Know Thy Enemy: Threats to Cyber Resilience
April 2 | Register Now! "If you know the enemy and know yourself, you need not fear the result of a hundred battles.” – Sun Tzu. Threat actors are the enemy to your operational resilience and ability to survive. Knowing their strategy and tactics will help you resist and recover from their malicious actions and keep critical workloads available. In this webinar, you’ll learn: Exploits and techniques your organization will face How AI is accelerating these threats Counter-measures to face the onslaught Register Now!Spring is Calling, and so is Reds Baseball
I don't know about you, but I am more than ready for Spring; though I could definitely skip the rain. Wiping muddy dog paws after every walk is getting old! On the bright side, who else is ready for some Reds baseball? I have a few exciting updates and resources to share with the community: 🚀 PUG Meeting Update charles_sheppar and I are currently hard at work on the next PUG meeting. We can't share the specifics just yet, but we are planning something unique and fun for the community. Stay tuned! 🛡️ Strengthening Your Cyber Resilience Given the current geopolitical climate and the rise in cyber threats, now is the perfect time to audit your data protection. Features like SafeMode and Pure1 Security Assessments act as a resilient last line of defense. If you want to see these tools in action, we recently hosted an expert-led demo on building a foundation for cyber resilience. Watch the recording here: https://www.purestorage.com/video/webinars/the-foundations-of-cyber-resilience/6389889927112.html Questions? Reach out to your Everpure SE or partner for a deeper dive. 📅 Upcoming Events March 12: Nutanix Webinar Exploring virtualization alternatives? Nutanix is hosting a session tomorrow focused on simplifying IT operations and highlighting the Everpure partnership. https://event.nutanix.com/simplifyitandonprem March 19: Or perhaps you're interested in running virtual machines alongside containerized workloads within K8s clusters. If that's the case, join Greg McNutt and Sagar Srinivasa for Virtualization Reimagined: Inside the Everpure Journey. https://www.purestorage.com/events/webinars/virtualization-reimagined.html March 19: Ask Us Everything About Storage for Databases. Join experts Anthony Nocentino, Ryan Arsenault, and Don Poorman for a live Q&A session. https://www.purestorage.com/events/webinars/ask-us-everything-about-storage-for-databases.html March 24: Presets & Workloads for Consistent DB Environments. We’re extending the database conversation to discuss how Everpure helps you transition from "managing storage" to "managing data" through automated presets. https://www.purestorage.com/events/webinars/presets-and-workload-setups-for-consistent-database-environments.htmlPure1 Manage Assessment
Hey Cincy PUG, I found a cool feature for detecting changes on your Flash Array. Looking at Data Protection under the Assessment menu I saw a lightning bolt on one of my arrays. That lightning bolt led me to an evaluation showing that there had been a significant drop in DRR for a group of volumes. Turns out that change was benign because one of my teammates refreshed an environment causing the change in the Data Reduction Ratio. I see this as just another way Pure 1 Manage can help admins detect threats or problems with data sets. How are you using the tools in Pure1? Share something with the group! -CharlesStop Guessing, Start Recovering: Near-Zero RTO in Action
February 5 | Register now! Cyberattacks are faster and smarter—recovery must be too. Join Pure Storage and Rubrik to see the industry’s first integrated cyber-recovery solution that delivers full data visibility and near-zero RTOs. Discover how combining Rubrik Security Cloud with the Pure Storage Enterprise Data Cloud (EDC) eliminates guesswork, strengthens data integrity, and enables confident, rapid recovery of critical workloads. Key takeaways: Learn how Pure Storage and Rubrik deliver near-zero RTOs with complete data visibility. See how Pure Storage SafeMode™ Snapshots enable the fastest, most reliable recovery. Discover how Rubrik’s continuous threat detection scans backup data and shares Indicators of Compromise (IoCs) with Pure Storage EDC. Register Now!
