experts in the continually evolving field of cybersecurity.

“The rapidly evolving threat landscape forces defenders to react and respond on their adversaries’ timetable and magnitude,” said Janas. “To effectively challenge this asymmetry, we need to create strategies that increase the operational risks and costs for attackers and minimize the fallout for victims, while also scaling and keeping pace with an attacker’s adaptations. Being a part of Commvault allows me to apply my offensive cybersecurity experience to enhance a product that is a pivotal layer in a company’s overarching cybersecurity strategy.”

About Commvault

Commvault (NASDAQ: CVLT) is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected. For over 25 years, more than 100,000 organizations have relied on Commvault to keep their data secure and ready to drive business growth. Learn more at www.commvault.com or follow us @Commvault.

Media Contact:	Investor Relations Contact:
Kevin Komiega Commvault 978-834-6898 kkomiega@commvault.com	Michael J. Melnyk, CFA Commvault 732-870-4581 mmelnyk@commvault.com

While boardroom alarms ring louder, the C-Suite’s involvement in cyber preparedness is often still notably absent

TINTON FALLS, NJ – October 16, 2023 – Commvault, a leading provider of data protection and cyber resilience solutions for hybrid cloud organizations, today released a new IDC report commissioned by Commvault entitled, “The Cyber-Resilient Organization: Maximum Preparedness with Bullet-Proof Recovery Survey.”

In this report, IDC surveyed more than 500 security and IT operations leaders worldwide to get a current view of how organizations are perceiving modern security threats and approaching cyber resilience. Many of the key findings of this report can be broken down into three areas: C-level engagement in cyber preparedness initiatives; fears around data loss and vulnerable workloads; and the need for automation.

Cyber resilience starts in the C-suite – or does it?

The research shows that in many cases, senior executives/line-of-business leaders are minimally engaged in their company’s cyber preparedness initiatives — only one-third (33%) of CEOs or managing directors and less than a quarter (21%) of other senior leaders are heavily involved. According to the research, the majority (52%) of senior leaders have no involvement in their company’s cyber cases.

In addition to a lack of executive engagement, there is also often confusion between ITOps and SecOps teams in terms of who is doing what when it comes to cyber preparedness. Only 30% of SecOps teams fully understand ITOps’ roles and responsibilities for cyber preparedness and response, and similarly, only 29% of ITOps teams fully understand what falls to SecOps.

According to IDC, business leaders need to play a key role in ensuring companies prioritize cyber preparedness. Additionally, organizations must ensure there is complete alignment between ITOps and SecOps teams as not doing so can make organizations more prone to successful attacks or lengthy recoveries.  

Data loss is a big concern, and some workloads are more vulnerable than others 

Sixty-one percent of respondents believe that data loss within the next 12 months is “likely” to “highly likely” to occur due to increasingly sophisticated attacks. Of the respondents surveyed, on-premises workloads were thought to be more vulnerable than cloud workloads. On a scale of 1-5, with 5 being highly vulnerable, respondents rated on-premises data repositories a 2.8 and physical workloads a 2.77 – higher than that of cloud workloads (2.67).

Data exfiltration remains the preferred tactic, and manual detection processes are falling short

The research also shows that data exfiltration attacks – when malware or a malicious actor carries out an unauthorized data transfer – occur almost 50% more often than encryption attacks, where hackers aim to decode encrypted data. Respondents ranked phishing as the most concerning threat to address, given that most ransomware attacks begin with a successful attack on user credentials.

Additionally, as cyber attackers deploy more clever tactics, relying on manual detection and reporting processes are very likely to result in missed anomalies and successful attacks. A potential solution – automation – could lead to faster detection to mitigate the intrusion impact. However, most organizations (57%) have limited automation for key functions, increasing their chances of missing a threat before it happens; only 22% report being fully automated. 

“Cyber attackers never rest and are constantly discovering ways to exploit vulnerabilities. A truly effective cyber resilience strategy must go beyond just backup and recovery. It’s crucial that organizations adopt a new approach that spans prevention, mitigation, and recovery,” said Phil Goodwin, Research Vice President, Infrastructure Systems, Platforms and Technologies Group, IDC. “Whether on-premises, in the cloud, or in a hybrid environment, they must integrate multiple layers of defense. With AI now a tool for both defense and offense, the urgency for comprehensive cyber resilience has never been more evident.”

“We are beyond just reacting to cyber threats. The C-suite must ensure teams are prioritizing proactive defense, real-time threat intelligence, and robust risk management to pave the way for genuine cyber resilience,” said Javier Dominguez, CISO, Commvault. “It’s also critical that SecOps and ITOps teams work closely together to look holistically at their security posture, end-to-end. With Commvault, resilience isn’t an afterthought – it’s the blueprint.”  

To review the full survey results, visit commvault.com/gc/idc-whitepaper-the-cyber-resilient-organization.

Methodology

Commvault sought to learn how organizations are approaching cyber resilience, what gaps in cyber responses are common, and best-practices as learned and described by senior IT professionals. To facilitate this research, Commvault commissioned IDC to conduct an independent effort in finding answers to these important issues.

The research methodology used by IDC involved the most comprehensive methodology possible, involving all three primary research methodologies: focus group of eight IT leaders of major US companies (several multinationals) with CIO, CTO, and CISO titles; individual in-depth interviews of other CIOs; and a worldwide survey of senior IT and security professionals with an n = 513.

About Commvault

Commvault (NASDAQ: CVLT) is a global leader in cloud data protection. Our industry-leading platform redefines the next generation of data protection as the only solution with comprehensive data protection, proactive data defense, advanced ransomware protection, and a single view across all your data. This lets you secure, defend, and recover your data, applications, and production workloads – on-premises, in the cloud, over SaaS, or spread across hybrid and multi-cloud environments. The result is early warning of attacks, active defense to reduce the impact of intrusion, and rapid, accurate recovery of your data. Simply put, Commvault is data, protected. For over 25 years, more than 100,000 organizations have relied on Commvault to keep their data secure and ready to drive business growth. Learn more at www.commvault.com or follow us @Commvault.