NetApp has announced new cyber resilience capabilities that enhance the security of its enterprise storage solutions. The company’s updated NetApp Ransomware Resilience service introduces the industry’s first built-in data breach detection for enterprise storage, along with isolated recovery environments designed to ensure safe and malware-free data restoration. These advancements aim to make storage a central part of enterprise security strategies as organisations face growing cyber risks in an era defined by artificial intelligence, data modernisation, and cloud transformation.
The increasing adoption of AI is expanding the digital attack surface for many businesses, creating an urgent need for robust, intelligent infrastructure that not only stores data but also protects it. NetApp’s approach integrates AI-driven security into the storage layer, helping organisations detect threats earlier, minimise operational disruption, and respond more effectively.
“To effectively protect your data from a cyberattack, you need to know it happened as early as possible to take action,” said Gagan Gulati, Senior Vice President and General Manager of Data Services at NetApp. “With new AI-powered capabilities to detect early indicators of data exfiltration attempts on top of our existing leading capabilities to detect ransomware attacks on both structured and unstructured data, we’re making enterprise data even safer. Storage is the last line of defence to protect our customers’ most valuable asset—data—and we are constantly innovating on top of the most secure storage on the planet.”
New capabilities to counter evolving cyber threats
The enhanced NetApp Ransomware Resilience service, previously known as Ransomware Protection, simplifies how enterprises protect and recover ONTAP workloads from ransomware attacks. It enables coordinated defence across file and block storage from a single control plane, removing the need for deep security expertise and streamlining incident response.
A major addition is the AI-powered data breach detection feature, which identifies unusual user activity or file system behaviours that may indicate early attempts at data exfiltration. When suspicious activity is detected, the system automatically alerts the organisation through its security information and event management (SIEM) platform, providing forensic data to support a rapid and informed response. By identifying breaches early, businesses can block unauthorised data transfers before they escalate into serious security incidents.
NetApp is also introducing isolated recovery environments to ensure that data restoration remains secure and free from malware. These environments use proprietary AI scanning to detect maliciously altered data and pinpoint when changes occurred. Customers are guided through a structured recovery process that restores the most recent safe data, reducing downtime and preventing reinfection.
These capabilities build on NetApp’s existing security features, including AI-powered ransomware detection integrated directly into its ONTAP operating system. NetApp’s ONTAP Autonomous Ransomware Protection with Artificial Intelligence (ARP/AI), which now supports both file and block storage, achieved a 99% detection rate for advanced full-file encryption ransomware attacks with zero false positives in external testing. This high level of accuracy helps reduce alert fatigue and ensures that security teams can focus on genuine threats.
A proactive approach to cyber resilience
Industry experts see NetApp’s latest developments as a significant step forward in enterprise security. “NetApp embraces a secure-by-design approach that positions its storage solutions not just as a last line of defence against cyber threats, but also as an early line of defence,” said Philip Bues, Senior Research Manager for Cloud Security and Confidential Computing at IDC. “As malicious actors continue to evolve, adding techniques such as double extortion to their ransomware attack patterns, today’s announcements show that NetApp is keeping pace to back up its claim as one of the industry’s most secure storage platforms. The new data breach detection capability gives enterprises a critical advance warning enabling them to stop and respond to cyber threats before they impact the business. It demonstrates that NetApp is more than a storage company, it is an invested, trusted partner that is addressing the most pressing priorities of its customers.”
Beyond security, NetApp is enhancing AI capabilities across its product portfolio, combining high-performance storage with intelligent data services in a unified, scalable, and secure offering. These innovations are part of the company’s broader vision to help enterprises harness data as a catalyst for innovation, resilience, and growth.
While no system can guarantee complete protection against ransomware, NetApp’s technologies provide a critical additional layer of defence. Research has shown high detection rates for certain types of ransomware, highlighting the effectiveness of integrating AI at the storage level to mitigate emerging threats.
Building a data-ready future
NetApp’s focus on secure, intelligent storage is rooted in more than three decades of expertise in helping organisations navigate technological change. Its Intelligent Data Infrastructure connects, protects, and activates data across multi-cloud environments, powered by its ONTAP data management software and enhanced through automation with the AI Data Engine and AFX. The platform is built to deliver observability, resilience, and intelligence at scale while remaining disaggregated by design, allowing enterprises to modernise quickly, scale efficiently, and avoid vendor lock-in.
As the only enterprise storage platform natively embedded in the world’s largest cloud providers, NetApp offers consistent performance, governance, and protection for any workload. With its latest security capabilities, NetApp reinforces its position as a trusted partner for businesses seeking to secure their data, drive innovation, and adapt to an increasingly complex digital landscape.
