Veeam named Leader in Gartner 2025 backup & data report
Gartner has also placed Veeam in the highest position for Ability to Execute for the sixth consecutive year as outlined in the latest Magic Quadrant, a research report that assesses vendors in the backup and data protection sector.
The recognition comes as Veeam has introduced a series of new capabilities, especially within the Veeam Data Cloud portfolio. These developments include expanded protection options for Microsoft SaaS environments, expanded safeguarding for both Microsoft 365 and Entra ID user identities, and new features for predictable, immutable offsite storage to help further guard against ransomware attacks.
The company has also launched added support for Salesforce, widening the coverage of secure and recoverable enterprise cloud applications.
Market position
The Gartner Magic Quadrant is a widely referenced industry analysis which categorises technology providers into four quadrants based on their 'Ability to Execute' and 'Completeness of Vision.' Leaders occupy the highest positions across both axes, reflecting vendor capabilities and ongoing advancement in the field.
Gartner analysts report that these distinctions are based on comprehensive, fact-based research and support organisations seeking to align strategic decisions about data protection with the particular needs of their business.
Commenting on Veeam's continued placement, Anand Eswaran, Chief Executive Officer at Veeam, said, "Veeam's success is built on serving our customers' needs and supporting them as their technology needs evolve – from delivering the most complete end-to-end cyber resilience capabilities to giving them the freedom to choose where and how to store and use their data." "That commitment to innovation, which has been at the core of our company since its inception, continues today as the world moves to SaaS and as organisations are incorporating AI into their core business processes. Veeam is the one-stop shop for keeping critical data safe no matter what happens."
Veeam presently counts over 550,000 customers globally, including nearly 72% of the Global 2000 companies, who rely on its services for data protection and recovery needs.
Recent advancements
The company has added protection for the identities managed through Microsoft's Entra ID as part of its Microsoft SaaS offering. This, coupled with enhancements in offsite storage, is intended to improve resilience to increasingly prevalent ransomware threats.
There is also new support for Salesforce, which means a greater proportion of customer cloud applications are included within Veeam's protective umbrella, responding to increased demand for data security across diverse cloud-based platforms.
Gartner Magic Quadrant background
The Magic Quadrant is a recurring research tool used by organisations to assess technology vendors. According to Gartner, the reports "are a culmination of rigorous, fact-based research in specific markets, providing a wide-angle view of the relative positions of providers in markets where growth is high and provider differentiation is distinct." Providers are ranked in the quadrants of Leaders, Challengers, Visionaries, and Niche Players.
Gartner emphasises that the Magic Quadrant results should not be interpreted as endorsements or recommendations for a specific vendor, but instead as a resource intended to support organisations as they review the changing data protection landscape and make purchasing decisions based on their individual requirements.
Industry landscape
The backup and data protection sector continues to evolve alongside new security challenges, particularly the growth in cyber threats such as ransomware and demands driven by artificial intelligence and SaaS adoption.
