GigaOm Radar for Cloud Data Protection Solutions v1

Cloud data protection is a workload-centric approach to safeguarding critical data and applications deployed across diverse environments, such as IaaS, PaaS, SaaS, and traditional on-premises infrastructure, including bare metal. It encompasses a comprehensive suite of capabilities (from backup and recovery to replication, archiving, and cyber resilience) designed to ensure data availability, integrity, and compliance. This technology is paramount because data is the lifeblood of every organization, and its loss or compromise can lead to severe operational disruption, financial penalties, and reputational damage. It matters to every organization that relies on digital data, from small businesses needing basic recovery to large enterprises managing petabytes across complex hybrid and multicloud landscapes, and especially to MSPs who deliver data protection as a service.

For CxOs, cloud data protection is no longer merely an IT operational task; it is a fundamental business imperative directly impacting continuity, risk management, and strategic agility. The increasing frequency and sophistication of cyberattacks, particularly ransomware, underscore the importance of data protection as the last line of defense against existential threats. Organizations need solutions that can recover data rapidly and guarantee its integrity, ensuring that restored data is clean and uncompromised. Beyond disaster recovery, robust cloud data protection enables compliance with stringent global regulations (such as GDPR, HIPAA, and PCI DSS), mitigates data loss risks from human error or system failures, and supports cloud adoption strategies by securing data wherever it resides. CxOs must invest in solutions that offer comprehensive workload coverage, robust immutability, and seamless cross-cloud mobility to future-proof their data strategies. The ability to gain transparent insights into data protection costs and streamline operations through automation is also critical for optimizing the total cost of ownership and freeing up valuable IT resources for innovation.

The scope of this report specifically includes vendor solutions designed to provide comprehensive, workload-centric data protection across IaaS, PaaS, and on-premises infrastructure, including bare metal. Inclusion requires that a vendor's primary offering in this space meets all defined table stakes criteria. There are no additional non-table stake  inclusion criteria, such as a mandate for a specific deployment model (purely SaaS, for example) or a minimum number of supported cloud providers beyond meeting the core definition of safeguarding data across diverse environments. The focus is on holistic solutions that can protect modern and evolving workloads, enable rapid recovery, and mitigate data loss risks for various organizations.

This is our first year evaluating the cloud data protection space in the context of our Key Criteria and Radar reports. 

This GigaOm Radar report examines 23 of the top cloud data protection solutions and compares offerings against the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) outlined in the companion Key Criteria report. Together, these reports provide an overview of the market, identify leading cloud data protection offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.

GIGAOM KEY CRITERIA AND RADAR REPORTS

The GigaOm Key Criteria report provides a detailed decision framework for IT and executive leadership assessing enterprise technologies. Each report defines relevant functional and nonfunctional aspects of solutions in a sector. The Key Criteria report informs the GigaOm Radar report, which provides a forward-looking assessment of vendor solutions in the sector.

To help prospective customers find the best fit for their use case and business requirements, we assess how well cloud data protection solutions are designed to serve specific target markets and deployment models (Table 1).

For this report, we recognize the following market segments:

• Enterprise: This segment consists of large organizations with complex, hybrid IT environments and stringent compliance mandates. Buyers in this market require solutions that offer massive scalability, support for a diverse range of legacy and cloud-native workloads, and have robust security, governance, and API-driven automation capabilities.

• SMB: This segment includes businesses with limited IT staff and budgets who prioritize simplicity and reliability above all else. They seek affordable "set it and forget it" solutions that unify protection for their key assets like servers, endpoints, and SaaS applications into a single, easy-to-manage console.

• MSP: This segment comprises service providers who purchase platforms to deliver managed data protection services to their end customers. Their primary requirements are robust multitenancy, integration with billing and management tools (PSA/RMM), and a consumption-based pricing model that allows them to build a profitable, scalable service portfolio.

In addition, we recognize the following deployment models:

• Cloud: This model is fully hosted and managed by the vendor as a SaaS solution, eliminating the need for customer-deployed backup infrastructure. It is ideal for organizations prioritizing operational simplicity and an OpEx spending model, as the vendor handles all platform maintenance, scaling, and updates, enabling rapid time to value.

• Physical appliance: This model consists of a preconfigured hardware server with integrated data protection software, deployed in the customer’s data center. It is best suited for organizations that require a simple, all-in-one plug-and-play solution with predictable performance and want to maintain physical control over their primary backup data.

• Virtual appliance: This deployment model provides the data protection software prepackaged as a virtual machine (VM) template, which customers deploy on their own hypervisor infrastructure (for example, VMware, Hyper-V). This approach offers more flexibility than a physical appliance and allows organizations to leverage their existing hardware investments and virtualization management tools.

• Hybrid: This model combines on-premises components (physical or virtual appliances) for local performance with a cloud-based management console and/or cloud storage tier for scale and off-site resilience. It is designed for enterprises seeking the low-latency recovery of an on-premises solution while leveraging the disaster recovery capabilities and centralized management benefits of the cloud.

Table 1. Vendor Positioning: Target Market and Deployment Model

Table 1 components are evaluated in a binary yes/no manner and do not factor into a vendor’s designation as a Leader, Challenger, or Entrant on the Radar chart (Figure 1). 

“Target market” reflects which use cases each solution is recommended for, not simply whether that group can use it. For example, if an SMB could use a solution but doing so would be cost-prohibitive, that solution would be rated “no” for SMBs.

All solutions included in this Radar report meet the following table stakes—capabilities widely adopted and well implemented in the sector:

• Workload backup

• Data recovery

• Policy management

• Snapshot management

• Data deduplication

• Compression

Tables 2, 3, and 4 summarize how each vendor in this research performs in the areas we consider differentiating and critical in this sector. The objective is to give the reader a snapshot of the technical capabilities of available solutions, define the perimeter of the relevant market space, and gauge the potential impact on the business.

• Key features differentiate solutions, highlighting the primary criteria to be considered when evaluating a cloud data protection solution.

• Emerging features show how well each vendor implements capabilities that are not yet mainstream but are expected to become more widespread and compelling within the next 12 to 18 months. 

• Business criteria provide insight into the nonfunctional requirements that factor into a purchase decision and determine a solution’s impact on an organization.

These decision criteria are summarized below. More detailed descriptions can be found in the corresponding report, “GigaOm Key Criteria for Evaluating Cloud Data Protection Solutions.”

Key Features

• Granular restore: Granular restore enables the recovery of individual items (like files, emails, or database objects) directly from a larger backup rather than requiring a complete system rollback. This is critical for minimizing recovery time objectives (RTOs) and reducing data loss (recovery point objectives or RPOs) in common, everyday recovery scenarios.

• Cross-cloud mobility: Cross-cloud mobility refers to the ability to seamlessly move and restore protected data and workloads between different public cloud providers and on-premises infrastructure. This feature is vital for disaster recovery strategies, cloud migration initiatives, and to avoid vendor lock-in.

• Immutable storage: Immutable storage ensures that backup data, once written, cannot be altered, encrypted, or deleted for a defined retention period, providing a critical last line of defense against ransomware and malicious insiders. It's a fundamental differentiator for building true cyber resilience.

• Orchestrated recovery: Orchestrated recovery automates the complex, multistep process of restoring entire applications or services, including interdependence and network configurations, ensuring rapid and reliable business continuity following a disaster. It is crucial for meeting aggressive RTOs at scale.

• Application-consistent backup: Application-consistent backup ensures that data from complex applications (like databases or email servers) is captured in a state that guarantees recoverability and data integrity, even while the application is running. This is crucial for maintaining data accuracy and preventing costly data corruption during restoration.

• Centralized dashboard: A centralized dashboard provides a unified, single pane of glass view of all data protection operations, status, and alerts across an organization's hybrid and multicloud environments. This is crucial for gaining immediate visibility into data protection posture, simplifying management, and enabling proactive issue resolution.

Table 2. Key Features Comparison 

Emerging Features

• AI-driven anomaly detection: AI-driven anomaly detection uses machine learning to continuously monitor backup patterns, data changes, and access behaviors, automatically identifying deviations that could indicate a ransomware attack, insider threat, or operational issue. This proactive capability helps organizations detect threats early and prevent widespread data corruption or loss.

• Automated compliance reporting: Automated compliance reporting generates comprehensive, auditable reports on data protection activities and policy adherence, demonstrating an organization's compliance with various regulatory frameworks. This streamlines the audit process, reduces manual effort, and mitigates the risk of noncompliance.

• Kubernetes workload protection: Kubernetes workload protection provides comprehensive backup and recovery for applications deployed within Kubernetes clusters, safeguarding not just persistent volumes but also configuration data, namespaces, and application manifests. This is essential for ensuring the resilience of cloud-native applications in containerized environments.

• Data classification: Data classification automatically identifies and tags sensitive or critical information within backup data. This helps apply specific protection policies, access controls, and retention rules based on data type, which enhances compliance, security, and efficient data lifecycle management.

• Serverless function protection: Serverless function protection addresses the unique challenge of safeguarding the code, configuration, and associated data of serverless functions (like AWS Lambda or Azure Functions). This ensures the recoverability and operational integrity of modern, event-driven applications that often lack traditional backup points.

• Container image scanning: Container image scanning integrates vulnerability and malware detection directly into the backup process for container images, identifying security risks before compromised images are restored or deployed. This provides an additional layer of cyber resilience by ensuring the integrity and cleanliness of recovery points.

Table 3. Emerging Features Comparison

Business Criteria

• Cost transparency: Cost transparency refers to precise, predictable, and detailed insights into all data protection-related expenses, including licensing, storage, network egress, and operational overhead. This is vital for accurate budgeting, cost optimization, and demonstrating ROI in complex cloud environments.

• Support: Support includes the availability, responsiveness, and expertise of the vendor's technical assistance to help ensure timely resolution of any issues and ongoing operational effectiveness. Robust support is paramount for maintaining business continuity and minimizing downtime during critical incidents.

• Flexibility: Flexibility in cloud data protection refers to a solution's adaptability to an organization's evolving IT landscape, encompassing support for diverse workload types, deployment models, and recovery scenarios without requiring significant re-architecture. This is essential for future-proofing investments and enabling agile business transformations.

• Scalability: In the context of cloud data protection tools, scalability is the solution's ability to efficiently handle increasing volumes of data, increasing numbers of protected workloads, and growing user demands without performance degradation or architectural rehauls. This is crucial for supporting organizational growth and effectively managing the future data explosion.

• Interoperability: Interoperability describes a cloud data protection solution's capacity to seamlessly integrate and exchange data with an organization's existing IT ecosystem, including management tools, security platforms, and public cloud services. High interoperability simplifies operations, enhances security posture, and leverages existing technology investments

• SLA provision: Service Level Agreement (SLA) provision refers to a vendor's commitment to specific, measurable service levels for their data protection solution, particularly regarding availability, performance, and crucial recovery metrics like RTO and RPO. These formal agreements are vital for assuring business continuity and managing risk.

Table 4. Business Criteria Comparison 

The GigaOm Radar plots vendor solutions across a series of concentric rings with those positioned closer to the center being judged as having the most complete solution. The chart characterizes each vendor on two axes—balancing Maturity versus Innovation and Feature Play versus Platform Play—while providing an arrowhead that projects each solution’s expected evolution over the coming 12 to 18 months.

Figure 1. GigaOm Radar for Cloud Data Protection

As Figure 1 suggests, the market is undergoing a clear and decisive shift, a significant departure from the stability seen in related sectors. The most prominent trend is the overwhelming concentration of vendors in the Innovation half, signifying a sector where complacency is not an option. Vendors have become more flexible and responsive, driven by the need to counter rapidly evolving cyberthreats and to meet the demands of modern, cloud-native IT. This positions the market as a dynamic and competitive arena where solutions are constantly evolving, with new capabilities and feature sets emerging year over year.

The market's heavy concentration on the Platform Play side shows that the dominant strategy is to be a broad generalist rather than a specialist. Vendors are finding more success appealing to a wide range of common needs instead of focusing on niche markets. These solutions are designed to address data protection holistically—not just for a single application or workload but across an entire hybrid and multicloud environment. The cluster of vendors in the Innovation/Platform Play quadrant represents the core of the market's future by delivering rapid innovation within a unified platform architecture.

This market dynamism is further illustrated by the distribution of vendors within the circles. The majority are positioned as Fast Movers, which points to a healthy, highly competitive landscape where most players are actively keeping pace with market trends and customer demands. The select few classified as Outperformers are those who are not just keeping pace but actively setting it, pushing the boundaries with groundbreaking new features and strategic acquisitions that allow them to leapfrog competitors. The limited number of Forward Movers, primarily in the Maturity/Feature Play quadrant, suggests that vendors with slower development cycles or a highly niche focus may struggle to remain relevant in this rapidly transforming sector. This distribution indicates a robust, evolving market where innovative, platform-based solutions are the primary drivers of leadership and customer adoption. 

In reviewing solutions, it’s important to keep in mind that there are no universal “best” or “worst” offerings; every solution has aspects that might make it a better or worse fit for specific customer requirements. Prospective customers should consider their current and future needs when comparing solutions and vendor roadmaps.

INSIDE THE GIGAOM RADAR

To create the GigaOm Radar graphic, key features, emerging features, and business criteria are scored and weighted. Key features and business criteria receive the highest weighting and have the most impact on vendor positioning on the Radar graphic. Emerging features receive a lower weighting and have a lower impact on vendor positioning on the Radar graphic. The resulting chart is a forward-looking perspective on all the vendors in this report, based on their products’ technical capabilities and roadmaps.

Note that the Radar is technology-focused, and business considerations such as vendor market share, customer share, spend, recency or longevity in the market, and so on are not considered in our evaluations. As such, these factors do not impact scoring and positioning on the Radar graphic.

For more information, please visit our Methodology.