4 Ways Pure1 Detects Storage Vulnerabilities before Attackers
January 2026: Strengthening Your Storage Security Posture through Visibility and Continuous Scanning Storage infrastructure often flies under the radar in vulnerability management programs—until a critical CVE surfaces and security teams scramble to determine which arrays are affected, what versions are running, and how quickly they can be patched. Pure1® eliminates that scramble. With automated fleet-wide scanning, real-time CVE mapping, and AI-powered risk prioritization, you can detect and remediate storage vulnerabilities in minutes instead of days. Here are four security practices that leverage Pure1 to keep your infrastructure ahead of emerging threats. 1. Know Your Environment through Pure1 A surprising number of security gaps arise simply because organizations don’t have clear visibility into what they own, where it runs, or which software versions are deployed. This includes host operating systems, hypervisors, middleware, container platforms, and attached storage systems. In 2026, we strongly recommend the following as a baseline: Maintain an authoritative asset inventory that includes servers, VMs, containers, networking components, storage arrays, and management systems. Track OS and firmware versions so you can quickly identify where vulnerabilities may apply. Align inventory systems with your vulnerability management program, ensuring asset records update automatically after changes, upgrades, or new deployments. When a vulnerability arises, minutes matter. Having an accurate inventory dramatically accelerates response and reduces risk. 2. Conduct Routine Security Scanning with Proven Tools Routine scanning is essential to identify known vulnerabilities and misconfigurations before adversaries can exploit them. We recommend that customers establish and automate regular scans across the full stack, including OS, application, and network layers. Examples of widely used enterprise-grade scanning solutions include: Tenable Nessus/Tenable.io Qualys Vulnerability Management Rapid7 InsightVM OpenSCAP (for organizations requiring open source or compliance-driven scanning) Microsoft Defender for endpoint vulnerability management (for Windows-centric environments) These tools help detect risks associated with: Outdated OS versions Missing patches Weak or misconfigured services Known exploit paths Compliance gaps Scanning should be scheduled continuously or at a minimum weekly, with results integrated into your SIEM, configuration management database (CMDB), or ticketing system for remediation workflows. 3. Stay Informed: Use Pure Storage Security Resources to Monitor Vulnerability Risk Pure Storage provides several mechanisms to help customers stay aware of current vulnerabilities, product guidance, and recommended remediations. We encourage customers to use all available resources based on their connectivity model (connected vs. dark site). Pure Storage CVE Database (Public) Our centralized CVE repository provides authoritative information on all known vulnerabilities affecting Pure Storage products. Entries include severity ratings, impacted versions, remediation steps, and patch availability. Bookmark it. Check it routinely. Pure1 Fleet Security Assessment Center (for Phoning-home Environments) If your arrays are connected to Pure1, you gain access to automated fleet-wide security intelligence: Insights into which arrays are affected by current CVEs Version-specific vulnerability mapping Prioritized recommendations Health and risk scoring Security posture trending over time Pure1 AI Copilot AI Copilot enhances vulnerability awareness by: Surfacing relevant CVE insights directly to administrators Providing proactive upgrade guidance Highlighting misconfigurations or emerging risks Recommending actions tailored to your environment This gives operations teams a powerful ally in detecting and acting on risk signals early. Pure Storage Security Bulletin Page The Security Bulletin page provides release announcements, security advisories, and critical updates. It's designed for security professionals who require real-time visibility into product-level risks, including high-severity industry disclosures. Customers—especially those in regulated, security-sensitive, or air-gapped environments—should build a discipline around monitoring this page. 4. Where Possible, Enable Phoning Home for Maximum Protection Connected customers benefit from real-time intelligence and automated assessments, including: Vulnerability detection Upgrade recommendations Fleet-wide configuration checks Security posture comparison against best practices If your environment’s security model permits it, enabling phone-home telemetry unlocks the full Pure1 experience—including AI Copilot and the Fleet Security Assessment Center. For dark-site customers, we continue to expand offline and manual workflows to ensure you can maintain the same high standard of security without connectivity. Learn more: When Data Storage Learns: How Telemetry Transforms Storage Management Strengthen Your 2026 Security Resilience Today A strong cybersecurity foundation is built on visibility, continuous detection, and timely response. By maintaining a thorough inventory, performing routine vulnerability scanning, and leveraging Pure1 security tools and resources, your organization can significantly reduce risk and stay ahead of evolving threats. If you need guidance on implementing any of these practices—or want assistance reviewing the security posture of your Pure Storage environment—your Pure Storage account team and support engineers are ready to help. 2026 will bring new challenges. With the right practices and tools, you can meet them with confidence.OT: The Architecture of Interoperability
In previous post, we explored the fundamental divide between Information Technology (IT) and Operational Technology (OT). We established that while IT manages data and applications, OT controls the physical heartbeat of our world from factory floors to water treatment plants. In this post we are diving deeper into the bridge that connects them: Interoperability. As Industry 4.0 and the Internet of Things (IoT) accelerate, the "air gap" that once separated these domains is evolving. For modern enterprises, the goal isn't just to have IT and OT coexist, but to have them communicate seamlessly. Whether the use-cases are security, real time quality control, or predictive maintenance, to name a few, this is why interoperability becomes the critical engine for operational excellence. The Interoperability Architecture Interoperability is more than just connecting cables; it’s about creating a unified architecture where data flows securely between the shop floor and the “top floor”. In legacy environments, OT systems (like SCADA and PLCs) often run on isolated, proprietary networks that don’t speak the same language as IT’s cloud-based analytics platforms. To bridge this, a robust interoperability architecture is required. This architecture must support: Industrial Data Lake: A single storage platform that can handle block, file, and object data is essential for bridging the gap between IT and OT. This unified approach prevents data silos by allowing proprietary OT sensor data to coexist on the same high-performance storage as IT applications (such as ERP and CRM). The benefit is the creation of a high-performance Industrial Data Lake, where OT and IT data from various sources can be streamed directly, minimizing the need for data movement, a critical efficiency gain. Real Time Analytics: OT sensors continuously monitor machine conditions including: vibration, temperature, and other critical parameters, generating real-time telemetry data. An interoperable architecture built on high performance flash storage enables instant processing of this data stream. By integrating IT analytics platforms with predictive algorithms, the system identifies anomalies before they escalate, accelerating maintenance response, optimizing operations, and streamlining exception handling. This approach reduces downtime, lowers maintenance costs, and extends overall asset life. Standards Based Design: As outlined in recent cybersecurity research, modern OT environments require datasets that correlate physical process data with network traffic logs to detect anomalies effectively. An interoperable architecture facilitates this by centralizing data for analysis without compromising the security posture. Also, IT/OT convergence requires a platform capable of securely managing OT data, often through IT standards. An API-First Design allows the entire platform to be built on robust APIs, enabling IT to easily integrate storage provisioning, monitoring, and data protection into standard, policy-driven IT automation tools (e.g., Kubernetes, orchestration software). Pure Storage addresses these interoperability requirements with the Purity operating environment, which abstracts the complexity of underlying hardware and provides a seamless, multiprotocol experience (NFS, SMB, S3, FC, iSCSI). This ensures that whether data originates from a robotic arm or a CRM application, it is stored, protected, and accessible through a single, unified data plane. Real-World Application: A Large Regional Water District Consider a large regional water district, a major provider serving millions of residents. In an environment like this, maintaining water quality and service reliability is a 24/7 mission-critical OT function. Its infrastructure relies on complex SCADA systems to monitor variables like flow rates, tank levels, and chemical compositions across hundreds of miles of pipelines and treatment facilities. By adopting an interoperable architecture, an organization like this can break down the silos between its operational data and its IT capabilities. Instead of SCADA data remaining locked in a control room, it can be securely replicated to IT environments for long-term trending and capacity planning. For instance, historical flow data combined with predictive analytics can help forecast demand spikes or identify aging infrastructure before a leak occurs. This convergence transforms raw operational data into actionable business intelligence, ensuring reliability for the communities they serve. Why We Champion Compliance and Governance Opening up OT systems to IT networks can introduce new risks. In the world of OT, "move fast and break things" is not an option; reliability and safety are paramount. This is why Pure Storage wraps interoperability in a framework of compliance and governance, not limited to: FIPS 140-2 Certification & Common Criteria: We utilize FIPS 140-2 certified encryption modules and have achieved Common Criteria certification. Data Sovereignty: Our architecture includes built-in governance features like Always-On Encryption and rapid data locking to ensure compliance with domestic and international regulations, protecting sensitive data regardless of where it resides. Compliance: Pure Fusion delivers policy defined storage provisioning, automating the deployment with specified requirements for tags, protection, and replication. By embedding these standards directly into the storage array, Pure Storage allows organizations to innovate with interoperability while maintaining the security posture that critical OT infrastructure demands. Next in the series: We will explore further into IT/OT interoperability and processing of data at the edge. Stay tuned!Understanding Deduplication Ratios
It’s super important to understand where deduplication ratios, in relation to backup applications and data storage, come from. Deduplication prevents the same data from being stored again, lowering the data storage footprint. In terms of hosting virtual environments, like FlashArray//X™ and FlashArray//C™, you can see tremendous amounts of native deduplication due to the repetitive nature of these environments. Backup applications and targets have a different makeup. Even still, deduplication ratios have long been a talking point in the data storage industry and continue to be a decision point and factor in buying cycles. Data Domain pioneered this tactic to overstate its effectiveness, leaving customers thinking the vendor’s appliance must have a magic wand to reduce data by 40:1. I wanted to take the time to explain how deduplication ratios are derived in this industry and the variables to look for in figuring out exactly what to expect in terms of deduplication and data footprint. Let’s look at a simple example of a data protection scenario. Example: A company has 100TB of assorted data it wants to protect with its backup application. The necessary and configured agents go about doing the intelligent data collection and send the data to the target. Initially, and typically, the application will leverage both software compression and deduplication. Compression by itself will almost always yield a decent amount of data reduction. In this example, we’ll assume 2:1, which would mean the first data set goes from 100TB to 50TB. Deduplication doesn’t usually do much data reduction on the first baseline backup. Sometimes there are some efficiencies, like the repetitive data in virtual machines, but for the sake of this generic example scenario, we’ll leave it at 50TB total. So, full backup 1 (baseline): 50TB Now, there are scheduled incremental backups that occur daily from Monday to Friday. Let’s say these daily changes are 1% of the aforementioned data set. Each day, then, there would be 1TB of additional data stored. 