Through its document, Gartner notes that the name and scope of the Magic Quadrant report has adapted to reflect these shifting industry priorities. It highlights the importance of robust research and considered decision making for technology and security leaders seeking to effectively safeguard business operations and data assets.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
a day ago
- Techday NZ
Upwind named CNADR company of the year & praised by analysts
Upwind has been recognised by Frost & Sullivan and Gartner in 2025, including being named Company of the Year in the CNADR sector and cited across several analyst reports. Frost & Sullivan awarded Upwind the 2025 Company of the Year title in the Global Cloud-Native Application Detection & Response (CNADR) market, highlighting the company's growth and approach to cloud-native security. At the same time, Upwind featured in Gartner's 2025 Market Guide for Cloud-Native Application Protection Platforms (CNAPP) and was listed as a sample vendor on three of Gartner's 2025 Hype Cycles related to workload and network security, container technologies, and platform engineering. Analyst assessments Upwind was featured in the Hype Cycle for Workload and Network Security, the Hype Cycle for Container Technologies, and the Hype Cycle for Platform Engineering for 2025, all under the CNAPP category. In these reports, CNAPP is identified by Gartner as a technology with a "High Benefit Rating" expected to reach mainstream adoption within two to five years, citing rising demand for consolidated cloud-native security solutions across Kubernetes and multicloud environments. Gartner's 2025 Market Guide for CNAPP includes Upwind among the representative vendors in a sector that, according to the guide, is consolidating security capabilities to provide full-lifecycle protection, from development to runtime in modern multicloud landscapes. The guide notes that CNAPPs are geared to deliver integrated protection across dynamic, container-based application environments. "Upwind's real-time insights and support have enhanced our cloud security operations," said Sardorbek Pulatov, VP Engineering & Security at Vestiaire Collective. "Upwind saves us a significant amount of time, helping our team focus on the truly critical alerts while disregarding low-priority findings. With Upwind, we are able to identify any vulnerabilities and can prioritise them for remediation - helping us operate more efficiently and securely." Gartner also noted in its Market Guide for CNAPP that, "by 2029, 40% of enterprises that successfully implement zero trust within cloud service provider environments will rely on the advanced visibility and control capabilities offered by CNAPP solutions". Additionally, Upwind reports a customer rating of 4.9 out of 5 on Gartner Peer Insights for CNAPP, based on verified reviews. Frost & Sullivan's report flagged Upwind's rapid annual growth of over 4,000 percent year-on-year and its success in integrating previously disparate tools into a single platform, noting its efforts in runtime intelligence in particular. Technical approach and platform features Upwind's cloud security platform is designed using a Runtime-first approach. The company states that its architecture, which incorporates a lightweight eBPF-based sensor, enables full-stack visibility and real-time threat response without adding operational overhead for development teams. A key feature of the Upwind platform is the "Threat Stories" capability, which connects runtime signals, configuration data, audit logs, and identity information in a unified dashboard. This allows security teams to trace threats directly to the source code or deployment pipeline responsible for introducing vulnerabilities. "Security can't be bolted on after deployment. It has to be built in continuously, contextually, and with developers at the center," said Amiram Shachar, CEO and Co-Founder of Upwind. "To us, this wave of analyst recognition validates the strength of our vision, our product, and most importantly, our team. Upwind's momentum is driven by real customer adoption, technical innovation, and word-of-mouth from the people who use and love our platform. We're not building for the exit; we're building for impact. We're focused on solving real, complex problems for the teams building and securing the cloud. That's why engineers, platform teams, and SOCs are choosing Upwind to simplify, scale, and unify cloud-native security at the speed of modern development." Market context and future trends With the rising adoption of cloud-native technologies, industry analysts have pointed to a shift among organisations from fragmented toolchains toward more integrated platforms that offer visibility throughout the application lifecycle. Gartner's reports state that CNAPP platforms are becoming a preferred model for managing the security of dynamic cloud environments, particularly as companies increase their investments in DevSecOps, platform engineering, and generative AI systems. Frost & Sullivan described Upwind as impactful for its capability to merge detection, response, and protection services into a singular platform. The report credits Upwind with consolidating functions such as ADR (Application Detection and Response), CDR (Cloud Detection and Response), CWPP (Cloud Workload Protection Platforms), and CSPM (Cloud Security Posture Management), thereby supporting operational efficiency for customers.