Acronis: Acronis Cyber Protect Cloud

Solution Overview
Acronis is a global leader in cyber protection, unifying data protection, cybersecurity, and endpoint management into a single, modular platform known as Acronis Cyber Protect Cloud. Its primary focus is to deliver an integrated solution for preventing, detecting, responding to, recovering from, and forensically investigating cyberthreats and data loss events. The solution is particularly dominant in the MSP channel, providing a multitenant platform for partners to deliver these services. It integrates capabilities such as backup, antimalware, patch management, URL filtering, and disaster recovery by capturing data from various sources (full disk images, files, applications, SaaS data) and protecting it with integrated cybersecurity measures. Acronis Cyber Protect Cloud is a single, standalone solution that unifies these functions, available through various add-on modules (for example, Disaster Recovery, EDR/XDR, and Data Loss Prevention). Its strategy is a general approach, aiming to address problems holistically by converging previously disparate IT functions into one comprehensive platform.

Acronis is positioned as a Challenger and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Acronis scored well on a number of decision criteria, including:

• Application-consistent backup: The solution delivers advanced application-consistent backups across complex applications like Microsoft Exchange and Microsoft SQL. It leverages deep integration with Volume Shadow Copy Service (VSS) and application-specific APIs, coupled with extensive support for virtual environments like VMware Cloud Director, ensuring high data integrity and reliable recovery for critical enterprise applications.

• Granular restore: The platform offers comprehensive granular restoration, including file-level, database-level (Exchange, SQL), and application-level (Microsoft 365, Google Workspace). It provides a self-service recycle bin for partners, demonstrating advanced capability in precision and recovery options that exceed basic expectations.

• AI-driven anomaly detection: The solution utilizes AI for endpoint detection and response (EDR), exploit prevention, and behavioral analysis for improved detection. It features AI-based HDD health monitoring and has an automated response playbook, demonstrating an advanced commitment and existing capabilities in AI/ML for security and anomaly detection.

Opportunities
Acronis has room for improvement in a few decision criteria, including:

• Cross-cloud mobility: The platform’s capability to protect and recover workloads across major public clouds is functional, and its Universal Restore technology aids migration to dissimilar hardware. However, while it meets expectations, it lacks the seamless, one-click workload conversion and automated migration between disparate public clouds (such as an automated restore of an on-premises VMware VM as a running EC2 instance) that is native to more advanced solutions in this space.

• Immutable storage: The solution offers immutable backup storage in the Acronis-hosted cloud and supports immutability in third-party clouds via S3 Object Lock. While this meets expectations for protecting backups from modification, it lacks the dedicated, operationally-isolated cyber vaulting environment and automated clean room recovery orchestration offered by market leaders.

• Centralized dashboard: The solution provides a functional multitenant web console with dashboards and reports well suited for service providers. While it offers essential monitoring capabilities, the level of real-time dashboard customization and availability of prebuilt, audit-ready reports for complex compliance frameworks (like GDPR or HIPAA) is not as extensive as leading enterprise-focused solutions.

Purchase Considerations
Licensing for Acronis Cyber Protect Cloud is functionally transparent, primarily offered on a pay-as-you-go consumption-based model, often per workload or per gigabyte. This provides clarity for MSPs and their end customers, but navigating the various modular add-ons (for example, EDR/XDR, Disaster Recovery, Data Loss Prevention) can introduce complexity for enterprises trying to map specific features to the correct SKU. The solution is well suited for SMBs and mid-market enterprises, with flexible deployment models (SaaS, on-premises software, hybrid) that cater to diverse needs. It is licensed as a comprehensive solution unifying data protection, cybersecurity, and endpoint management. To achieve its full integrated benefit and ROI, customers should expect to displace incumbent point solutions in security and management. Professional services and standard support are available, primarily through its extensive partner network. Deployment is generally straightforward, with an emphasis on ease of use. Migration from existing solutions is facilitated by features like Universal Restore, simplifying recovery to dissimilar hardware.

Use Cases
Acronis supports most industry verticals by providing a broad cyber protection platform, with particular strength in sectors serviced by MSPs. Its solutions cover common and critical use cases. These include comprehensive ransomware protection (immutable storage, behavioral detection, safe recovery), disaster recovery (orchestrated failover/failback), endpoint protection and management (vulnerability assessment, patch management, remote desktop), and unified data management for hybrid environments, fitting a general platform approach for comprehensive cyber resilience.

Asigra: Tigris Ultra Secure Backup

Solution Overview
Asigra is a long-standing data protection vendor, founded in 1986 and known for its agentless, multitenant architecture. Its primary focus is on delivering secure and comprehensive backup and recovery solutions through a global network of MSPs and to enterprises. The core offering, Asigra Tigris Ultra Secure Backup, is a single, versatile platform that protects data across physical servers, virtual machines (VMware and Hyper-V), enterprise applications, databases, desktops, laptops, and SaaS applications, including Microsoft 365, Google Workspace, and Salesforce.

The platform utilizes an incremental-forever backup methodology to optimize storage and network efficiency. It integrates a suite of advanced data security features, including Content Disarm and Reconstruction (CDR), which sanitizes files during recovery, and a multilayered security model to protect backup data against ransomware. Key features include validation processes to ensure corruption-free recoveries and robust protection against cyberthreats. As a standalone platform, it provides comprehensive features designed for holistic data protection in complex hybrid environments.

Asigra is positioned as a Challenger and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Asigra scored well on a number of decision criteria, including:

• Application-consistent backup: The platform provides advanced application-consistent backups for critical enterprise applications like SQL Server, Oracle, and Microsoft Exchange. It leverages VSS integration and available APIs across all supported deployment environments (physical, virtual, cloud IaaS), ensuring robust data integrity and transactional consistency for business-critical systems.

• Granular restore: The solution supports functional granular restores at the file/item level for file systems, SaaS applications (Microsoft 365, Google Workspace, Salesforce), and virtual machine backups. This allows for rapid recovery times (RTOs) for common restore scenarios. The platform also offers self-service restore capabilities via its Management Console, empowering end users or administrators to quickly recover data as needed.

• Centralized dashboard: The solution’s Management Console is a web-based, multitenant interface that provides unified access to configure policies and run backup and recovery activities. It includes built-in multifactor authentication (MFA) and a range of standard reports for visibility into protection status.

Opportunities
Asigra has room for improvement in a few decision criteria, including:

• Immutable storage: The platform now provides multiple options for immutability. This includes native integration with Amazon S3 Object Lock and other S3-compatible cloud storage platforms that support this feature. This allows organizations to make backup data unchangeable and undeletable for a specified retention period, providing a critical defense against ransomware and malicious deletion.

• AI-driven anomaly detection: The platform has implemented an advanced, signatureless malware detection engine called Bidirectional Malware Detection. This feature scans both backup and restore data streams to identify and quarantine ransomware, preventing infections from entering the backup repository or being restored to the production environment. While further AI/ML enhancements for predictive analytics are on the roadmap, the existing functionality provides robust, inline threat detection that goes beyond basic anomaly detection.

• Orchestrated recovery: The solution’s orchestrated recovery capability is minimal. This is explicitly described as an important feature that will be added to the company’s roadmap. Currently, the solution only offers scheduled restores at the backup set level. This indicates a lack of comprehensive, multitier application orchestration capabilities, which are crucial for meeting aggressive RTOs in complex disaster scenarios.

Purchase Considerations
Licensing for Asigra's solution is transparent and offered through a subscription model, typically on a per-month basis with no hidden fees. Pricing models include capacity-based (per TB) for servers and per user for SaaS applications, providing flexibility for different environments. Asigra is a Platform Play aimed at the enterprise, SMB, and MSP markets. Its robust multitenancy, security features, and white-labeling capabilities make it particularly well suited for MSPs delivering backup-as-a-service (BaaS). Professional services are available for large or complex deployments, and technical account managers (TAMs) are assigned to customer accounts to ensure success. The agentless nature of the platform simplifies deployment and management across on-premises, cloud, or MSP-managed environments.

Use Cases
Asigra supports all industry verticals with its versatile, security-focused platform. Its solutions are particularly well suited for service providers looking to offer multitenant BaaS, disaster recovery-as-a-service (DRaaS), or archive-as-a-service (AaaS). Similarly, enterprises and SMBs leverage Asigra for comprehensive protection of their complex hybrid environments, which span physical servers, virtual infrastructure, and critical SaaS applications. For organizations in high-security environments, the platform's advanced features (such as Bidirectional Malware Detection, MFA, FIPS 140-2 certified encryption, and immutable storage)_ are critical for creating a resilient defense against ransomware and other cyberthreats. Furthermore, these capabilities support robust disaster recovery strategies, utilizing features like universal restore for dissimilar hardware and VM replication to ensure business continuity in the event of a site-wide disaster.

Atempo: Tina and Miria

Solution Overview
Atempo is a data management vendor with a distinct focus on both structured and massive-scale unstructured data. Its portfolio is designed to deliver highly scalable and flexible solutions for enterprise data across diverse storage environments, with a strong emphasis on performance, data sovereignty, and extensive storage hardware support, including tape. Atempo offers two primary, complementary products: Tina for the backup and disaster recovery of structured data (including virtual machines, applications, databases, and operating systems) and Miria for the high-volume management of unstructured data (backup, archive, migration, and synchronization for NAS, parallel file systems, and object storage).

While Tina and Miria are currently distinct products with separate management interfaces, Atempo’s strategy involves progressive integration to unify these platforms. This dual-product approach allows Atempo to provide specialized, best-of-breed depth for each data type, addressing the specific and demanding needs of large enterprises.

Atempo is positioned as a Challenger and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Atempo scored well on a number of decision criteria, including:

• Orchestrated recovery: The Tina platform provides advanced, orchestrated recovery capabilities. It enables the automated restoration of multitier applications with complex dependencies, supports customized recovery workflows, and allows for nondisruptive disaster recovery testing. The automation extends to network reconfiguration, IP re-addressing, and the execution of post-recovery scripts, making it a powerful offering for complex DR scenarios involving structured workloads.

• Application-consistent backup: The Tina platform delivers advanced application-consistent backup for a wide range of enterprise workloads, including Microsoft SQL Server (with AlwaysOn support), Oracle (via RMAN integration), SAP HANA, and more. Data integrity is ensured through VSS, application-native APIs, and customizable pre- and post-scripting across both on-premises and cloud IaaS deployments.

• Granular restore: The solution offers comprehensive granular restore capabilities. Tina supports the recovery of individual files, folders, Microsoft 365 items (such as emails), and specific database elements, as well as file-level restores from VM backups. Miria provides fast, granular file recovery for its unstructured data backups. A web-based Self-Service Restore portal is available for end users, enhancing the platform's precision for common recovery scenarios.

Opportunities
Atempo has room for improvement in a few decision criteria, including:

• Cross-cloud mobility: The solution’s cross-cloud mobility is currently developing. Miria provides powerful and fast data movement for unstructured data between on-premises and cloud storage or between different cloud providers. However, fully automated, push-button migration of active workloads (for example, live VM conversion from one cloud format to another) is not a primary feature, positioning this capability as developing for broad, active cross-cloud workload mobility.

• Centralized dashboard: A centralized dashboard experience is provided for both Tina and Miria through web-based administration consoles, delivering real-time visibility and customizable reporting across hybrid, on-premises, and multicloud environments. However, the fact that they are distinct consoles for Tina and Miria (even with a "unified platform foundations" roadmap) prevents a single pane of glass for all data protection operations, which is a key aspect of a truly centralized dashboard for a holistic view.

• Automated compliance reporting: These solutions provide core reporting and detailed logging capabilities that serve as the building blocks for compliance workflows and audit readiness. While detailed audit logs and customizable reports are available, a more automated and standardized compliance reporting engine with prebuilt templates for specific regulatory frameworks (such as GDPR, HIPAA) is on the midterm roadmap.

Purchase Considerations
Licensing for Atempo is flexible, with licensing models that include per-workload, per-volume (TB), and a consumption-based model tailored for MSPs. Miria's pricing is tiered to be cost-effective for very high data volumes. Tina and Miria are typically licensed separately and are available via subscription or perpetual models. Atempo is a Platform Play aimed at Enterprise customers, especially those with large structured and unstructured data challenges in verticals like media and entertainment, high-performance computing (HPC), life sciences, and government. Its solutions are deployed on customer-provided infrastructure (physical or virtual) or as cloud instances. While the solutions are powerful, customers must manage two distinct products to address their holistic data protection needs, which can add complexity compared to a single, fully unified platform.

Use Cases
Atempo supports all industry verticals but has particular strength in sectors that manage massive volumes of unstructured data, such as media and entertainment, HPC, scientific research, and government, where its Miria product excels in high-speed backup, archiving, and data mobility. Tina provides the complementary protection for the structured data workloads common in any enterprise. Key use cases include comprehensive data protection for large-scale hybrid environments, ensuring data sovereignty with broad support for immutable object storage and write once, read many (WORM) tape, providing high-performance, long-term archiving solutions, and facilitating large-scale data migration and synchronization projects. This dual-platform approach addresses holistic data management needs for complex enterprises, covering both active and archival data across its entire lifecycle.

AWS

Solution Overview
Amazon Web Services (AWS) is a global cloud provider offering a vast and ever-expanding suite of cloud computing services. Its primary data protection focus is to provide native, integrated, and highly scalable services for safeguarding data and workloads deployed within the AWS cloud ecosystem, all governed by a shared responsibility model. The solution is part of a larger integrated suite of cloud services, primarily centralized through AWS Backup. This service offers policy-driven backup and recovery across a wide range of AWS services, including Amazon EC2, EBS, RDS, Aurora, DynamoDB, DocumentDB, Neptune, EFS, FSx, and S3, as well as VMware workloads via Storage Gateway. For disaster recovery, AWS Elastic Disaster Recovery (DRS) provides resilient failover, while Amazon S3 offers foundational data immutability through Versioning and Object Lock. These services are built directly on native AWS infrastructure, providing a holistic approach to data protection within the AWS ecosystem through foundational, scalable services that customers can combine and manage.

AWS is positioned as a Leader and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
AWS scored well on a number of decision criteria, including:

• Immutable storage: The platform offers world-class immutable storage capabilities, leveraging native S3 Object Lock and Glacier Vault Lock for WORM functionality. This makes data undeletable and unmodifiable for specified retention periods, providing a leading-edge and robust defense for cyber resilience that is directly integrated into its core storage services.

