Identity-Based Attacks Are Now Targeting Backup Policies. New Anomaly Detection Feature from N-able Closes That Window
MWN-AI** Summary
N-able, Inc. (NYSE: NABL) has introduced an enhanced Anomaly Detection feature in its Cove Data Protection platform, aimed at countering the rise of identity-based cyberattacks targeting backup policies. This new functionality is crucial, especially as attackers increasingly exploit stolen credentials to compromise backup systems. By providing real-time alerts for any suspicious or unauthorized modifications to backup policies, N-able enables businesses to identify potential credential-based threats before they escalate into significant breaches.
The growing trend of identity-driven attacks is concerning, with the 2025 Verizon Data Breach Investigations Report indicating that approximately 88% of basic web application breaches involve stolen credentials. Once attackers infiltrate a backup environment, they can make subtle adjustments to retention policies, extract crucial data from backups, or even delete protected devices, often going unnoticed for weeks or months until a ransomware incident occurs.
The updated Anomaly Detection feature offers IT teams timely notifications regarding potential cyberattack indicators, empowering organizations to act swiftly and enhance their data recovery strategies. This builds on last year’s introduction of Honeypots, a proactive measure against brute-force attacks on backup infrastructure.
Neil Douglas, CIO at Network ROI, emphasizes that the feature grants visibility into subtle changes made to backup systems that may otherwise go undetected, thus safeguarding against both malicious incursions and accidental misconfigurations. Chris Groot, General Manager of Cove Data Protection, echoes this sentiment, highlighting the significance of real-time policy change alerts in securing business recovery processes.
Overall, N-able's enhanced Anomaly Detection underscores the necessity of protecting backup resources, a critical component of organizational cybersecurity in an era where identity theft poses significant risks to data integrity and resilience.
MWN-AI** Analysis
In today’s cybersecurity landscape, the rise of identity-based attacks has become a significant concern, particularly as hackers increasingly target backup environments. N-able, Inc. (NYSE: NABL) has responded to this trend by enhancing its Anomaly Detection capabilities within Cove Data Protection to preemptively detect and combat these threats. This new functionality is timely, as attackers are exploiting stolen credentials to gain access to backup software, which can lead to catastrophic data losses if undetected.
Investors should consider the implications of N-able’s proactive measures in the market space. The addition of real-time alerts for unauthorized changes to backup policies establishes a robust defense mechanism, making N-able’s offerings not only competitive but increasingly essential for organizations concerned about data security. Given that 88% of breaches stem from stolen credentials, as highlighted in the Verizon Data Breach Investigations Report, this advancement positions N-able favorably as businesses prioritize cybersecurity.
As identity-driven attacks evolve, the ability to quickly identify anomalies can lead to faster incident responses and minimize potential damage. The new alert system empowers IT teams with the insights necessary to act swiftly, thereby enhancing operational resilience against both intentional breaches and accidental misconfigurations. This is vital in maintaining trust with clients and preserving a company's reputation.
For investors evaluating N-able, it is prudent to assess how these innovations will impact company growth and market share. The cybersecurity sector is projected to experience exponential growth as threats increase, making companies with advanced detection tools like N-able particularly attractive. Additionally, N-able’s broad reach—serving over 500,000 organizations worldwide—exemplifies its market penetration and resilience strategy. Staying informed about such innovations will be crucial for making strategic investment decisions in the cybersecurity space. Overall, N-able’s advancements indicate a positive direction for both the company and its stakeholders.
**MWN-AI Summary and Analysis is based on asking OpenAI to summarize and analyze this news release.
Latest feature detects anomalous behavior in backup environments, identifying credential-based threats before they become catastrophic breaches
N-able, Inc. (NYSE: NABL), a global cybersecurity company delivering business resilience, today expanded its Anomaly Detection capabilities in Cove Data Protection to combat the surge in identity-driven cyberattacks targeting backup environments. The new functionality delivers real-time alerts when suspicious or unauthorized changes to backup policies are detected – giving customers an early warning system against the credential-based tactics attackers use to disable or corrupt backups before deploying ransomware.