5 days at 1TB = 5TB. Let’s add the compression in to reduce that 2:1, and you have an additional 2.5TB added. 50TB baseline plus 2.5TB of unique blocks means a total of 52.5TB of data stored. Let’s check the deduplication rate now. 105TB/52.5TB = 2x You may ask: “Wait, that 2:1 is really just the compression? Where is the deduplication?” Great question and the reason why I’m writing this blog. Deduplication prevents the same data from being stored again. With a single full backup and incremental backups, you wouldn’t see much more than just the compression. Where deduplication measures impact is in the assumption that you would be sending duplicate data to your target. This is usually discussed as data under management. Data under management is the logical data footprint of your backup data, as if you were regularly backing up the entire data set, not just changes, without deduplication or compression. For example, let’s say we didn’t schedule incremental backups but scheduled full backups every day instead. Without compression/deduplication, the data load would be 100TB for the initial baseline and then the same 100TB plus the daily growth. Day 0 (baseline): 100TB Day 1 (baseline+changes): 101TB Day 2 (baseline+changes): 102TB Day 3 (baseline+changes): 103TB Day 4 (baseline+changes): 104TB Day 5 (baseline+changes): 105TB Total, if no compression/deduplication: 615TB This 615TB total is data under management. Now, if we looked at our actual, post-compression/post-dedupe number from before (52.5TB), we can figure out the deduplication impact: 615/52.5 = 11.714x Looking at this over a 30-day period, you can see how the dedupe ratios can get really aggressive. For example: 100TB x 30 days = 3,000TB + (1TB x 30 days) = 3,030TB 3,030TB/65TB (actual data stored) = 46.62x dedupe ratio In summary: 100TB, 1% change rate, 1 week: Full backup + daily incremental backups = 52.5TB stored, and a 2x DRR Full daily backups = 52.5TB stored, and an 11.7x DRR That is how deduplication ratios really work—it’s a fictional function of “what if dedupe didn’t exist, but you stored everything on the disk anyway” scenarios. They’re a math exercise, not a reality exercise. Front-end data size, daily change rate, and retention are the biggest variables to look at when sizing or understanding the expected data footprint and the related data reduction/deduplication impact. In our scenario, we’re looking at one particular data set. Most companies will have multiple data types, and there can be even greater redundancy when accounting for full backups across those as well. So while it matters, consider that a bonus.
Ask us Everything About Cyber Resilience
Our latest Ask Us Everything session landed right in the middle of Cybersecurity Awareness Month, and the timing couldn’t have been better. The Pure Storage Community came ready with smart, practical questions about one thing every IT team has top of mind: how to build cyber resilience before an attack happens.The SafeMode Seance: A Cyber Security Haunting
Topic: How are you protecting your data from cyber threats? Are you both protecting your data, while also preparing to recover in the event that your organization is impacted by a cyber event? Join us for a spooky, cyber-focused meeting; a supportive and open forum where we’ll share scary stories, and explore solutions to ensure your data is protected from even the most ghoulish threats. This customer-driven discussion will focus on your experiences and challenges with protecting your data from a cyber attack. Pure Storage experts will offer insights and guidance to help you protect your data from the zombie apocalypse. Get Involved: We're looking for security-focused individuals who would be willing to attend and share their perspective on how they are helping their organization protect against cyber threats, and prepare in the case that recovery is needed. And all are welcome. You don't have to be a Pure Storage customer to attend. Join the community, talk to your peers, and have some fun. Agenda: Welcome, Introductions, Updates Customer Presentation - How to use Pure1 Assessments to review and improve your security posture Customer Presentation - Something strange is happening, but we don't know what it is. How I used Pure1 AI CoPilot along with Varonis to narrow the scope on the "strange stuff" Pure Presentation (w/ alliance partners) - SafeMode, Cyber Resiliency and Isolated Recovery Environments Panel/Q&A - Open discussion amongst the community; w/ security-focused individuals (hopefully) in attendance. Anonymous Group Feedback: Share your thoughts and experiences in regards to data protection. What’s working? What’s not? Where could you use some feedback from the community? Understanding Your Needs: What does your organization need to fully protect your data, and recover if you were ever attacked? We’ll help you pinpoint what truly matters. Exploration Circle: Hear from Pure’s subject matter experts on what they are seeing regarding the latest cyber security and cyber resiliency topics. Support & Resources: Find out where you can get additional help, training, and resources. Date: Wednesday, October 15th, 2-4pm ET. Location: Aces Pickleball, 2730 Maverick Dr, Norwood, OH 45212 (Factory 52) RSVP: https://info.purestorage.com/2025-Q3AMS-COMREPLCRCincinnatiPUGLP_01---Registration-Page.html Stick around after the Pure User Group meeting and enjoy Pies & Pints with Pure Storage, our partners, and fellow customers.
