Over the years, Druva has developed services for protecting and managing data and tools for governance and compliance. Today, it took that idea one step further when it added ransomware and anomaly detection.
The company decided to develop a ransomware detection tool after finding that customers were using Druva to help manage the ransomware recovery process. Restoring data has always been a Druva strength, and it made sense to put the two together, CEO Jaspreet Singh explained.
“We saw a bunch of customers use the whole notion of data management for malware/ ransomware recovery. Our customers had a malware/ransomware tool and us as recovery, but putting the two together was challenging,” Singh told TechCrunch.
That’s when the company decided it might make sense to build its own anomaly detection tool and move from being purely reactive — helping recover from an incident — to being proactive and helping manage the incident.
Moving into this realm presented challenges for Druva, and they admit it took time to create a system that didn’t produce a lot of false positives. When you are looking for anomalies in a data management tool like Druva, many everyday activities like a system update or a critical eDiscovery action could seem like unusual activity. The key was finding what was actually malware.
The company tapped into machine learning algorithms to help understand the data better and reduce those false positives. “Machine learning is becoming a commodity in 2017. We’re using machine learning for course correction and understanding how the files change, rather than broad stroke anomaly detection focusing on one use case,” Singh said.
While Druva recognizes that it won’t be the first line of defense for bigger companies, it believes having this kind of protection in place will be really valuable for the small to mid-market customers who lack protection and recovery for ransomware attacks, while acting as a secondary line of defense for those that have other tools in place.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss the 20th anniversary of TechCrunch, and a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
Join 10k+ tech and VC leaders for growth and connections at Disrupt 2025
Netflix, Box, a16z, ElevenLabs, Wayve, Hugging Face, Elad Gil, Vinod Khosla — just some of the 250+ heavy hitters leading 200+ sessions designed to deliver the insights that fuel startup growth and sharpen your edge. Don’t miss a chance to learn from the top voices in tech. Grab your ticket before doors open to save up to $444.
“One thing to keep in mind, with ransomware, you need a two-layer approach to protecting the business. Ransomware is created and adapted so fast, it’s hard to keep up protection. We are a second line of defense and providing another tool in the toolbox to help minimize the blast radius of attacks,” Dave Packer, Druva’s VP of corporate and product marketing explained.
Druva was founded in 2008 and has raised $118 million, including its most recent $51 million round last September.