Identity-based attacks have become a major driver of successful cyberattacks, with AI making these schemes even more convincing. With stolen or phished credentials, attackers can gain access to backup software and weaken backup policies. The 2025 Verizon Data Breach Investigations Report found that roughly 88% of basic web application breaches involved stolen credentials, making it clear how widespread this tactic has become. Once inside, attackers – and sometimes well-intentioned employees - can alter retention policies, exclude critical data from backups, and delete protected devices. These are subtle changes that can go unnoticed for weeks or even months before the attacker triggers the final ransomware event.
To give IT teams real-time visibility, Anomaly Detection introduces a vital layer of protection through event-based notifications that highlight these indicators of compromise. This capability notifies users of potential cyberattack signals or misconfigurations before they escalate, allowing organizations to take just-in-time action to safeguard their recovery posture and maintain data resilience. This new capability builds on last year’s Anomaly Detection feature, Honeypots, an always-on defense mechanism designed to detect brute-force attacks on backup infrastructure.
“It’s no longer just active systems under attack – backups are firmly in the crosshairs,” says Neil Douglas, CIO at Network ROI, a UK-based managed IT services provider. “If attackers gain access to the backup platform, they don’t always strike immediately. They can quietly manipulate backups, alter retention policies, or delete servers, then sit undetected for weeks (or even months). When they finally launch their attack, recovery can be impossible. In the past, we had no visibility into those subtle changes happening behind the scenes. Now, with real-time, event-based alerts for even the smallest alteration, we know the moment something suspicious occurs. That not only protects us from malicious actors but also guards against accidental misconfigurations. It’s a powerful step forward in strengthening our overall data resilience.”
“A new wave of threats is targeting businesses through stolen identities,” said Chris Groot, General Manager of Cove Data Protection. “Real-time alerts to backup policy changes give customers peace of mind by protecting them from risky changes that could affect recovery, whether that change was caused by attackers or employees. By catching these changes as they happen, organizations can stop identity-driven attacks and misconfigurations before recovery is compromised."
To learn more about how Anomaly Detection can strengthen your organization’s data resilience, visit our blog .
About N-able
N-able protects businesses from evolving cyberthreats. Our AI powered cybersecurity platform delivers business resilience to more than 500,000 organizations worldwide, leveraging advanced end-to-end capabilities, simplified workflows, market leading integrations, and flexible deployment options to improve efficiency and drive critical security outcomes. Our partner first approach pairs our technology with experts, training, and peer-led events that empower customers to be secure, resilient, and successful. n-able.com
© 2026 N-able Solutions ULC and N-able Technologies Ltd. All rights reserved.
The N-able trademarks, service marks, and logos are the exclusive property of N-able Solutions ULC and N-able Technologies Ltd. All other trademarks are the property of their respective owners.
Category: Product
View source version on businesswire.com: https://www.businesswire.com/news/home/20260226292060/en/
Karla Walls
Karla.walls@n-able.com
FAQ**
How does N-able Inc. NABL's latest Anomaly Detection feature differentiate between legitimate user changes and potentially malicious alterations to backup policies?
What specific technologies or methodologies does N-able Inc. NABL employ to provide real-time alerts for suspicious activities in backup environments?
Given the rise of identity-driven cyberattacks, how does N-able Inc. NABL plan to enhance its cybersecurity measures beyond the current Anomaly Detection capabilities?
Can you provide case studies or examples where N-able Inc. NABL’s Anomaly Detection has successfully prevented a potential cyber breach in backup systems?
**MWN-AI FAQ is based on asking OpenAI questions about N-able Inc. (NYSE: NABL).
NASDAQ: NABL
NABL Trading
0.92% G/L:
$4.955 Last:
443,650 Volume:
$4.94 Open:
