Recent Discussions
Cyber Resilience Sessions at Accelerate 2026
Accelerate 2026 is right around the corner! Explore ways to transform your storage into an active defender. Achieve operational survivability by adopting a recovery-first mindset, weaponizing infrastructure with layered resilience from Everpure. If this sounds right up your alley, we’ve curated a list of must-attend breakout sessions focused on Cyber Resilience at Accelerate. Check out these don’t Miss Sessions: The Cyber Resilience Checklist Architecting for Survival: The Customer Blueprint for Resilience Stop Planning for Downtime. Start Building for Survivability. Target to Defender: Neutralize Attacks Before They Paralyze YouLayered Resilience
Accelerate 2026 is approaching, and I’ve been preparing to speak on a cyber resilience panel. It’s prompted me to reflect on how prepared my organization really is—and I’m curious where others stand. This topic is never far from the headlines and feels like a great discussion point for this community or even a future meet-up. Here’s a snapshot of the layers we currently have in place: Immutable local Snapshots Immutable replication to a secondary site SRM Local WORM copy backups Auxiliary long-term WORM backups Air-gapped replication copy Investigating Cloud snap and Pure Protect This doesn't even include other tools like Varonis, Defender, Cortex...etc. What layers are you implementing today, and what are you working on to better protect your data? Sharing our successes and failures makes us all stronger! -Charlie
(3) Cyber Resilience Trends: In the News...
Recent industry coverage from SiliconANGLE, diginomica, and Coder Legion points to the same conclusion: in an era of AI-accelerated threats, organizations need a trusted recovery point at the storage layer. As Duncan Riley of SiliconANGLE wrote, Everpure is defining storage as the “last line of defense in modern cyber resilience,” with an architecture designed to protect recovery points even if an attacker gains administrative access elsewhere in the environment. That message was reinforced by coverage of a Fortune 100 recovery example in which attackers used stolen credentials and native tools, yet protected snapshots enabled revenue-critical operations to be restored in hours rather than weeks. The coverage also emphasized how AI is changing the threat landscape. diginomica noted that AI is compressing the window between vulnerability discovery and exploitation, forcing enterprises to rethink patching, resilience, and recovery timelines. Coder Legion captured the practical implication well: controls now need to hold up against attackers moving at machine speed, making out-of-band configuration and immutable snapshots increasingly essential. A third theme was the value of data context. Blocks & Files and SecurityBrief highlighted Everpure’s 1touch acquisition as an important addition to the cyber resilience story, helping organizations understand what data they have, where it lives, and what should be restored first. Together, these reports reinforce a broader shift in the market: cyber resilience is no longer just about preventing attacks, but about ensuring clean data, intelligent prioritization, and fast, confident recovery when the perimeter fails.Can you recover?
How do you ensure you can recover from ransomware attacks and malicious incidents? Start with SafeMode. Is it enabled? Have you verified that all critical workloads and recovery environments are fully protected? Everpure FlashArray SafeMode provides immutable snapshot protection that helps organizations recover from ransomware attacks by preventing deleted snapshots or volumes from being permanently eradicated until a defined retention period expires — even if attackers compromise administrative credentials. SafeMode creates a storage-level immutability layer independent of operating systems, hypervisors, or backup software, helping preserve known-good recovery points for rapid restoration. Recommended best practices include enabling locked SafeMode through Everpure Global Technical Services, extending eradication timers to 14–30 days to account for delayed ransomware detection, implementing multi-person authorization for protected operations, and applying automated snapshot policies across critical workloads such as databases, virtual machine datastores, identity services, and backup repositories. Additional technical guidance and demonstrations are available through the SafeMode Documentation, SafeMode Introduction and SafeMode 101 (Tutorial).
Claude Mythos: The Next Frontier of Autonomous Cyber Intelligence
Model Performance and Capabilities Claude Mythos represents a significant performance leap for Anthropic, reportedly beating their current best Opus model by a large margin. This kind of improvement hasn't been seen since OpenAI released their reasoning model O1 in September 2024. Key performance metrics include: Coding ability: 77% on SWE-Bench Pro (compared to Opus at 53%) Terminal usage: Substantial improvements in the model's ability to use terminal commands General purpose: Despite the cybersecurity focus in marketing, Mythos is a general-purpose LLM like other Claude models Cybersecurity Focus and Access Restrictions Anthropic has positioned Mythos around cybersecurity concerns, emphasizing AI as a potential national security risk - similar to OpenAI's approach with GPT-2 in 2019. However, the model is not cybersecurity-specific but rather a general-purpose AI. Limited Release Strategy: Anthropic has restricted access to select partners, most of whom are investors in the company: Microsoft (Series C and G investor) NVIDIA (Series G) JP Morgan (conventional loan, May 2025) Google (Series C and E, plus convertible debt) Amazon (Series D and E) Cisco (Series E) Market Implications and Competitive Advantages This restricted access creates what the video calls "privatization of tokens," giving certain companies advantages in: Cybersecurity: Finding vulnerabilities (benefiting companies like Cisco, Palo Alto) Legal services: Discovering legal loopholes and litigation strategies Finance and software development: Enhanced capabilities across various domains The core issue isn't cybersecurity itself, but rather the rapid improvement in AI capabilities outpacing society's ability to adapt. Infrastructure and Pricing Infrastructure Dependencies: Despite committing $50 billion to data centers in Texas and New York, Anthropic still relies on partners (Amazon, Google, Microsoft) for training and inference. Pricing Structure: Mythos will cost $125 per million output tokens Available through cloud APIs (Amazon Bedrock, Google Cloud Vertex, Microsoft Foundry) Unlikely to be included in subsidized Pro and Max plans Comparable to OpenAI's GPT-4 Pro at $180 per million tokens Business Strategy and Market Position IPO Positioning: The Mythos release strategically positions Anthropic for a potential IPO, with the company recently surpassing OpenAI by achieving $30 billion in annualized run rate (ARR) - though this is run rate rather than the more conservative annual recurring revenue metric. Adoption Challenges: The rapid advancement creates both excitement and concern, highlighting the growing divide between companies that adopt AI quickly and those that don't. The key is matching the right level of AI intelligence to appropriate tasks rather than using premium models for basic workflows. Future Outlook Based on historical patterns (like DeepSeek R1 catching up to OpenAI's O1 within 5 months), the performance gap created by Mythos will likely be bridged by competitors relatively quickly. The real competitive advantage lies in how quickly companies can adopt and properly allocate AI intelligence to solve complex problems.Did anyone attend RSA 2026?
