Druva Ransomware Response

Druva Ransomware Response Integration provides ransomware protection for endpoints, SaaS applications and data center workloads for Druva Ransomware Recovery customers.

Data Enrichment & Threat Intelligence · Druva

Configuration parameters

  • url — Druva API URL (required)
  • clientId — Client ID (required)
  • secretKey — Secret Key (required)

Commands (16)

  • druva-delete-quarantine-range

    Deletes a quarantine range.

  • druva-delete-quarantined-snapshot

    Deletes a quarantined Snapshot. Snapshots that are deleted cannot be recovered.

  • druva-endpoint-check-restore-status

    Checks the restore job status of the endpoint.

  • druva-endpoint-decommission

    Wipes remotely an infected Endpoint Resource and deletes a quarantined Snapshot. This command remote wipes data from the endpoint. This action cannot be undone.

  • druva-endpoint-initiate-restore

    Restores data to a replacement device and deletes a quarantined Snapshot. This command restores your endpoint data from a day prior to the snapshot. Any changes made after the snapshot date may be lost.

  • druva-endpoint-search-file-hash

    Searches a file using the SHA1 checksum.

  • druva-find-device

    Finds device information for a specific hostname.

  • druva-find-sharePointSites

    Find all share point resources with given user name

  • druva-find-sharedDrives

    Finds shared drives resources specific to share drive name

  • druva-find-user

    Finds user information for a specific username.

  • druva-find-userDevice

    Finds device information for a specific user.

  • druva-list-quarantine-ranges

    Lists all quarantine ranges in your environment.

  • druva-list-quarantine-snapshots

    List all quarantine snapshots for a quarantine range.

  • druva-quarantine-resource

    Quarantines a resource.

  • druva-update-quarantine-range

    Updates an existing quarantine range of a resource.

  • druva-view-quarantine-range

    View details of the quarantine range.