Techday NZ
2 days ago
- Techday NZ
Red Hat named leader in 2025 Gartner Magic Quadrant for containers
Red Hat has been named a Leader in the 2025 Gartner Magic Quadrant for Container Management for the third year in a row, following an evaluation of 15 vendors. This ongoing recognition highlights both the role of Red Hat OpenShift in enterprise container strategies and the company's approach to hybrid cloud environments. The Gartner Magic Quadrant recognised OpenShift for its Completeness of Vision and Ability to Execute. Red Hat OpenShift provides a platform for container management that supports operational consistency and standardisation among organisations implementing cloud-native approaches. The platform is designed to standardise, automate, and scale container projects across various settings including data centres, multiple cloud environments, and edge deployments. Red Hat credits this acknowledgment to OpenShift's integrated security features, advanced management capabilities, and emphasis on developer productivity. These characteristics are seen as benefits for IT teams seeking to modernise applications and improve delivery of business value. The Gartner Magic Quadrant for Container Management is based on specific criteria that examine each vendor's completeness of vision and ability to execute. According to Gartner, Leaders are those who execute effectively against their current vision and are positioned well for future developments. Red Hat has previously received similar recognition, having been named a Leader in Gartner's 2025 Magic Quadrant for Cloud-Native Application Platforms. Company comments "We believe being recognised as a Leader for the third consecutive year in the Gartner Magic Quadrant for Container Management validates Red Hat OpenShift's role as a cornerstone for modern IT strategies. Our platform empowers enterprises to standardise, automate and scale their container initiatives across any footprint, from the datacenter to multiple cloud environments, providing the flexibility and control needed to meet evolving business demands." This was stated by Mike Barrett, Vice President & General Manager, Hybrid Cloud Platforms at Red Hat. The company states that OpenShift is suitable for organisations that require deployment capabilities across different infrastructures, including both private data centres and public clouds, as well as edge locations. Security and operational management are integrated into the platform to help developers and IT operations teams manage their workloads efficiently. The report from Gartner provides analysis of multiple vendors offering container management solutions, with an emphasis on their strategic direction and capability to deliver support for modern container workloads. Gartner's methodology identifies Leaders as vendors who are successful in both the vision and execution aspects of the market. The Gartner Magic Quadrant is frequently referenced by IT professionals and procurement teams seeking independent assessments of technology vendors. The evaluation of Red Hat OpenShift considered its ability to help enterprises with complex IT requirements and support their migration to cloud-native architectures. Red Hat continues to position OpenShift as a platform for standardising container operations, both on-premises and in cloud environments. Its feature set includes automation, policy enforcement, and monitoring, all built on a foundation powered by Kubernetes. The recognition by Gartner further builds on Red Hat's presence in the enterprise IT market, where container management is seen as a key capability for organisations pursuing digital transformation and modernisation of software delivery practices. The ability to operate workload across multiple environments is monitored closely by businesses managing diverse infrastructure estates. Gartner's commentary on container management vendors does not constitute an endorsement, but serves as one of several independent reference points for organisations considering their options in the market.
Techday NZ
2 days ago
- Techday NZ
Threat spotlight: How attackers poison AI tools and defences
Barracuda has reported on how generative AI is being used to create and distribute spam emails and craft highly persuasive phishing attacks. These threats continue to evolve and escalate – but they are not the only ways in which attackers leverage AI. Security researchers are now seeing threat actors manipulate companies' AI tools and tamper with their AI security features to steal and compromise information and weaken a target's defences. Email attacks targeting AI assistants AI assistants and the Large Language Models (LLMs) that support their functionality are vulnerable to abuse. Barracuda's threat analysts have found attacks where malicious prompts are hidden inside benign looking emails. This malicious payload is designed to manipulate the behaviour of the target's AI information assistants. For example, a recently reported – and fixed – vulnerability in Microsoft 365's AI assistant, Copilot, could allow anyone to extract information from a network without authorisation. Threat actors can exploit to collect and exfiltrate sensitive information from a target. They do this by leveraging the ability of internal AI assistants to look for and collate contextual data from internal emails, messages and documents when answering queries or completing tasks. First, the attackers send one or more employees a seemingly harmless email containing a concealed and embedded malicious prompt payload. This email needs no interaction from the user and lives benignly in their inbox. When the employee asks the AI assistant for help with a task or query, the assistant scans look through older emails, files and data to provide context for its response. As a result, the AI