• Orchestrated recovery: The solution offers strong capabilities for orchestrated recovery within its ecosystem. AWS DRS orchestrates the recovery of EC2 instances and databases, including automated network configuration and IP re-addressing. AWS Backup has also introduced automated restore testing, allowing customers to regularly and nondisruptively validate the integrity of their backups, providing robust orchestration for AWS-native workloads.

• Application-consistent backup: Application consistency for AWS workloads is achieved through the AWS VSS agent for Windows EC2 instances and native integration with managed services like RDS, Aurora, and DynamoDB for consistent database snapshots. For other applications, consistency can be achieved via Amazon Data Lifecycle Manager and pre- and post-backup scripting, providing a robust framework for ensuring data integrity across a wide range of applications running on EC2 and managed databases.

Opportunities
AWS has room for improvement in a few decision criteria, including:

• Cross-cloud mobility: The solution’s core strength is within its own ecosystem. Direct, seamless cross-cloud mobility (for example, automated recovery from an AWS backup into Azure/GCP) for active workloads is not a native feature of AWS's data protection services. Achieving this typically requires third-party tools or significant manual effort for format conversion and re-platforming, representing a minimal native capability in this area.

• Serverless function protection: Protection for serverless applications has matured, with AWS Backup now providing native capabilities to back up and restore AWS Lambda function configurations, versions, and layers. While this represents a significant improvement for application-centric recovery, comprehensive protection of the entire serverless application state (including event source mappings and complex permissions) can still require custom IaC processes alongside AWS Backup.

• Granular restore: Granular restore capabilities vary by AWS service. While point-in-time recovery for RDS and mounting EBS snapshots to browse for files are functional, the platform lacks a unified, self-service portal for direct, item-level recovery across all services. This experience is less streamlined than leading specialized tools, which offer a single interface to browse and restore individual files or objects from any backup type.

Purchase Considerations
Licensing for AWS data protection is transparent, based on a pure pay-as-you-go model for all related services (such as storage, data transfer, API calls) with highly granular billing. This offers high transparency and no upfront commitment, though managing costs effectively requires strong FinOps discipline. AWS is universally adopted by organizations of all sizes, from SMBs to the largest global enterprises. As a Platform Play, its data protection offerings are licensed as individual services that customers assemble into a comprehensive strategy. Extensive support is available through AWS Professional Services and a vast global partner ecosystem. Deployment is straightforward for AWS-native workloads via the console, CLI, or infrastructure as code (IaC), but migrating data and workloads out of AWS is inherently more complex due to data gravity and egress costs.

Use Cases
AWS supports all industry verticals and use cases by providing foundational native cloud data protection services that are ideally suited for organizations deeply invested in the AWS ecosystem. Primary use cases include protecting IaaS workloads (EC2, EBS), PaaS databases (RDS, DynamoDB), containers, and S3 data. The service is used extensively for implementing in-cloud disaster recovery, leveraging the native replication and failover capabilities of AWS DRS. Furthermore, AWS data protection services are widely adopted for creating long-term, secure archives and meeting a variety of compliance requirements for AWS-native data, forming a robust and scalable foundation for cloud-centric data resilience.

Barracuda

Solution Overview
Barracuda is a cybersecurity vendor that offers an integrated portfolio encompassing email, network, application, data protection, and XDR. Its primary data protection focus is on simplifying data protection through secure, integrated solutions for Microsoft 365 and hybrid on-premises environments, emphasizing ease of use. Barracuda provides distinct products to meet these needs: Barracuda Cloud-to-Cloud Backup (CCB) for Microsoft 365, Barracuda Backup (BBS) for on-premises physical and virtual workloads, and Barracuda Data Inspector for data loss prevention (DLP) scanning within Microsoft 365. CCB is a cloud-native SaaS solution, while BBS is a hybrid appliance-based solution. The BarracudaONE platform provides a unified management console and integrates these services, embodying Barracuda's strategy to deliver a comprehensive security and data protection platform for the SMB and MSP segments.

Barracuda is positioned as a Challenger and Fast Mover in the Maturity/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Barracuda scored well on a number of decision criteria, including:

• Granular restore: The platform offers strong granular restore capabilities. Cloud-to-Cloud Backup supports the precise recovery of individual items across Microsoft 365 (emails, files, SharePoint sites, Teams data) and Microsoft Entra ID. Barracuda Backup supports granular restore of files and folders from physical and virtual machine backups. This functionality is precise and meets the requirements for most common recovery scenarios.

• Data classification: Barracuda Data Inspector provides effective data classification specifically for SharePoint Online and OneDrive for Business. It scans files in real time to identify sensitive data patterns like PII, PCI, and PHI, and can detect malicious files or risky external sharing actions. Administrators can also create custom classifiers using keywords or regular expressions, though its scope is limited to these specific Microsoft 365 workloads.

• Centralized dashboard: The BarracudaONE platform provides a unified management experience with a single pane of glass view across its security and data protection portfolio. The dashboards for Cloud-to-Cloud Backup and Barracuda Backup offer clear visibility into protection status, storage usage, and reporting, creating a functional and centralized administrative experience.

Opportunities
Barracuda has room for improvement in a few decision criteria, including:

• Immutable storage: For Cloud-to-Cloud Backup, all data is stored immutably by default in the backend cloud storage. For Barracuda Backup, data replicated to the Barracuda cloud is also immutable. While this provides a strong baseline of protection, the platform does not offer customer-configurable immutability settings (for example, S3 Object Lock-style policies) for the on-premises appliance or granular control over cloud retention policies.

• AI-driven anomaly detection: While Barracuda provides valuable security features through its XDR integration and malware scanning, the solution’s anomaly detection could be improved by incorporating more advanced, AI-driven analysis of the backup data itself. An opportunity exists to build a self-learning engine that baselines normal backup behavior and proactively identifies ransomware indicators, such as significant changes in data entropy or a sudden drop in data compression ratios. This would provide an earlier warning of a potential attack by analyzing data patterns directly, moving beyond reliance on external security signals and known malware signatures.

• Cross-cloud mobility: These data protection solutions are architected for use within specific ecosystems. Cloud-to-Cloud Backup is hosted in Microsoft Azure, and native data or workload migration to other cloud providers is not supported. Similarly, Barracuda Backup does not support cross-cloud recovery or mobility. This represents a significant limitation for organizations requiring multicloud strategies or complex hybrid disaster recovery capabilities.

Purchase Considerations
Licensing for Barracuda data protection is highly transparent and simple, offered on an all-inclusive, per-user subscription model for Cloud-to-Cloud Backup or a per-terabyte model for Barracuda Backup appliances. This predictable pricing, which includes unlimited storage and bandwidth for the SaaS offering, is a strong differentiator, especially for the SMB and MSP markets. The BarracudaONE platform is designed to provide a single point of management and procurement across the entire Barracuda portfolio. Support is a key strength, with 24/7 global access included in subscriptions. Deployment is straightforward, with a choice between the pure SaaS offering for Microsoft 365 and the plug-and-play hybrid appliance for on-premises workloads.

Use Cases
Barracuda supports a wide variety of industry verticals, with a particular focus on the SMB and MSP markets, where ease of use and integrated security are paramount. Its solutions cover key use cases such as comprehensive Microsoft 365 backup and recovery, simplified on-premises physical and virtual server protection, and data security scanning for content stored in Microsoft 365. Barracuda's core strength lies in providing tightly integrated data protection solutions alongside its broader cybersecurity portfolio, offering a unified platform approach to securing and recovering data for organizations that value simplicity, security, and predictable costs.

Cobalt Iron: Cobalt Iron Compass

Solution Overview
Cobalt Iron is a leading provider of enterprise data protection, specializing in a highly automated, SaaS-delivered solution known as Cobalt Iron Compass. Its primary focus is to simplify and optimize data protection and cyber resilience for large organizations by significantly reducing operational complexity and human error. Compass is a single, standalone SaaS platform that provides comprehensive support for a broad range of workloads, including physical servers, virtual machines, databases, enterprise applications, NAS, containers, and cloud workloads. It leverages a powerful AI and automation engine to manage the entire backup and recovery lifecycle—from policy definition to scheduling and storage tiering—with a core emphasis on data integrity and cybersecurity. Cobalt Iron's strategy is a Platform Play that emphasizes automation, AI-driven insights, and operational simplicity to deliver holistic data protection.

Cobalt Iron is positioned as a Leader and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Cobalt Iron scored well on a number of decision criteria, including:

• Centralized dashboard: The solution provides a centralized dashboard, Compass Commander, which is proven to operate at a global enterprise scale. Evidence from a case study of a large financial institution shows the platform centrally manages a hybrid environment of hundreds of petabytes across more than 1,500 worldwide locations, including on-premises and Google Cloud resources. The platform fulfills complex enterprise reporting requirements, including chargeback and showback reporting, and integrates with key operational tools like ServiceNow. These capabilities demonstrate that the dashboard provides the necessary depth for monitoring and policy management in large, complex multicloud environments.

• AI-driven anomaly detection: The vendor is a leader in leveraging AI/ML for data protection. Its patented Cyber-Shield technology proactively monitors backup operations, system behavior, and data patterns to detect threats and anomalies, including ransomware indicators. This pervasive AI-driven approach goes beyond simple monitoring to provide predictive analytics and operational optimization, making it a significant differentiator.

• Application-consistent backup: The platform provides robust application-consistent backups for critical enterprise applications and databases, including Oracle, Microsoft SQL Server, and SAP HANA. This is achieved through deep integration with relevant application APIs and VSS for Windows workloads, ensuring high data integrity and reliable recovery for transactional systems.

Opportunities
Cobalt Iron has room for improvement in a few decision criteria, including:

• Data classification: The platform’s data classification capabilities are developing. The platform's primary focus is on the operational security and integrity of backup data rather than on native content inspection. While Compass can effectively secure data that has been classified by external tools, its ability to natively scan backup data to identify sensitive information (like PII or PHI) for governance purposes is less prominent compared to specialized data governance solutions.

• Orchestrated recovery: The solution’s orchestrated recovery is functional. Its automation focuses on simplifying the recovery process and identifying optimal recovery points. However, it provides more basic orchestration capabilities for multitier applications, lacking the sophisticated automation for network configuration and IP re-addressing across diverse hybrid and multicloud environments seen in advanced DR orchestration platforms.

Purchase Considerations
Licensing for Cobalt Iron Compass is highly transparent, offered as a SaaS-delivered model that provides predictable costs by eliminating the need for customer-managed backup infrastructure. Its intelligent platform automatically optimizes storage and data movement, further contributing to cost efficiency. Cobalt Iron is a Platform Play aimed at the enterprise and upper mid-market segments, with a strong focus on simplifying data protection for large, complex environments. Its professional services complement the highly automated platform. Deployment is significantly simplified due to its SaaS delivery; the backend infrastructure is managed by Compass Software, while integration into customer environments is handled via lightweight connectors.

Use Cases
Cobalt Iron supports all industry verticals by offering an intelligent, automated data protection platform that excels in complex enterprise environments. Key use cases include simplifying and modernizing enterprise backup and recovery, enhancing cyber protection and resilience through AI-driven anomaly detection and data integrity validation, and dramatically optimizing data management operations. Its solution is particularly suited for organizations seeking to eliminate manual tasks, reduce operational burden, and mitigate human error across their entire data estate, providing comprehensive, hands-off data resilience with advanced, built-in security.

Cohesity*

Solution Overview
Cohesity is a leading data security and management company that offers a software-defined, hyperconverged platform. Its primary focus is to simplify data management, eliminate secondary data silos, and provide comprehensive data protection and cyber resilience across hybrid, multicloud, and edge environments. The company's portfolio is increasingly centered on the Cohesity Data Cloud, a comprehensive SaaS offering that runs on major cloud providers. This platform unifies data protection, data security, and data management for a vast array of workloads, including physical servers, virtual machines, modern applications, NAS, cloud-native IaaS, PaaS databases, and SaaS applications. Cohesity's strategy is a Platform Play, aiming to solve data fragmentation and provide holistic data resilience through a single, scalable architecture.

Cohesity is positioned as a Leader and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Cohesity scored well on a number of decision criteria, including:

• Granular restore: The platform offers advanced granular restore capabilities, enabling highly precise recovery of individual files, specific database tables or objects, individual emails from Microsoft 365, and other application-specific items. Its platform provides rapid, self-service options, empowering application owners or end users to initiate their own targeted restores directly from a single, intuitive interface.

• Application-consistent backup: The solution delivers advanced application-consistent backup across a broad spectrum of enterprise applications and databases. It integrates deeply with application-specific APIs (Oracle RMAN, SAP HANA) and utilizes VSS for Windows-based applications, ensuring transactional consistency and data integrity for mission-critical workloads across physical, virtual, and cloud-based deployments.

• Centralized dashboard: Cohesity Helios provides an advanced, cloud-based centralized dashboard that offers a unified, single pane of glass view across all protected workloads, whether on-premises or in various public clouds. The dashboard offers real-time visibility into backup status, cyber resilience posture, storage consumption, and policy compliance, simplifying comprehensive operational oversight.

Opportunities
Cohesity has room for improvement in a few decision criteria, including:

• Cross-cloud mobility: While the solution excels at protecting workloads within and across multiple clouds, fully automated, push-button disaster recovery orchestration between disparate public clouds (for example, a one-click failover of an entire application stack from AWS to Azure) remains a highly complex and developing area. Achieving this level of seamless cross-cloud recovery still requires significant configuration and is an evolving capability.

• Serverless function protection: The platform’s serverless function protection is developing. While strong in cloud-native IaaS and PaaS databases, comprehensive and dedicated protection for serverless functions such as AWS Lambda (including their code, configurations, and event triggers as distinct, fully recoverable workloads) is still an evolving area. Protection often relies on backing up the underlying data stores that serverless functions interact with.

