Data Source
Veeam Data Platform solution ingests security events from Veeam Backup & Replication (VBR), Veeam ONE, and Coveware products via REST APIs and Function Apps.
Ingestion Mechanism
Function App-based connector supporting multiple data streams:
- Authorization events and user activity
- Malware detection results from backup scanning
- Security compliance analyzer findings
- Triggered alarms from Veeam ONE monitoring
- Best practice analysis results
Detection Surface Unlocked
- Backup infrastructure compromise detection through authorization monitoring
- Malware presence identification in backup repositories
- Licensing and compliance violation alerts
- Configuration security best practice enforcement
- Restore point integrity validation for ransomware recovery scenarios
Bundled Content
- 9 detection rules covering license violations, malware detection, and failed operations
- 4 parsers for normalizing Veeam event data
- 14 playbooks for automated response and data collection
- 2 workbooks for security monitoring and data platform oversight
Affected Files
253 files across Solutions/Veeam/ including complete solution structure with connectors, detections, parsers, playbooks, and workbooks