Abstract: Aspects of the disclosure provide continual backup verification for ransomware detection and recovery of fileless malicious logic. On an ongoing basis, even prior to detecting an attack within a production environment, each of a plurality of backup virtual machines (VMs) is executed in an isolation environment and subject to behavior monitoring to detect malicious logic (e.g., ransomware). If malicious logic is detected in a backup VM, an alert is generated and/or that backup VM is marked as unavailable for use as a restoration backup, in order to avoid re-infecting the production environment. In some examples, a backup VM with malicious logic is cleaned and returned to the pool of available backups that are suitable for use. Because the production environment is not burdened, in some examples, the probability of detection for finding malicious logic in the isolation environment is set higher than what is used in the production environment.

Abstract: A method for virtual computing instance remediation is provided. Some embodiments include retrieving a first backup of a virtual machine from storage, the first backup comprising configuration information and data of the virtual machine, the configuration information comprising network connectivity information in a first software defined data center (SDDC) running on a first set of host machines. Some embodiments include configuring a second SDDC running on a second set of host machines based on the configuration information, where the second SDDC is network isolated from the first SDDC and powering on the virtual machine from the first backup in the second SDDC. Some embodiments include sending, from the virtual machine to a security platform, behavior information of the virtual machine running in the second SDDC and determining, based on the behavior information, whether the virtual machine running in the second SDDC is infected with malware.

Abstract: Methods and systems are provided for concurrently upgrading a primary database and a standby database that is synchronized with the primary database, while still protecting the stored data from the risk of hardware or other failure during the upgrade process. The standby database is mounted to an NFS (Network File System) located on a database access node. The upgraded primary and standby databases are built and mounted to the NFS mount point. A level-zero backup and one or more incremental backups of the deprecated standby database are generated. Each backup may be concurrently transferred to the upgraded databases via the mount point. Upon generation of a final incremental backup, the primary database is frozen and the tablespace metadata to transferred to the upgraded databases via the mount point. The upgraded primary database may be started upon importing of the tablespace metadata.

Abstract: Methods and systems are provided for concurrently upgrading a primary database and a standby database that is synchronized with the primary database, while still protecting the stored data from the risk of hardware or other failure during the upgrade process. The standby database is mounted to an NFS (Network File System) located on a database access node. The upgraded primary and standby databases are built and mounted to the NFS mount point. A level-zero backup and one or more incremental backups of the deprecated standby database are generated. Each backup may be concurrently transferred to the upgraded databases via the mount point. Upon generation of a final incremental backup, the primary database is frozen and the tablespace metadata to transferred to the upgraded databases via the mount point. The upgraded primary database may be started upon importing of the tablespace metadata.