Everpure exhibited and attended at RSA 2026, the biggest annual gathering of cyber security and cyber security professional and companies. Besides an booth, we presented and sponsored several activities. Let us know if you attended and share what your observed with the community. Here are key trends noted by Everpure at the RSA 2026 conference: The RSA 2026 Narrative RSA 2026 signaled a significant shift in the industry’s mindset, moving away from reactive defense toward a proactive business configuration that leverages "active" systems to sense, pivot, and self-correct. Agentic AI: We are officially in an "AI vs. AI" war. RSAC 2026 highlighted that adversaries now have the upper hand, leveraging Agentic AI to expose vulnerabilities that have remained undiscovered by humans for 10+ years. Because human-led defense cannot keep pace with machine-speed exploits, the focus has shifted from "human-in-the-loop" to "human-on-the-loop." This model relies on autonomous, self-healing systems to isolate threats and restore environments in real-time, allowing humans to act as strategic governors of AI insights rather than manual controllers of the recovery process. In addition, identity security must deal with emerging polymorphic social engineering attacks. MTTA: JPMorgan introduced Mean Time to Adapt, prioritizing real-time posture reconfiguration over static recovery (RTO) to neutralize active threats. Data Integrity: Bruce Schneier identified a "resilience gap" from silent AI corruption, making integrity checks a mandatory prerequisite for trustworthy recovery. Quantum Readiness: Resilience now requires migrating to Post-Quantum Cryptography (PQC) to shield long-lived data from "Harvest Now, Decrypt Later" tactics. Defense to Disruption: "Active Defense" aims to increase attacker costs and efforts. Future Threats: Panels warned of "Harvest Now, Decrypt Later" quantum risks and polymorphic social engineering, while honoring quantum networking breakthroughs.Data Intelligence and Cyber Resilience
Over the next few months you will be hearing more about data intelligence from Everpure. What is it? How is it relevant to cyber resilience? Data intelligence is the practice of transforming raw data into actionable insights through automated discovery, classification, and metadata analysis. In the modern threat landscape, it is the essential bridge between simple "backup" and true Active Resilience. Without intelligence, resilience is blind. Data intelligence provides the "who, what, and where" of your digital estate, allowing you to: Prioritize Recovery: Identify mission-critical applications and sensitive PII to ensure the most vital services are restored first. Accelerate Detection: Use AI-driven behavioral analysis to spot "silent" corruption or unauthorized access at the storage layer. Ensure Clean Restoration: Precisely tag compromised data to prevent re-infecting environments during recovery. By unifying data security with intelligence, organizations move from being passive targets to Active Defenders, ensuring operational survivability even in the face of sophisticated agentic attacks.Why Cyber Resilience Requires Recovery Not Just Backups: CISO and Field Perspectives
15 Minutes---Webinar from Everpure's Rick Orloff, CISO, and Scott Taylor, Director of Cyber Resilience Field Solution Architects on Cyber Recovery Strategy Resilience isn't just prevention—it’s about the "Minimum Viable Business." At RSAC 2026, Everpure’s Rick Orloff and Scott Taylor explained why recovery fails without understanding dependencies. Prioritize critical data and cross-functional collaboration to minimize revenue disruption. Stop treating backup as the goal; make rapid, strategic recovery your mission. Link to WebinarEverpure Protect - Tools for Network Configuration
A key workflow item, especially when building Isolated Recovery Environments (IRE), Clean Rooms, test or production Disaster Recovery, or any other environment personality, is to reconfigure the network. Doing so automatically and per a plan is important to an automated, fast, and predictable workflow. We have built Everpure Protect Tools, which is a lightweight tool, registered with VMtools within a guest, that allows us to automate network configuration changes, per the individual Recovery Plan. Included in the download is a Powershell script for Windows, or a Shell script for Linux/Unix, which registered our tool with VMtools to perform the changes. The scripts can be loaded and ran manually in each guest, or distributed and executed as part of a workflow such as Microsoft MCM/SCCM. Everpure Protect Tools Once deployed, network changes on a per-VM or per-Recovery Plan basis will be automatically performed based upon the unique settings in the Recovery Plan being executed.Zero Trust in Practice: What Actually Breaks in Real Environments
Most Zero Trust discussions sound great on paper—but implementation tells a different story. From recent hybrid deployments, here’s what actually breaks: Identity gaps Service accounts without MFA Legacy apps bypassing Conditional Access Device trust issues -Non-compliant endpoints still accessing critical apps -BYOD without proper posture checks Network assumptions Internal traffic still implicitly trusted Flat VLANs enabling lateral movement What worked well: Enforcing Conditional Access (device + user risk) ZTNA replacing VPN for application-level access -Micro-segmentation (Fortinet / host-based controls) Key takeaway: Zero Trust is not a product—it’s a continuous enforcement model across identity, device, and network layers.