• Container image scanning: The solution focuses heavily on data security for backups, ensuring clean data for recovery through features like malware scanning of the backup data itself. However, direct, proactive scanning of container images for vulnerabilities (CVEs) within a CI/CD pipeline or registry is not a native feature. This capability is typically handled by specialized security tools, positioning Cohesity's native functionality as developing in this specific niche.

Purchase Considerations
Licensing for Cohesity is transparent, offering flexible subscription-based pricing for its software and its comprehensive SaaS offering, the Cohesity Data Cloud. Its efficient global deduplication and compression technologies significantly reduce storage footprint and cloud egress costs, contributing to a lower total cost of ownership (TCO). Cohesity is a Platform Play that is strong across the mid-market and enterprise segments and also offers robust capabilities for MSPs. Deployment options are flexible, including SaaS, customer-managed software on certified hardware, and virtual appliances. Migrating from legacy data protection and secondary storage systems is simplified by its unified platform approach.

Use Cases
Cohesity supports all industry verticals and use cases with its comprehensive data security and management platform. Key use cases include consolidating disparate secondary data silos, enhancing cyber resilience through advanced threat intelligence and immutable storage, streamlining backup and recovery for complex hybrid and multicloud environments, and enabling data reuse for development, testing, and analytics. It is well suited for organizations seeking a unified platform to solve their data fragmentation challenges, addressing both data protection and broader data management needs to improve security posture and operational efficiency across their entire IT estate.

Commvault: Commvault Cloud

Solution Overview
Commvault is a long-standing enterprise leader in data management, now positioned as a comprehensive cyber resilience platform provider through its offering, Commvault Cloud. Its primary focus is to unify data protection, data security, and data intelligence for the cloud-first enterprise, ensuring continuous security, readiness, recovery, and rebalancing across diverse workloads. Commvault Cloud is a unified platform integrating data protection (backup, recovery, DR), cybersecurity (ransomware detection, clean room recovery), and data intelligence. It supports an extremely broad range of workloads, including physical servers, virtual machines, containers, cloud-native services, SaaS applications, and edge devices. The platform leverages Metallic AI for intelligence and offers flexible deployment options (SaaS, software, appliance). Commvault's strategy is a Platform Play, aiming to be the single source of truth for an organization's entire data estate and to proactively defend against cyberthreats.

Commvault is positioned as a Leader and Outperformer in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Commvault scored well on a number of decision criteria, including:

• Cross-cloud mobility: The platform provides world-class cross-cloud mobility, supporting automated workload migration and recovery across major public clouds (AWS, Azure, GCP, OCI), SaaS platforms (Salesforce, Microsoft 365), and on-premises environments. Its "any-to-any portability" handles network configuration and format conversion with leading-edge automation, making it a critical capability for hybrid and multicloud strategies.

• Immutable storage: The solution offers world-class immutable storage capabilities across a wide range of cloud and on-premises targets, enforced via WORM protocols, object lock, compliance locking, and hardware-based snapshots. It tightly integrates with ransomware detection to trigger immutable backups and validate data integrity, providing a multifaceted, robust, and actively defensive approach to cyber resilience.

• Orchestrated recovery: The solution provides world-class orchestrated recovery for complex, multitier applications. It offers automated, end-to-end recovery plans via runbooks, extensive automation for network configuration and scripting, and nondisruptive testing in isolated clean room environments. This provides auditable reporting on recoverability, making it a leading-edge solution for ensuring business continuity.

Commvault was classified as an Outperformer given its exceptional pace of innovation and its successful integration of security, data protection, and data intelligence into a single, cohesive platform.

Opportunities
Commvault has room for improvement in a few decision criteria, including:

• Serverless function protection: The platform provides functional serverless function protection by capturing code, configuration, and dependencies. While integration with major cloud providers is seamless, the rapid emergence of new patterns in serverless architecture means that ensuring a completely uniform experience with the same depth as traditional IaaS workloads is an area of ongoing evolution.

• Automated compliance reporting: The solution offers advanced automated compliance reporting, supporting a wide range of regulatory frameworks with highly customizable, audit-ready reports. However, while very strong, the absolute leading-edge solutions in this niche might offer even more real-time, dashboard-driven visualizations of compliance posture against specific regulatory controls as their primary interface, representing a minor area for continued refinement.

• Kubernetes workload protection: The platform offers advanced Kubernetes workload protection, designed to back up and recover Kubernetes clusters, namespaces, and individual workloads across CNCF certified versions. While robust and application-aware, the rapidly evolving Kubernetes ecosystem continually presents new challenges in supporting all distributions and advanced orchestration features at the absolute bleeding edge, providing scope for ongoing refinement.

Purchase Considerations
Licensing for Commvault is advanced in transparency, offering flexible perpetual, subscription, and pay-as-you-go options across various metrics (VM count, TB, per user). The recent acquisitions of cloud-native platforms like Clumio and Appranix have significantly enhanced its simple, consumption-based SaaS offerings. Commvault is a Platform Play positioned across the enterprise, mid-market, and SMB segments. It is licensed as the unified Commvault Cloud platform, designed to consolidate data protection, cybersecurity, and data management. Its professional services are world-class, offering extensive implementation, customization, and strategic cyber resilience guidance, including its Recovery Range cyberattack simulation labs. Deployment is highly flexible, with diverse options (SaaS, software, appliance) designed to streamline management for any environment.

Use Cases
Commvault supports all industry verticals and use cases by offering one of the industry's most complete cyber resilience platforms. Primary use cases include comprehensive ransomware defense (detection, immutable copies, clean room recovery), enterprise-grade backup and recovery for complex hybrid and multicloud environments, and unified data intelligence and governance. Its solution is ideally suited for organizations seeking to converge their data protection and cybersecurity operations into a single, proactive strategy. This enables confident operations and ensures continuous business resilience across their entire data estate, from traditional data centers to cutting-edge, cloud-native deployments.

Dell Technologies

Solution Overview
Dell Technologies is a global technology leader, offering a broad portfolio of IT infrastructure, solutions, and services. Its primary data protection focus is to provide comprehensive, enterprise-grade data protection and cyber recovery solutions across hybrid and multicloud environments, leveraging both software and purpose-built appliances. Dell Technologies' data protection portfolio is anchored by PowerProtect, which includes PowerProtect Data Manager (software for data protection management), PowerProtect Data Domain Appliances (purpose-built for deduplication storage), and PowerProtect Backup Services (a SaaS offering for cloud-native and SaaS workloads). This integrated portfolio provides workload backup, data recovery, and cyber recovery for a wide range of traditional, virtualized, and cloud-native workloads. Dell Technologies' strategy is a Platform Play, aiming to consolidate data management and provide comprehensive data security for large enterprises.

Dell Technologies is positioned as a Leader and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Dell Technologies scored well on a number of decision criteria, including:

• AI-driven anomaly detection: The platform integrates advanced AI-driven anomaly detection capabilities, particularly through its PowerProtect Cyber Recovery solution. These use analytics engines to scan backup data for signs of corruption, encryption by ransomware, or other malicious activity. This provides proactive monitoring that helps accelerate recovery by quickly identifying the last known good recovery point.

• Immutable storage: The solution offers world-class immutable storage capabilities. PowerProtect Data Domain Appliances support governance and compliance locks (WORM) for on-premises immutability. PowerProtect Cyber Recovery provides a secure, operationally air-gapped cyber vault where immutable copies are stored and analyzed, protecting them from attack. This multilayered approach to immutability is a leading-edge architecture for cyber resilience.

• Orchestrated recovery: The PowerProtect portfolio provides advanced capabilities for orchestrated recovery, particularly for disaster recovery and cyber recovery scenarios. PowerProtect Cyber Recovery includes orchestration for automated testing and recovery within its isolated vault. PowerProtect Data Manager supports automated recovery plans for virtual machines and applications, including network configuration and post-recovery scripting, which streamlines multitier application recovery.

Opportunities
Dell Technologies has room for improvement in a few decision criteria, including:

• Kubernetes workload protection: The platform offers advanced Kubernetes workload protection through PowerProtect Data Manager. The solution is designed to protect entire Kubernetes applications, including persistent volumes, namespaces, and cluster configurations. While robust and application-aware, the rapidly evolving Kubernetes ecosystem continually presents new challenges in supporting all distributions and advanced orchestration features at the absolute bleeding edge, providing scope for ongoing refinement.

• Data classification: The solution provides functional data classification capabilities, primarily within its PowerProtect Cyber Recovery solution (via CyberSense integration), which can identify sensitive data within backup copies during forensic analysis. However, the breadth of automated, real-time data classification across all unstructured and structured data sources to proactively drive granular protection policies is an evolving area compared to specialized data governance tools.

• Cross-cloud mobility: The data protection solutions enable cross-cloud mobility, primarily by supporting cloud object storage as a backup target and offering recovery capabilities to cloud IaaS. This allows for DR to the cloud and migration from on-premises environments. However, seamless, automated, and orchestrated workload migration between different hyperscale cloud providers (AWS to Azure, for example) is not a native, unified strength across their portfolio, positioning it as developing for true active cross-cloud mobility.

Purchase Considerations
The Dell PowerProtect portfolio is available through multiple licensing models, including subscription-based options for its software and appliances, as well as its SaaS offering, PowerProtect Backup Service. Dell Technologies pursues a platform strategy with a strong presence in the enterprise and mid-market segments, offering solutions designed for complex, large-scale data environments. The portfolio combines software, hardware appliances, and SaaS components. To support this, Dell Technologies maintains an extensive global professional services organization. Customers have flexible deployment options, including hardware appliances, software-defined solutions, and SaaS. Migration from legacy Dell Technologies products and other solutions is supported by Dell Technologies' professional services and the platform's broad workload compatibility.

Use Cases
Dell Technologies supports all industry verticals and use cases by offering a comprehensive data management and security platform. Key use cases include enterprise-grade backup and recovery for hybrid and multicloud environments, ensuring advanced cyber resilience with dedicated cyber recovery vaults, and optimizing data storage with market-leading deduplication. The portfolio is ideally suited for large organizations seeking to consolidate their cyber resilience infrastructure and enhance their overall data resilience strategy, providing robust protection and recovery capabilities across their entire data estate, from the core data center to the cloud and the edge.

Druva: Druva Data Security Cloud

Solution Overview
Druva is a leading SaaS provider specializing in data resiliency. Its primary focus is to deliver a 100% cloud-native platform that unifies data protection, disaster recovery, cyber resilience, and data intelligence across hybrid, multicloud, and SaaS workloads, fundamentally eliminating customer-managed infrastructure. The core offering, the Druva Data Security Cloud, is a fully integrated, SaaS-native platform supporting an extensive range of workloads, including VMs, cloud-native services, databases, files, endpoints, SaaS applications (for example, Microsoft 365, Google Workspace, Salesforce, Slack), and Kubernetes. It leverages DruAI for integrated intelligence, provides pervasive immutable storage, and offers policy-driven automation for the entire data lifecycle. Druva's strategy is a Platform Play, aiming to provide "autonomous cyber recovery" and "zero-click resilience" by leveraging AI and its SaaS delivery model.

Druva is positioned as a Leader and Outperformer in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Druva scored well on a number of decision criteria, including:

• Granular restore: The platform delivers world-class granular restore capabilities, supporting item-level recovery for files, individual emails and mailboxes, SaaS records, database objects, and Kubernetes namespaces. Its comprehensive end user self-service restore, rapid RTOs, and global scale make it a leading-edge capability, significantly reducing IT workload and accelerating recovery.

• Immutable storage: The solution provides world-class immutable storage, delivered natively and by default as part of its 100% SaaS architecture. All backups are stored with WORM enforcement, preventing privileged deletion. It integrates with ransomware detection (DruAI flags suspicious behavior, quarantines risky backups, advises clean restore points), making this "always-on, SaaS-native immutability" leading-edge.

• AI-driven anomaly detection: Druva delivers world-class, fully integrated AI-powered anomaly detection via DruAI. It analyzes multidimensional signals, including backup patterns, file behavior metadata, user activity, and API logs, to detect ransomware-like activity. With high accuracy and automated actions (alerts, quarantining), its "built-in AI, not a bolt-on" approach represents state-of-the-art threat detection within backup environments.

Druva was classified as an Outperformer given its pioneering 100% SaaS architecture, strong vision for AI-driven autonomous operations, and rapid pace of innovation in cyber resilience and cloud data protection.

Opportunities
Druva has room for improvement in a few decision criteria, including:

• Serverless function protection: The platform offers functional coverage for serverless workloads and is actively expanding support. It currently protects serverless applications by backing up the cloud services, databases, and file systems they interact with, along with configurations and metadata. While functional, the development of a more comprehensive, application-centric model for full lifecycle protection of serverless components (for example, event-aware restore) is an area for ongoing enhancement.

• Kubernetes workload protection: While Druva offers comprehensive, application-aware protection for a wide range of Kubernetes distributions, an opportunity exists to deepen the integration between its data protection and security capabilities. The solution could be enhanced by incorporating vulnerability scanning for container images directly within the backup data. This would allow administrators to identify known CVEs in their protected applications before performing a restore, ensuring they don't reintroduce security risks into their production environment. Adding this layer of security intelligence would elevate the solution from a pure data protection tool to a more complete cyber resilience platform for cloud-native applications.

• Container image scanning: The platform offers functional container image scanning by integrating with container registries via API and CI/CD plugins to identify vulnerabilities and malware. While useful, this capability is not as deep as specialized real-time cloud-native application protection platforms (CNAPPs) that continuously scan images and directly influence runtime security policies, representing an area for further development.

Purchase Considerations
Licensing for the Druva Data Security Cloud is advanced in transparency, utilizing a simple, consumption-based pricing model based on actual stored data (post-deduplication and compression). A key differentiator is the "no egress, API, restore, or cross-region fees" policy, which eliminates common sources of cloud bill shock. Druva is a Platform Play suitable for both mid-market and enterprise (including Fortune 500 and Global 2000) customers. As a 100% SaaS-native platform, it operates with "zero customer-managed infrastructure," simplifying deployment and aiming to displace incumbent solutions. Its professional services are world-class, offering comprehensive support and strategic guidance. Deployment is exceptionally easy due to its SaaS-native nature, involving simple cloud account connections or lightweight on-premises virtual proxies.