assistant unwittingly infects itself with the malicious prompt. The malicious prompt could then ask the AI assistant to silently exfiltrate sensitive information, to execute malicious commands or to alter data. Weaponised emails also try to manipulate AI assistants by corrupting their underlying memory or data retrieval logic. These include emails with exploits targeting vulnerabilities in RAG (Retrieval-Augmented Generation) deployments. RAG is a technique that enables the LLMs to retrieve and incorporate new information beyond their training model. Such attacks can lead to AI assistants making incorrect decisions, providing false information, or performing unintended actions based on corrupted data. Tampering with AI-based protection Attackers are also learning how to manipulate the AI components of defensive technologies. Email security platforms are being enhanced with AI-powered features that make them easier to use and more efficient. These include features such as auto-replies, 'smart' forwarding, auto-triage to remove spam, automated ticket creation for issues, and more. This is expanding the potential attack surface that threat actors can target. If an attacker successfully manipulates these security features, they could: Manipulate intelligent email security tools to autoreply with sensitive data. Abuse AI security features to escalate helpdesk tickets without verification. This could lead to unauthorised access to systems or data, as attackers could exploit the escalated privileges to perform malicious activities. Trigger workflow automation based on a malicious prompt. This could lead to the execution of harmful actions, such as deploying malware, altering critical data, or disrupting business operations. Casting doubt on reality Identity confusion and spoofing When AI systems operate with high levels of autonomy, they can be tricked into either impersonating users or trusting impersonators. This can lead to: 'Confused Deputy' attacks: This involves an AI agent with higher privileges performing unauthorised tasks on behalf of a lower-privileged user (such as an attacker.) Spoofed API access: This involves existing AI-based integrations with Microsoft 365 or Gmail, for example, being manipulated to leak sensitive data or send fraudulent emails. Cascading hallucinations: trusting the untrue As mentioned above, email attacks targeting AI assistants can try to manipulate the assistant's functionality. This could lead the assistant to summarise a user's inbox, generate reports, and set the calendar – but based on false or manipulated data. In such cases, a single poisoned email could: Mislead task prioritisation. For example, send "urgent" emails from fake executives. Skew summaries and recommendations. Influence critical business decisions based on hallucinations. How email defenses need to adapt Legacy email gateways, traditional email authentication protocols such as SPF or DKIM and standard IP blacklists are no longer enough to defend against these threats. Organisations need an email security platform that is generative-AI resilient. This platform should include: LLM-aware filtering: Able to understand email context (topic, target, type etc.), tone and behavioural patterns in addition to the email content. Contextual memory validation: This helps to sanitise what AI-based filters learn over time and can prevent long-term manipulation. Toolchain isolation: AI assistants need to operate in sandboxes, with measures in place to block any unverified action based on a received email prompt. Scoped identity management: This involves using minimal-privilege tokens and enforcing identity boundaries for AI integrations. Zero trust AI execution: Just because an email claims to be "from the CEO" doesn't mean the AI should automatically act on it. Tools should be set to verify everything before execution. The future of email security is 'agent-aware' The AI tools being used within organisations are increasing built on 'agentic' AI. These are AI systems capable of independent decision-making and autonomous behavior. These systems can reason, plan and perform actions, adapting in real time to achieve specific goals. This powerful capability can be manipulated by attackers and security measures must shift from passive filtering to proactive threat modelling for AI agents. Email is a great example. Email is becoming an AI-augmented workspace, but it remains one of the top attack vectors. Security strategies need to stop seeing email as a channel. Instead, they need to approach it as an execution environment requiring zero trust principles and constant AI-aware validation. How Barracuda email protection helps defend against AI attacks Barracuda's integrated cybersecurity platform is purpose-built to meet the dual challenge of AI-based attacks and attacks targeting AI components. Our email protection suite combines intelligent detection, adaptive automation, and human-centric design to help customers outpace AI-powered threats. This includes: Advanced AI-based detection: Barracuda uses behavioural AI and NLP to spot social engineering even without obvious malware or links. It catches impersonation, business email compromise (BEC), and tone-shift anomalies that traditional filters miss. Defence in depth: Barracuda covers every stage of the kill chain from phishing prevention to account takeover detection and automated incident response, closing the gaps that attackers exploit. Real time threat intelligence: With data from a global detection network, Barracuda rapidly adapts to evolving threats like prompt injection, RAG poisoning, and AI hallucination abuse. User training and awareness: Technology alone isn't enough. Barracuda empowers employees to recognise AI-powered phishing through ongoing awareness training because trust is the new vulnerability.