Use Cases
Druva supports all industry verticals and use cases by offering a comprehensive data resiliency cloud. Primary use cases include achieving autonomous cyber recovery, leveraging AI-powered investigations and forensic analysis, and enabling zero-click resilience for a broad range of workloads. It provides robust data protection for cloud-native services, SaaS applications, and AI workloads with the same confidence as legacy data center assets. Druva is ideally suited for organizations seeking to converge their security and backup operations into one highly automated and intelligent operating model, ensuring continuous business resilience across their entire data estate.

Hornetsecurity: VM Backup and 365 Total Backup

Solution Overview
Hornetsecurity is a leading cloud security provider, and its data protection offerings, originally from the Altaro brand, are now integrated into its core portfolio. Its primary focus is on simplifying backup and recovery for virtualized environments (Hyper-V, VMware) and Microsoft 365, specifically targeting SMBs and MSPs with user-friendly solutions. The company offers Hornetsecurity VM Backup (for Hyper-V and VMware VMs, as well as physical servers) and Hornetsecurity 365 Backup. The latter is a pure SaaS solution, while VM Backup is software-defined and deployable on-premises with cloud archival options. These products are key components of Hornetsecurity's broader cybersecurity suite, and their strategy is feature-focused, emphasizing simplicity and reliability for its target market segments.

Hornetsecurity is positioned as an Entrant and Forward Mover in the Maturity/Feature Play quadrant of the cloud data protection Radar chart.

Strengths
Hornetsecurity scored well on a number of decision criteria, including:

• Granular restore: The platform offers functional granular restore capabilities, supporting file-level recovery from VM backups and item-level recovery for Microsoft 365 (such as individual emails, files, and SharePoint sites). This provides the functional precision required for common recovery scenarios, meeting the expectations of its target market.

• Immutable storage: The solution supports functional immutable storage by leveraging native features of cloud object storage (for example, AWS S3 Object Lock and Azure Blob Immutable Storage) as backup targets. For the SaaS-based 365 Backup, immutability is an inherent part of the service's backend architecture. This provides effective protection against ransomware and accidental deletion.

• Application-consistent backup: Hornetsecurity VM Backup supports functional application-consistent backups for virtual machines running VSS-aware applications like Microsoft SQL Server and Exchange. For Microsoft 365, consistency is managed at the API level. This meets the fundamental requirement for ensuring data integrity for these key applications.

Opportunities
Hornetsecurity has room for improvement in a few decision criteria, including:

• Automated compliance reporting: The platform generates detailed audit logs focused on operational outcomes like backup success and failure. It does not include a dedicated compliance module with prebuilt, standardized report templates for regulations such as GDPR or HIPAA. As a result, creating compliance evidence requires manual data extraction and formatting from the available logs. Daily digest reports are also available for quick compliance overview.

• Orchestrated recovery: The platform provides reliable recovery for individual workloads, including granular file restores and full recovery of single virtual machines and Microsoft 365 items. It lacks advanced disaster recovery orchestration capabilities, such as automated boot sequencing for interdependent multitier applications, application dependency mapping, and automated network reconfiguration for failover environments. 

• Centralized dashboard: The Control Panel provides a unified, multitenant interface for managing its entire portfolio of security and backup services. When compared to specialized data protection platforms, its dashboarding capabilities are more focused on functional operations across multiple products rather than on providing deep, customizable data visualization or advanced predictive analytics for capacity and performance management.

Hornetsecurity was classified as a Forward Mover given its strong execution within its target MSP and SMB markets, its user-friendly product design, and its strategic integration into the broader Hornetsecurity security platform.

Purchase Considerations
Licensing for Hornetsecurity's data protection solutions is functionally transparent, typically based on a per-VM or per-user (for Microsoft 365) subscription model, making it clear and easy to navigate for its target market. As a Feature Play, it is designed for specific functionality (VM backup, Microsoft 365 backup) and is often used alongside other IT management tools. It is well suited for SMBs and MSPs who value simplicity and reliability. Professional services are functional and often delivered through their extensive partner network. Deployment complexity is generally straightforward, with VM Backup being easy-to-install software and 365 Backup being a zero-infrastructure SaaS solution.

Use Cases
Hornetsecurity goes to market supporting specific use cases, particularly focused on simplifying backup for virtualized environments (Hyper-V, VMware) and Microsoft 365. Its solutions are ideally suited for SMBs and MSPs seeking user-friendly, efficient protection for these common platforms. The offerings provide a balance of ease of use and essential recovery capabilities for daily operational needs, addressing the targeted requirements for reliable data protection within these specific application and infrastructure environments.

HPE: Zerto

Solution Overview
HPE is a global edge-to-cloud company offering a broad portfolio of IT solutions and services. Through the Zerto platform, HPE provides continuous data protection (CDP), near-synchronous replication, and orchestrated disaster recovery for virtualized and cloud environments. The solution emphasizes aggressive RPOs and RTOs to ensure business continuity for critical applications. The core offering, HPE Zerto Software, provides CDP using journaling technology, supporting replication and recovery for VMs (VMware, Hyper-V) and cloud instances (AWS, Azure). It excels at orchestration for multitier applications, nondisruptive DR testing, and seamless workload mobility. As part of HPE's larger portfolio, Zerto's strategy is largely feature-focused on CDP and orchestrated disaster recovery for VM-based and IaaS cloud workloads.

HPE is positioned as a Challenger and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
HPE scored well on a number of decision criteria, including:

• Application-consistent backup: The platform provides advanced application-consistent data capture for VMs. It integrates with Microsoft VSS for Windows-based applications (SQL Server, Exchange) and uses pre- and post-scripts for Linux applications, ensuring transactional consistency and data integrity are maintained within its continuous replication journal.

• Orchestrated recovery: The solution provides world-class orchestrated recovery. Its core value proposition revolves around automated, multitier application recovery using Virtual Protection Groups (VPGs) that define recovery order, boot dependencies, and networking. Fully automated failover and failback and nondisruptive DR testing with detailed reporting are central to achieving aggressive RTOs.

• Cross-cloud mobility: The platform offers advanced cross-cloud mobility for virtual machines. Its strength lies in continuous replication and migration of VMs between on-premises data centers (VMware, Hyper-V) and major public clouds (AWS, Azure), as well as between different cloud regions. It automates network configuration and format conversion, simplifying workload mobility.

Opportunities
HPE has room for improvement in a few decision criteria, including:

• Immutable storage: The platform’s journal itself can offer immutability for short periods. For longer-term immutable storage, it integrates with S3-compatible cloud object storage for journal exports or replicated data. However, its core journal is primarily for very short RPOs/RTOs, and direct integration with ransomware detection to trigger or validate immutability is still maturing compared to specialized cyber resilience platforms.

• Kubernetes workload protection: The solution is actively developing capabilities for Kubernetes workload protection, with offerings focusing on persistent volume protection and container-level recovery. However, it is still a developing feature, with the need to expand comprehensive application-aware protection for diverse Kubernetes distributions and full application lifecycle management.

• Centralized dashboard: Zerto Analytics provides an advanced, centralized, web-based dashboard for managing replication and DR operations. It offers real-time visibility into VPG status and RPO adherence. However, it primarily focuses on its core DR and replication functions and integrates with broader HPE GreenLake tools for more holistic IT operations management. Its scope is not as broad as solutions that consolidate all data protection types (for example, SaaS app backup, physical server backup) into a single console.

Purchase Considerations
Licensing for HPE Zerto is functionally transparent, offered via traditional per-VM subscriptions or through the HPE GreenLake platform as a consumption-based, as-a-service model. While the software licensing is predictable, the cost of target site infrastructure (on-premises or cloud) is borne by the customer, which can introduce variability. As a Feature Play, HPE Zerto is primarily aimed at the enterprise and larger mid-market segments. It is licensed as a specialized solution for CDP and orchestrated DR, often complementing other backup solutions used for long-term retention. Deployment complexity is straightforward for its target audience, primarily involving the deployment of virtual appliances in the source and target environments.

Use Cases
HPE Zerto goes to market supporting specific use cases, primarily focusing on continuous availability and disaster recovery for critical virtual machines and IaaS cloud instances. Its solutions are ideally suited for organizations with extremely aggressive RPOs and RTOs, enabling near-zero data loss and rapid recovery for essential VM-based applications. It is also frequently used for simplified cloud migration and data mobility for virtualized environments. The platform addresses critical business continuity requirements where high availability and minimal downtime are paramount.

HYCU: R-Cloud

Solution Overview
HYCU is a leading multicloud data-protection-as-a-service vendor. Its primary focus is to deliver a SaaS-based, multicloud platform that simplifies and unifies data protection, disaster recovery, and cyber resilience across an exceptionally broad range of workloads, with a strong emphasis on eliminating infrastructure complexity for customers. HYCU R-Cloud supports a vast and growing number of workload types, including VMs, filesystems, databases, physical servers, cloud instances (AWS, Azure, Google), DBaaS, containers, serverless functions, data warehouses, vector databases for AI workloads, IAM services, and a broad set of SaaS applications. It utilizes a unified policy engine and integrates robust ransomware resilience via its R-Shield service. HYCU's strategy is a Platform Play, aiming for holistic data protection across multicloud and SaaS environments.

HYCU is positioned as a Leader and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
HYCU scored well on a number of decision criteria, including:

• Granular restore: The platform offers world-class granular restore capabilities, providing fine-grained recovery at the individual application object, VM, file, and metadata level across all its supported workload types (SaaS, cloud-native, on-premises). It features rapid RTOs and comprehensive end user self-service, making it a leading-edge capability.

• Cross-cloud mobility: The solution offers world-class cross-cloud mobility. It supports seamless workload migration and recovery across a huge range of hypervisors and cloud providers (AWS, Azure, Google). Its platform automates format conversion, driver injection, and network configuration, enabling extensive and automated cross-platform and cross-cloud mobility.

• Serverless function protection: The platform provides world-class protection for serverless functions, specifically AWS Lambda and Google Cloud Functions. It delivers comprehensive backup coverage for function architectures, configurations, code, metadata, and associated resources. It also protects deployment orchestration services (such as CloudFormation, Terraform) and linked Git repositories, making it a leading-edge solution in this emerging area.

Opportunities
HYCU has room for improvement in a few decision criteria, including:

• Data classification: The solution's data classification is developing. The platform can leverage native cloud platform tags and labels to automatically protect applications and notes that content inspection can be done by leveraging services built into the cloud platforms themselves. This indicates functional integration but not an inherent, automated classification engine within HYCU's platform for all backup data types.

• Container image scanning: The platform’s container image scanning is developing. It states that container images stored within protected VMs are automatically scanned as part of the R-Shield service. However, it doesn't explicitly mention direct integration with container registries (for example, Docker Hub, ECR) for automated vulnerability scanning of images before backup or deployment, positioning it as developing for comprehensive image security.

• Immutable storage: The platform supports advanced immutability for all protected workloads, automating enforcement by applying the most suitable method for each target (such as Object Lock, WORM). While highly robust, it relies on these mechanisms and integrations with anomaly detection for dual-layer detection, with triggers for SIEM/SOAR integration. World-class solutions might offer an even more comprehensive, unified, and native cyber vault approach that is not tied to external integrations.

Purchase Considerations
Licensing for HYCU is advanced in transparency, utilizing a simple and utility-driven model based on workload type (for example, per VM, per TB). A key differentiator is that HYCU does not charge any egress fees for data recovery, eliminating a common source of unpredictable cloud costs. HYCU is a Platform Play suitable for both enterprise and mid-market segments, appealing to organizations of all sizes with its multicloud approach. As a SaaS-based platform, it connects to customer cloud accounts via APIs and can use lightweight virtual appliances on-premises, eliminating customer-managed infrastructure. Professional services are world-class. Deployment is very easy due to its SaaS-native nature, and migration from legacy solutions is advanced, aided by its "zero infrastructure" model.

Use Cases
HYCU supports all industry verticals and use cases by offering a comprehensive, multicloud data protection platform. Key use cases include achieving ransomware resilience with its R-Shield capabilities, orchestrating disaster recovery, simplifying data protection for a vast range of cloud-native and SaaS applications (including AI workloads), and enabling seamless data mobility across diverse environments. It is ideally suited for organizations seeking a unified, infrastructure-agnostic, and outcome-focused approach to data resilience, providing robust capabilities to protect and recover data across their entire hybrid and multicloud IT estate.

IBM: IBM Storage Protect*

Solution Overview
IBM is a global technology and consulting company with a deep heritage in enterprise IT. Its primary data protection focus is on providing comprehensive, enterprise-grade data protection and cyber resilience solutions across hybrid cloud environments. IBM's portfolio includes IBM Storage Protect (formerly Spectrum Protect/TSM), a robust enterprise backup and archive solution, and IBM Storage Protect Plus, a more modernized data resilience solution for virtualized and containerized workloads. These products support a vast range of workloads, including physical servers, virtual machines, databases, enterprise applications, mainframes, NAS, and cloud VMs. They integrate deeply within the IBM Cloud ecosystem and support connections to other major public clouds. IBM's strategy is a Platform Play, emphasizing resilience, scalability, and deep enterprise integration for holistic data protection.

IBM is positioned as a Challenger and Fast Mover in the Maturity/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
IBM scored well on a number of decision criteria, including:

• Application-consistent backup: The platform delivers world-class application-consistent backup for an extremely broad range of enterprise applications and databases (DB2, Oracle, SQL Server, SAP HANA, Exchange, SharePoint). Consistency is achieved through application-specific APIs and agents across physical, virtual, and IaaS deployments, ensuring transactional integrity and reliable recovery for mission-critical workloads.

• Immutable storage: The solution offers advanced immutable storage capabilities, including WORM storage on physical appliances like tape libraries (a key air-gap solution) and integration with cloud object lock features (AWS S3 Object Lock, Azure Blob Immutable Storage, IBM Cloud Object Storage immutable vaults). This robust, multifaceted approach provides strong defense against ransomware and unauthorized deletion.

• Automated compliance reporting: The platform provides advanced capabilities for automated compliance reporting, leveraging its strong governance and data management portfolio. IBM Storage Protect offers comprehensive logging and reporting features that aid in demonstrating adherence to various regulatory frameworks, simplifying audit processes for enterprises in regulated industries.

Opportunities
IBM has room for improvement in a few decision criteria, including:

• Cross-cloud mobility: The platform supports cross-cloud mobility primarily by enabling major public clouds as backup targets. While workloads can be recovered to alternate cloud regions, seamless, automated, and orchestrated workload migration between different hyperscale public cloud providers (such as an automated conversion from AWS to Azure) is not a native, unified strength within the core data protection products.

• Centralized dashboard: IBM Storage Protect Plus provides a modernized web-based user interface for centralized management and monitoring of protected workloads, offering dashboards for backup status, job health, and capacity. The overall management experience for a very large, heterogeneous environment might involve navigating between different consoles (for example, Storage Protect vs. Storage Protect Plus) or require integration with broader IBM management tools for a truly unified single pane of glass.

• Container image scanning: While the solution offers extensive container security services within its Red Hat OpenShift portfolio, the direct integration of container image scanning into the backup process itself, specifically for validating the integrity and security posture of container backups, is not a primary, explicit feature of the platform .

Purchase Considerations
Licensing for IBM Storage Protect products is functionally transparent but can be complex, often based on front-end terabytes or resource units, with various modules and add-ons. IBM offers both perpetual and subscription models, with cloud storage targets managed by the customer. The solution is a Platform Play primarily aimed at the enterprise market, suited for complex hybrid cloud environments. Its professional services are world-class. Deployment complexity can be high, often requiring specialized expertise that reflects the platform's enterprise-grade power and flexibility. Migration from legacy solutions is well supported, particularly when guided by IBM's extensive professional services organization.

Use Cases
IBM supports all industry verticals and use cases by offering a comprehensive data protection platform for complex hybrid cloud environments. Key use cases include enterprise-grade backup and recovery, ensuring cyber resilience for mission-critical applications (such as DB2, SAP), managing long-term data retention and archival, and providing data protection for highly regulated industries. Its solutions are ideally suited for large organizations seeking a robust, scalable, and deeply integrated platform for their entire data estate, from traditional on-premises mainframes and core business applications to modern cloud deployments.

Infrascale

Solution Overview
Infrascale is a provider of cloud-based data protection and disaster recovery solutions, primarily delivered through a strong network of MSPs. Its focus is to deliver a comprehensive suite of backup and DR services for endpoints, servers, and SaaS applications, emphasizing rapid recovery and business continuity. Infrascale offers a modular suite: Infrascale Cloud Backup (for endpoint backup/recovery), Infrascale Cloud Application Backup (for SaaS apps like Microsoft 365), and Infrascale Backup & Disaster Recovery (for workload backup and recovery with a local appliance and cloud failover capability). The platform supports physical servers, virtual endpoints (Hyper-V and VMware), and integrates with VSS for application consistency. Infrascale's strategy is a feature-focused approach, aiming to provide comprehensive, easy-to-use backup and DRaaS modules for SMBs and MSPs.

Infrascale is positioned as a Challenger and Fast Mover in the Innovation/Feature Play quadrant of the cloud data protection Radar chart.

Strengths
Infrascale scored well on a number of decision criteria, including:

• Granular restore: The solution offers advanced granular restore, allowing users to browse and restore individual items across all modules (endpoint, SaaS, and server image). It supports file and folder level restore and individual SaaS items with robust self-service capabilities for emergency events, testing, and failover, demonstrating advanced precision and accessibility for its target market.

• Orchestrated recovery: The suite provides advanced orchestrated disaster recovery capabilities that can be defined and tested ahead of time. This includes automated network configuration (MAC addresses, IP routing, VPN), boot order sequencing, and post-failover scripting for specific workloads. This supports nondisruptive testing, making it a robust DRaaS offering.

• Centralized dashboard: The solution provides a single, advanced permissioned web dashboard for all workloads, supporting hierarchical management crucial for MSPs. It offers downloadable reports and configurable alerting specific to modules and endpoints. Customers can view backup compliance and storage consumption directly, providing strong centralized visibility and management.

Opportunities
Infrascale has room for improvement in a few decision criteria, including:

• Immutable storage: The solution defines immutability as data resiliency, preventing loss or alteration. The platform uses highly resilient object storage, tracks data hashes, and offers "soft deletion" with a configurable delay and a "pin backup" feature. This provides functional immutability but lacks more advanced features like deep integration with ransomware detection to initiate an automated response or a dedicated, air-gapped cyber recovery vault.

• AI-driven anomaly detection: The solution offers anomaly detection based on changes in backup volume that can trigger alerts. However, the company's stated position is that deeper pattern or metadata-based anomaly detection is "best left to EDR-XDR type products," indicating a basic approach to AI/ML integration within the backup platform itself.

• Application-consistent backup: The solution offers functional application-consistent backup, with integrations for SQL Server and Exchange, along with VSS and hypervisor-specific consistency tooling (VMware, Hyper-V). This consistency is constant across deployment types and meets expectations for common enterprise applications on virtualized or physical infrastructure. The product does not explicitly detail comprehensive application consistency for a very broad range of enterprise applications or native PaaS databases (beyond those on VMs).

Purchase Considerations
Licensing for Infrascale is advanced in transparency, offering clear pricing models (service-based, endpoint-based, seat-based) that are "all-inclusive" of software, updates, and support. A key differentiator is that there are "no egress or additional fees" when using Infrascale Cloud storage. Infrascale is a Feature Play primarily aimed at the SMB and MSP markets, and explicitly not the enterprise segment. It is licensed as a modular suite of products for specific functionality. Support and professional services are comprehensive and delivered both directly and through their strong partner network. Deployment is straightforward, with options including SaaS, physical and virtual appliances, and hybrid models. Migration is well supported by its bare metal restore capability for P2V/V2P and cloud migrations.

Use Cases
Infrascale goes to market supporting specific use cases for SMBs and MSPs. Primary adoption scenarios include endpoint backup and recovery for distributed workforces, cloud application backup for Microsoft 365, and rapid disaster recovery to the cloud for physical and virtual workloads. Its solutions are ideally suited for organizations seeking streamlined, affordable, and easy-to-use data protection for critical systems and SaaS applications, with a strong emphasis on business continuity and providing targeted capabilities for specific customer needs.

Kaseya: Unitrends*

Solution Overview
Kaseya is a leading provider of IT management and security solutions for MSPs and SMBs. Its data protection offerings are delivered through two primary brands: Unitrends, an integrated backup and disaster recovery solution, and Spanning, a cloud-native backup solution for SaaS applications. This report focuses on Unitrends, whose primary goal is to provide simplified, comprehensive data protection through appliance-based or virtual appliance solutions with cloud capabilities. Key offerings include Unitrends Backup (for physical servers, virtual machines, applications, NAS) and Unitrends DRaaS (for cloud-based disaster recovery). Unitrends supports VMware vSphere, Microsoft Hyper-V, and also offers Microsoft 365 backup. It is a core component of the Kaseya IT Complete platform, with a strategy largely feature-focused on providing integrated, all-in-one backup and disaster recovery for SMBs and MSPs.

Kaseya is positioned as a Challenger and Forward Mover in the Maturity/Feature Play quadrant of the cloud data protection Radar chart.

Strengths
Kaseya scored well on a number of decision criteria, including:

• Granular restore: The solution offers functional granular restore capabilities, including file-level recovery from VM backups and specific item-level recovery for Microsoft 365 (individual emails, for example). It also supports database item recovery for common applications, meeting expectations for common recovery scenarios in its target market. 

• Immutable storage: The offering supports functional immutable storage, often by leveraging cloud object lock for offsite backup copies (for example, to Unitrends Cloud or a third-party cloud) or through the hardening of its physical and virtual appliances. This provides effective immutability for backup data, helping protect against ransomware and malicious deletion.

• Application-consistent backup: Unitrends provides functional application-consistent backups for virtual machines running common applications like Microsoft SQL Server and Exchange, typically via VSS integration. This meets the fundamental requirement for ensuring data integrity for these key applications.

Opportunities
Kaseya has room for improvement in a few decision criteria, including:

• Cross-cloud mobility: The solution’s cross-cloud mobility is developing. It primarily supports backing up on-premises workloads to its cloud or other S3-compatible cloud storage as a target. While it offers cloud DR (DRaaS) for on-premises workloads, it lacks native, automated capabilities for seamless workload migration between different public cloud providers (such as AWS to Azure).

• Orchestrated recovery: The platform offers developing orchestration capabilities for its DRaaS, enabling instant recovery for VMs and some automated failover processes. However, it generally provides more basic orchestration for multitier applications, lacking sophisticated automation for complex, interdependent application stacks across diverse hybrid or multicloud environments.

• AI-driven anomaly detection: AI-driven anomaly detection is minimal. Publicly available information about these core backup products does not prominently feature AI-driven anomaly detection for backup data patterns or ransomware indicators. While the broader Kaseya platform incorporates AI in other areas, specific integration into Unitrends' backup data stream is not a stated capability.

Kaseya was classified as a Forward Mover given its dominant position within the MSP channel and the successful integration of Unitrends into the broader Kaseya IT Complete platform, which provides a strong, unified solution for its target market.

Purchase Considerations
Licensing for Unitrends, a Kaseya company, is functionally transparent, often based on appliance capacity, or per-socket/per-user for SaaS components, providing clarity for SMBs and MSPs. Kaseya (Unitrends) is a Feature Play primarily aimed at the SMB and MSP markets, with its integrated, appliance-based approach well suited for decision-makers seeking a simplified, all-in-one solution that is part of the Kaseya IT Complete platform. Professional services are functional and delivered as needed. Deployment is generally straightforward, with physical or virtual appliances and SaaS components simplifying setup. Migration is functional, with instant recovery and bare metal restore capabilities aiding workload movement.

Use Cases
Unitrends, a Kaseya company, goes to market supporting specific use cases for SMBs and MSPs. Primary adoption scenarios include comprehensive on-premises physical and virtual machine backup, Microsoft 365 backup, and simplified DRaaS to the cloud. Its solutions are ideally suited for organizations seeking an integrated, easy-to-manage, and cost-effective data protection solution for their core IT environments, providing essential capabilities for daily operations and disaster preparedness within its targeted market segments.

Microsoft: Azure*

Solution Overview
Microsoft is a global technology company and a leading cloud provider. Its primary data protection focus, through Azure, is to offer native, integrated, and scalable services for safeguarding data and workloads deployed within the Azure cloud ecosystem, emphasizing its shared responsibility model. Microsoft's data protection comprises multiple integrated Azure services. Azure Backup offers centralized, policy-driven backup across Azure VMs, SQL/SAP HANA in Azure VMs, Azure SQL Database, Azure Files, Blobs, Disks, and Azure Kubernetes Service (AKS). Azure Site Recovery (ASR) provides disaster recovery for Azure VMs and on-premises VMs to Azure. These services leverage native Azure infrastructure. Microsoft's strategy is a Platform Play, designed to address data protection holistically within the Azure ecosystem by providing foundational, scalable services that customers can combine and manage.

Microsoft is positioned as a Leader and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Microsoft scored well on a number of decision criteria, including:

• Immutable storage: The platform provides world-class immutable storage capabilities. Azure Blob Storage supports WORM functionality through features like immutable storage for blobs and legal holds. Azure Backup vaults can also be configured with immutability and multi-user authorization for critical operations. This native and robust approach is deeply integrated into Azure's storage services.

• Orchestrated recovery: Azure Site Recovery provides advanced and robust orchestration for disaster recovery. It automates the failover and failback of Azure VMs and on-premises VMware and Hyper-V VMs to Azure, including automated network configuration and customizable scripting via recovery plans. ASR also supports nondisruptive DR testing, providing strong orchestration for VM-based DR scenarios within and to Azure.

• Application-consistent backup: Microsoft provides strong application-consistent backup capabilities for workloads running on Azure. For Azure VMs, VSS integration is used for Windows-based applications. Managed PaaS databases like Azure SQL Database inherently provide application-consistent snapshots and point-in-time recovery. This robust capability ensures data integrity for critical applications within the Azure ecosystem.

Opportunities
Microsoft has room for improvement in a few decision criteria, including:

• Granular restore: Granular restore capabilities in Azure vary by service. While Azure Backup supports file-level restore for VMs and PaaS databases offer point-in-time recovery, restoring individual database objects often requires manual processes. For Microsoft 365, native tools are focused on eDiscovery and compliance, not operational recovery, leading Microsoft to recommend third-party backup solutions for comprehensive granular restore capabilities.

• Cross-cloud mobility: The platform is inherently focused on its own cloud ecosystem. While robust cross-region and cross-subscription data recovery capabilities are provided within Azure, direct, seamless, and automated cross-cloud mobility (such as Azure to AWS or GCP) for active workloads is not a native feature of Azure's data protection services and typically requires third-party tools.

• Serverless function protection: For Azure Functions, Microsoft's serverless platform, protection primarily involves code management in source control (for example, Git) and reliance on the backup of underlying data stores. Azure Backup does not offer direct protection for the serverless function's configuration or code as a distinct workload type for full operational recovery, representing a minimal native capability.

Purchase Considerations
Licensing for Microsoft Azure's data protection services is transparent, based on a pure pay-as-you-go model with granular billing. Common metrics include per-protected-instance fees and storage consumption, with costs varying by redundancy level. This offers flexibility, although managing costs across many services requires FinOps discipline using tools like Microsoft Cost Management. Azure is universally adopted by organizations of all sizes, from SMBs to the largest enterprises. As a Platform Play, Azure's data protection is part of its larger, integrated suite of cloud services that customers assemble into a comprehensive strategy. Extensive support is available through Microsoft's own professional services and a vast partner ecosystem. Deployment is straightforward for Azure-native workloads via the Azure Portal, CLI, or infrastructure as code (ARM/Bicep), but migrating data out of Azure is complex due to data gravity and egress policies.

Use Cases
Microsoft supports all industry verticals and use cases by providing foundational, native cloud data protection services within the Azure ecosystem. Its solutions are ideally suited for organizations deeply invested in Azure. Primary use cases include protecting IaaS workloads (Azure VMs, Disks), PaaS databases (Azure SQL DB, PostgreSQL), Azure Files and Blobs, and implementing in-cloud disaster recovery. It is also used for long-term archiving and compliance for Azure-native data, forming a robust foundation for cloud-centric data resilience and ensuring the continuity of Azure-based operations.

N-able: Cove Data Protection

Solution Overview
N-able is a global software company focused on providing solutions for MSPs. Its Cove Data Protection from N-able is a direct-to-cloud, multitenant SaaS platform designed for MSPs to deliver backup, disaster recovery, and Microsoft 365 protection services to their end customers. The solution deploys a lightweight agent on server and workstation workloads, which sends backup data directly to N-able’s secure, global private cloud, eliminating the need for any on-premises backup hardware. It is a single, standalone solution that unifies these functions.

N-able is positioned as a Challenger and a Fast Mover in the Maturity/Feature Play quadrant of the cloud data protection Radar chart.

Strengths
N-able scored well on a number of decision criteria, including:

• Centralized dashboard: The platform's multitenant dashboard is a standout feature, designed from the ground up to provide MSPs with a single, comprehensive view across all its clients. This allows for exceptional operational efficiency in monitoring, managing, and reporting on backup status at scale.

• Immutable storage: N-able provides robust data protection by storing all backups in its private cloud, which is inherently immutable by default. This approach offers strong, built-in protection against ransomware and malicious deletion without requiring complex configuration by the MSP.

• Granular restore: The dashboard in the platform’s web interface provides functional real-time visibility into all protected workloads. It allows viewing or sending customizable reports for infrastructure overview, performance, protection, and storage. This provides functional monitoring and reporting within its scope.

Opportunities
N-able has room for improvement in a few decision criteria, including:

• Orchestrated recovery: The platform could enhance its disaster recovery capabilities by expanding beyond single-server restoration to include dependency mapping and boot order sequencing. This would empower its MSP partners to offer more robust DR services for clients running multitier applications.

• Cross-cloud mobility: N-able could improve its support here by developing automated tools for workload migration and recovery between different public clouds. Adding native conversion utilities would provide MSPs with a valuable service offering for clients adopting multicloud strategies.

• Automated compliance reporting: The solution could be improved by adding a library of prebuilt, audit-ready report templates for major regulatory frameworks like HIPAA and GDPR. This would save its partners significant manual effort and enable them to better serve clients in regulated industries.

Purchase Considerations
Licensing for N-able Cove is highly transparent and designed for MSP profitability, based on a predictable, consumption-based model. The solution is effectively productized for its target SMB end user, delivered exclusively through the MSP channel. It is licensed to be the BCDR component within an MSP's broader service catalog and is deployed alongside other management and security tools. Deployment complexity is exceptionally low due to its agent-based, direct-to-cloud SaaS model, which is a significant value proposition for MSPs needing to onboard clients quickly. Because of this simplicity, dedicated professional services are typically not required. Migration from legacy solutions is a manual process, though recovery to virtual environments is well supported.

Use Cases
N-able goes to market with a laser focus on a specific industry vertical: MSP channel. Its primary use case is to power a comprehensive, managed backup and disaster recovery (BCDR) service that is profitable and scalable. The solution is optimized to protect the typical SMB technology stack, including comprehensive backup for physical and virtual servers, workstations, and critical Microsoft 365 data, coupled with rapid, single-server disaster recovery.

NAKIVO

Solution Overview
NAKIVO is a software company specializing in backup, replication, and disaster recovery. Its primary focus is to provide a fast, reliable, and affordable data protection solution for virtual, physical, cloud, and SaaS environments, often targeting SMBs and MSPs with a single, integrated product. NAKIVO Backup & Replication is a standalone solution that offers comprehensive backup, instant recovery, replication, site recovery (DR), and monitoring. It supports a wide range of workloads, including VMs (VMware, Hyper-V, Proxmox, Nutanix AHV, Amazon EC2), physical machines, file shares, Microsoft 365, and Oracle Database. The solution can be installed on various platforms (Windows, Linux, NAS) or deployed as a virtual appliance or cloud AMI. NAKIVO's strategy is a Platform Play, aiming for broad functionality across diverse environments within a single product.

NAKIVO is positioned as a Challenger and Fast Mover in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
NAKIVO scored well on a number of decision criteria, including:

• Application-consistent backup: The platform supports advanced application-consistent backup for machines running Microsoft Active Directory, Exchange, MS SQL Server, and Oracle Database. Consistency is achieved through native VMware Guest OS Quiescing, Microsoft VSS integration (Hyper-V, physical Windows, Amazon EC2), and pre- and post-scripts for Linux.

• Granular restore: The solution offers advanced granular restore capabilities, allowing recovery of individual files, database objects, email items (Microsoft 365), OneDrive files, SharePoint items, Teams items, and application objects (Active Directory, Exchange, SQL Server).

• Centralized dashboard: The dashboard in the platform’s web interface provides functional real-time visibility into all protected workloads. It allows viewing or sending customizable reports (PDF or CSV) for infrastructure overview, performance, protection, and storage. This provides functional monitoring and reporting within its scope.

Opportunities
NAKIVO has room for improvement in a few decision criteria, including:

• Immutable storage: The platform provides functional immutable storage by integrating with repositories that support WORM functionality (S3 Object Lock, Linux Hardened Repositories). It also supports scanning with third-party antivirus software for malware. However, it lacks a deeply integrated anomaly detection engine or a dedicated cyber vault, which distinguishes it from leading cyber resilience solutions.

• Orchestrated recovery: The solution includes a site recovery feature that can orchestrate the recovery of multitier applications with dependencies, supporting automated network configuration and pre- and post-scripts. Nondisruptive testing is also supported. While functional for DR orchestration, the depth of advanced, customizable runbooks may be less extensive than specialized enterprise DR platforms.

• Cross-cloud mobility: The platform’s cross-cloud mobility is developing. It supports P2V/V2V conversions and can restore AWS EC2 instances to other regions or accounts. However, it does not natively support seamless workload migration between different public cloud providers (such as AWS to Azure), which limits its cross-cloud mobility to primarily within AWS or through P2V and V2V conversions.

Purchase Considerations
Licensing for NAKIVO is transparent, offering both perpetual and subscription-based options with various metrics (per socket, VM, server, database, or TB). Its pricing model is designed to be clear and affordable, with a stated policy of "no hidden fees or egress charges." NAKIVO is a Platform Play positioned across SMBs, enterprises, and MSPs, with its single product providing integrated solutions for various segments. Deployment is straightforward, supporting installation on various platforms or as preconfigured virtual appliances. Migration capabilities are robust, with P2V and V2V features aiding workload movement.

Use Cases
NAKIVO supports most industry verticals and use cases by offering a versatile data protection platform. Key use cases include comprehensive backup and recovery for virtualized environments (VMware, Hyper-V, Nutanix, Proxmox), physical servers, and Microsoft 365. It is also used for site recovery (DR) for multitier applications and for protecting Amazon EC2 instances. Its solution is ideally suited for organizations seeking a cost-effective, all-in-one data protection solution across hybrid environments, addressing core data protection needs with a focus on simplicity, performance, and efficiency.

OpenText*

Solution Overview
OpenText is a global leader in information management software and services. Its data protection offerings, largely from its acquisition of Micro Focus's software portfolio, include OpenText Data Protector (for traditional enterprise backup) and OpenText CloudAlly (for SaaS application backup). The company's focus is on securing and managing diverse data assets across the enterprise lifecycle. Data Protector provides backup and recovery for traditional on-premises physical, virtual, application, and NAS workloads, with cloud as a target. CloudAlly is a SaaS-to-SaaS backup solution for Microsoft 365, Google Workspace, and Salesforce. These are distinct products within OpenText's broader information management portfolio, reflecting a strategy that provides comprehensive data protection for both traditional enterprise IT and SaaS applications through separate, specialized product lines.

OpenText is positioned as a Challenger and Forward Mover in the Maturity/Feature Play quadrant of the cloud data protection Radar chart.

Strengths
OpenText scored well on a number of decision criteria, including:

• Granular restore: The solution offers functional granular restore capabilities. Data Protector supports file-level and application-item level recovery for on-premises workloads. CloudAlly enables granular item-level recovery for supported SaaS applications (for example, individual emails and files), providing the necessary precision for common recovery scenarios.

• Immutable storage: The offerings support functional immutable storage. Data Protector can leverage WORM media like tape and integrates with cloud object storage that has object lock capabilities. CloudAlly inherently provides immutability for its backups stored in its SaaS environment. This provides effective protection that meets modern expectations.

• Application-consistent backup: Data Protector provides functional application-consistent backups for a range of traditional enterprise applications and databases (SQL Server, Oracle) using VSS or application-specific agents. For CloudAlly, consistency for SaaS applications is achieved via API-level integration, meeting fundamental data integrity requirements.

Opportunities
OpenText has room for improvement in a few decision criteria, including:

• Data classification: The solution has strong data governance and classification tools within its broader Information Management portfolio. While these can discover and classify sensitive data, their direct, automated integration into the backup data stream to apply specific protection policies based on classification tags is an evolving area for its core data protection products, representing an opportunity for tighter integration.

• Cross-cloud mobility: Data Protector can back up to and restore from public cloud object storage as a backup target, and CloudAlly operates as a SaaS-to-SaaS solution. However, the portfolio does not natively support seamless, automated workload migration between different public cloud providers or complex workload replatforming for active workloads.

• Orchestrated recovery: Data Protector has developing capabilities for orchestrating traditional disaster recovery and can define recovery sequences. However, it is not a leading-edge DR orchestration platform compared to specialized solutions, particularly for complex, multitier applications across hybrid or multicloud environments. CloudAlly does not offer DR orchestration.

OpenText was classified as a Forward Mover given its strong position within large enterprise accounts, its comprehensive information management portfolio, and the continued growth of its CloudAlly SaaS backup solution.

Purchase Considerations
Licensing for OpenText data protection is functionally transparent but varies by product: Data Protector typically involves traditional perpetual or subscription licensing, while CloudAlly is a straightforward per-user subscription. OpenText is a Feature Play primarily aimed at the enterprise market (Data Protector) and SMB, mid-market, and enterprise (CloudAlly), licensed for specific functionality. Professional services and support are advanced, leveraging OpenText's global presence. Deployment complexity varies: Data Protector is software-defined and can be complex, while CloudAlly offers a simple SaaS-based setup. Migration capabilities are functional, with tools aiding data archival and movement.

Use Cases
OpenText goes to market supporting specific use cases across traditional enterprise environments and SaaS applications. Key use cases for Data Protector include comprehensive backup and recovery for physical and virtual servers, enterprise applications, and long-term archiving to the cloud. CloudAlly focuses on protecting critical data within Microsoft 365, Google Workspace, and Salesforce. The portfolio is ideally suited for organizations seeking specialized, best-of-breed tools for these distinct data protection needs, often integrating them into their broader information management strategies for comprehensive information lifecycle management.

Quest Software

Solution Overview
Quest Software is a global software company providing solutions for data protection, data management, and cybersecurity. Its primary data protection focus is on offering enterprise backup and recovery, with specialized capabilities for Microsoft environments and data reduction. Quest Software's data protection portfolio includes several distinct products: Quest NetVault Plus (enterprise backup and recovery software), Quest QoreStor (a software-defined secondary storage platform for high-performance deduplication), Rapid Recovery (for fast, snapshot-based recovery), and Quest On Demand Recovery (SaaS for Microsoft 365 and Active Directory recovery). This portfolio addresses traditional on-premises, virtual, cloud, and SaaS workloads. Quest Software's strategy is a feature-focused approach, positioning it as a Feature Play that provides comprehensive backup and recovery solutions through specialized product lines.

Quest Software is positioned as a Challenger and Fast Mover in the Maturity/Feature Play quadrant of the cloud data protection Radar chart.

Strengths
Quest Software scored well on a number of decision criteria, including:

• Immutable storage: The portfolio supports functional immutable storage by leveraging cloud object lock features for offsite backup copies (such as via QoreStor to S3-compatible cloud storage) and by providing hardening features for its appliances. However, it does not prominently feature deep integration with AI-driven ransomware detection to trigger immutability or a dedicated cyber recovery vault.

• Application-consistent backup: The portfolio provides functional application-consistent backups for major enterprise applications, with a particular strength in Microsoft applications such as SQL Server, Exchange, SharePoint, and Active Directory. Consistency is achieved through VSS integration and application-specific agents and APIs.

• Granular restore: Quest provides granular restore capabilities through specialized solutions. Its On Demand Recovery service focuses on hybrid Active Directory and Microsoft Entra ID, offering granular, object-level restore. Protection for Microsoft 365 content is handled by NetVault Plus, which provides item-level recovery for a broad range of services, including individual emails from Exchange, files from OneDrive, sites from SharePoint, and channel conversations from Teams. This multiproduct approach provides precise recovery for key identity and cloud productivity workloads.

Opportunities
Quest Software has room for improvement in a few decision criteria, including:

• Orchestrated Recovery: While Quest solutions provide robust recovery for individual workloads, such as virtual machines and applications, the platform could be enhanced by introducing a dedicated orchestration engine. An opportunity exists to unify the recovery of disparate components by building in capabilities for automated application dependency mapping, boot order sequencing, and network reconfiguration. Adding a feature for nondisruptive, automated disaster recovery testing would elevate the solution from providing reliable component recovery to offering true, one-click application resilience.

• Cross-cloud mobility: The solution’s cross-cloud mobility is developing. NetVault supports backing up data to and restoring from public cloud object storage as a backup target, and Rapid Recovery can replicate to a cloud DR site. However, the portfolio lacks native, automated capabilities for seamless workload migration between different public cloud providers (for example, AWS to Azure). 

• AI-driven anomaly detection: While Quest's QoreStor platform provides robust anomaly detection by baselining backup behavior and alerting on key indicators, an opportunity exists to mature the feature by building in automated response capabilities. The solution could be enhanced to move beyond just alerting by automatically taking protective actions when a credible threat is detected. For example, it could automatically extend the immutability of the last known good backup copies or integrate with SOAR platforms to trigger a security playbook. This would evolve the feature from a detection and alerting tool into a more active cyber resilience system, reducing response times and the potential for human error during an attack.

Purchase Considerations
Licensing for Quest Software is functionally transparent but can be complex due to its diverse product portfolio, with varying metrics (per TB, per socket/VM, per user for SaaS) and options. Quest Software is a Feature Play primarily aimed at the mid-market and enterprise segments. It is licensed for specific functionality, suitable for decision-makers seeking targeted strengths, especially for Microsoft environments. Professional services are advanced. Deployment is flexible, with options ranging from straightforward SaaS onboarding (on demand) to more involved software-defined deployments (NetVault Plus, QoreStor) that may require specialized expertise.

Use Cases
Quest Software goes to market supporting specific use cases, particularly excelling in comprehensive data protection for Microsoft environments (such as Active Directory, SQL Server, Microsoft 365). Other key use cases include enterprise backup and recovery for physical and virtual servers and achieving efficient data reduction through its purpose-built deduplication technology. Its solutions are ideally suited for organizations with significant investments in Microsoft technologies or specific needs for data reduction, seeking specialized tools for targeted data protection challenges rather than a single, consolidated platform.

Rubrik: Rubrik Security Cloud

Solution Overview
Rubrik is a leading data security company specializing in an integrated platform for data protection, data security, and data governance. Its primary focus is to secure enterprise data from cyber threats, particularly ransomware, and ensure business continuity across hybrid and multicloud environments. Rubrik Security Cloud is a unified, SaaS-based platform that converges data protection (backup, recovery, DR), data security (ransomware detection, data classification), and data governance. It supports a broad range of workloads, including physical servers, virtual machines, cloud-native IaaS, PaaS, and SaaS applications, leveraging its native immutable file system for resilience. Rubrik's strategy is a Platform Play, aiming to provide holistic data security and simplify data governance across the entire data estate.

Rubrik is positioned as a Leader and Outperformer in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Rubrik scored well on a number of decision criteria, including:

• Immutable storage: The platform is a recognized leader in immutable storage. Its file system is inherently designed with WORM properties, ensuring backup data cannot be altered, encrypted, or deleted by an attack. It leverages object lock for cloud targets and enforces strict access controls like multifactor authentication and a quorum model for critical actions, making it a world-class defense against modern cyberthreats.

• AI-driven anomaly detection: The solution is a leading innovator in AI-driven anomaly detection. Its platform continuously monitors backup data for unusual patterns (mass deletions, encryption, data exfiltration indicators) to detect ransomware and other threats. It leverages machine learning to identify the last known clean copy of data and integrates this with recovery workflows, representing state-of-the-art threat detection.

• Application-consistent backup: The platform delivers world-class application-consistent backup for a very wide range of enterprise applications and databases. It integrates deeply with application-specific APIs (Oracle RMAN, SAP HANA) and utilizes VSS for Windows-based applications, ensuring transactional consistency and data integrity for mission-critical workloads across physical, virtual, and cloud-based deployments.

Rubrik was classified as an Outperformer given its strong vision and execution in converging data protection with data security, its clear leadership in ransomware resilience, and its rapid innovation on its SaaS-based Security Cloud platform.

Opportunities
Rubrik has room for improvement in a few decision criteria, including:

• Serverless function protection: The solution’s serverless function protection is developing. The platform provides strong protection for cloud-native IaaS and PaaS databases. However, dedicated protection for serverless functions as fully recoverable workloads, including their code and configurations, remains an evolving capability. Protection typically relies on backing up underlying data stores that serverless functions interact with.

• Orchestrated recovery: Rubrik's orchestrated recovery capabilities are already highly advanced, ensuring resilient, automated recovery for multitier applications with complex dependencies. This is a critical building block for what the future demands. As the industry shifts to multicloud and cloud-native architectures, Rubrik has a clear opportunity to leverage its existing strengths to develop the most comprehensive solution. The platform's proven ability to automate complex recovery tasks positions it to become the definitive standard for enterprise-wide, future-proof data resilience across any cloud and any application, including containers and serverless functions.

• Cross-cloud mobility: The solution provides advanced cross-cloud mobility, supporting seamless replication and migration of workloads from on-premises to major public clouds (AWS, Azure, GCP). While highly capable for data mobility and DR-to-cloud, its direct, automated, and orchestrated workload mobility between disparate public cloud providers (such as one-click failover from AWS to Azure) is an evolving area compared to hyper-specialized cross-cloud DRaaS tools.

Purchase Considerations
Licensing for Rubrik is advanced in transparency, offering subscription-based pricing for its software and its comprehensive SaaS platform, the Rubrik Security Cloud. Its industry-leading global deduplication and compression significantly reduce storage costs. Rubrik is a Platform Play strong across the mid-market and enterprise segments, suited for consolidating data silos and enhancing cyber resilience. It is licensed as a comprehensive cloud-based data security platform designed to displace incumbent solutions. Professional services are world-class, offering extensive support for deployment, optimization, and complex recovery scenarios, including dedicated cyber recovery services. Deployment is flexible, with options for hardware appliances, virtual appliances, or SaaS delivery.

Use Cases
Rubrik supports all industry verticals and use cases by offering a comprehensive data security cloud. Key use cases include achieving ransomware resilience (detection, clean recovery points, automated investigation), consolidating backup and recovery for hybrid and multicloud environments, and enabling sensitive data discovery and governance. Its solution is ideally suited for organizations seeking to converge data protection and cybersecurity operations into a single, proactive strategy to manage and secure their entire data estate. This ensures data integrity and availability across all environments, from traditional data centers to cutting-edge cloud-native deployments.

Veeam: Veeam Data Platform

Solution Overview
Veeam is a leading provider of data protection and ransomware recovery solutions. Its primary focus is to deliver a comprehensive, unified, and extensible platform for backup, recovery, and data management across all data types—cloud, virtual, physical, SaaS, and Kubernetes. The core offering, the Veeam Data Platform (VDP), is a comprehensive suite comprising Veeam Backup & Replication, Veeam ONE (monitoring), and Veeam Recovery Orchestrator. It deeply integrates Veeam Kasten for Kubernetes protection and offers specific SaaS backup solutions for Microsoft 365 and Salesforce. VDP provides a unified management console and supports a vast range of workloads. Veeam's strategy is a Platform Play, emphasizing "True Platform Flexibility & Portability" and "Comprehensive Cloud & SaaS Coverage" for holistic data protection.

Veeam is positioned as a Leader and Outperformer in the Innovation/Platform Play quadrant of the cloud data protection Radar chart.

Strengths
Veeam scored well on a number of decision criteria, including:

• Granular restore: The platform offers world-class granular restore capabilities, supporting extremely fine-grained recovery down to individual files, database tables, email items (Exchange, Microsoft 365), SharePoint and OneDrive files, Teams messages, Active Directory objects, and Salesforce records. This is available across all supported workload types, with rapid RTOs and comprehensive self-service portals, making it a leading-edge capability.

• Immutable storage: The solution is a recognized leader in immutable storage. It natively supports immutability across a wide range of targets: Linux Hardened Repository, purpose-built backup appliances (such as HPE StoreOnce, Dell Data Domain), and major public cloud object storage (Amazon S3 Object Lock, Azure Blob, Google Cloud Storage). Immutability is enforced via WORM and object lock, with integrated ransomware detection to help identify the last known good recovery point.

• Kubernetes workload protection: The platform offers world-class Kubernetes workload protection through its Veeam Kasten platform, which is deeply integrated with the Veeam Data Platform. Veeam Kasten protects all critical elements of Kubernetes workloads, including persistent volumes, application manifests (deployments, services, secrets), and full application state. It supports a broad range of Kubernetes distributions and storage solutions, providing application-aware backup and recovery and enabling cross-cluster and cloud recovery.

Veeam was classified as an Outperformer given its massive market presence; comprehensive platform vision covering cloud, SaaS, and Kubernetes; and its successful integration of Veeam Kasten, making it a leader in both traditional and cloud-native data protection.

Opportunities
Veeam has room for improvement in a few decision criteria, including:

• Data classification: The platform currently offers basic data classification and discovery features (primarily within Veeam ONE and Veeam Backup for Microsoft 365) for identifying sensitive data (PII) in backup copies of Microsoft 365 environments and Windows file data. While present and actively being enhanced, it is functional but not yet as comprehensive or broadly integrated across all data sources as specialized data classification platforms.

• Serverless function protection: Current data protection capabilities extend to the critical data services used alongside serverless architectures (Amazon RDS, DynamoDB, and Azure SQL). However, the platform does not currently provide direct backup and recovery for serverless function code or configuration (for example, AWS Lambda and Azure Functions). Veeam is exploring broader protection for serverless functions as part of its long-term roadmap.

• Container image scanning: The solution, through Veeam Kasten, focuses on comprehensive backup for Kubernetes applications. While Veeam Kasten integrates into DevOps workflows, it does not currently perform native automated vulnerability or malware scanning of container images within registries. This indicates a minimal capability for this specific emerging feature, relying on complementary third-party tools for image security validation.

Purchase Considerations
Licensing for Veeam is advanced in transparency, primarily based on the portable Veeam Universal License (VUL), which scales linearly per workload across hybrid and multicloud environments, with no additional charges for data volume or egress. This predictable, workload-based model is a key advantage. Veeam is a Platform Play that is very strong across SMB, mid-market, and enterprise segments. It is licensed as the unified Veeam Data Platform (VDP). Professional services and support are world-class, offering comprehensive 24/7 global support. Deployment is highly flexible, with options for self-managed software, cloud-native offerings, and BaaS/DRaaS through a vast network of partners.

Use Cases
Veeam supports all industry verticals and use cases by offering a comprehensive data platform. Primary use cases include hybrid cloud backup and recovery (VMware, Hyper-V, physical, cloud-native), ransomware protection (immutable backups, anomaly detection, orchestrated recovery), and backup for critical SaaS applications like Microsoft 365 and Salesforce. It is ideally suited for organizations seeking a unified, flexible, and scalable solution to ensure data resilience and continuous operations across their entire evolving IT landscape, providing robust protection and recovery for all their critical data assets.

The cloud data protection market is in a state of rapid transformation, moving decisively from traditional backup to a more holistic, cyber resilience-focused discipline. For a strategist beginning to understand this space, the core truth is that data protection is no longer just about recovery; it’s about a proactive, layered defense against a growing number of threats. The major themes impacting a purchase decision today are the shift to a platform-centric approach that unifies data protection, security, and governance; the critical need for robust, immutable storage and integrated ransomware detection; and the increasing demand for seamless, policy-driven management across complex hybrid and multicloud environments. These themes define the next generation of solutions and separate market leaders from legacy offerings.

For IT decision-makers weighing adoption, the next best action is a strategic re-evaluation of their existing data protection posture. An organization should begin by conducting a thorough audit of its entire data estate, identifying all workloads (from on-premises VMs to SaaS applications and cloud-native services like Kubernetes) and defining clear, nonnegotiable RTOs and RPOs for each. This forms the foundation for a buying journey centered on capabilities, not just cost. When evaluating vendors, prioritize solutions that offer a single pane of glass for management and favor those that can demonstrate advanced, application-aware recovery orchestration. A key best practice is to always perform nondisruptive, end-to-end recovery testing to validate that RTOs and RPOs can actually be met, transforming a theoretical plan into a proven capability.

Looking forward, the market will continue its trajectory toward intelligent, autonomous data protection. AI/ML will become foundational, moving from a niche emerging feature to a table stake for anomaly detection, predictive analytics, and automated recovery validation. Protection for emerging workloads like Kubernetes and serverless functions will mature and become standardized, as will the integration of container image scanning into the backup process to ensure a clean recovery. To prepare for this future, organizations should invest in flexible, software-defined platforms that are architecturally equipped to handle a continuous flow of innovation. The goal should be a solution that is future-proof and adaptable, enabling confident operations across any environment, knowing that your data is not just backed up but truly resilient.

To learn about related topics in this space, check out the following GigaOm Radar reports:

• GigaOm Key Criteria for Evaluating Hybrid Cloud Data Protection Solutions

• GigaOm Radar for Ransomware Prevention

• GigaOm Key Criteria for Evaluating Data Security Posture Management (DSPM) Solutions

*Vendors marked with an asterisk did not participate in our research process for the Radar report, and their capsules and scoring were compiled via desk research.

For more information about our research process for Radar reports, please visit our Methodology.

James is a seasoned tech leader in data analytics, storage, AI/ML, and strategic partnerships, excelling in scalability, deployment efficiency, customer satisfaction, and contributing to industry knowledge through blogs and whitepapers.

GigaOm provides technical, operational, and business advice for IT’s strategic digital enterprise and business initiatives. Enterprise business leaders, CIOs, and technology organizations partner with GigaOm for practical, actionable, strategic, and visionary advice for modernizing and transforming their business. GigaOm’s advice empowers enterprises to successfully compete in an increasingly complicated business atmosphere that requires a solid understanding of constantly changing customer demands.

GigaOm works directly with enterprises both inside and outside of the IT organization to apply proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation. Research methodologies include but are not limited to adoption and benchmarking surveys, use cases, interviews, ROI/TCO, market landscapes, strategic trends, and technical benchmarks. Our analysts possess 20+ years of experience advising a spectrum of clients from early adopters to mainstream enterprises.

GigaOm’s perspective is that of the unbiased enterprise practitioner. Through this perspective, GigaOm connects with engaged and loyal subscribers on a deep and meaningful level.

© Knowingly, Inc. 2025 "GigaOm Radar for Cloud Data Protection Solutions" is a trademark of Knowingly, Inc. For permission to reproduce this report, please contact sales@gigaom.com.