Skip to main content

How can we help you?

Druva Documentation

Release Notes

Cloud Upgrade on June 16, 2022

This release has minor bug fixes.

Cloud Upgrade on June 02, 2022

This release has minor bug fixes.

Cloud Upgrade on May 28, 2022

New Feature

Refreshed Data Loss Prevention (DLP) page

We have refreshed the Data Loss Prevention (DLP) page to provide an enhanced and intuitive user experience.

Here is a preview of the Data Loss Prevention (DLP) page.

Pre-release new DLP UI.png

Key highlights

  • All the information on the DLP Summary card is now consolidated into a single card.


  • Added a filter option. Moved the Profiles, Storage selection, and statuses (Traced, Normal, On Hold, and so on) as criteria under this filter to sort the listing.


Customer action required: None

For more information, see Data Loss Prevention Overview page.

Cloud Upgrade on May 05, 2022

New Feature


Protect mission-critical backups from accidental or malicious deletion with Rollback Actions

You can now configure the Rollback Actions capability to enhance your organization’s data security posture and safeguard backup data from accidental or malicious deletion. 

With Rollback Actions, you can rollback deleted entities within a configurable rollback window. The deleted entities are available for rollback for the specified days before the entity and its backups are permanently deleted.  This provides the administrator the ability to revert malicious or unintended deletes without any loss of data and enables the restoration of productivity rapidly. If you have consciously triggered the deletes, the backup copies will be permanently deleted after the rollback window expires and there will be no impact on what you were trying to do. 

Action Required: Existing Ransomware Recovery customers will get this offering as part of their existing license. Customers who don’t have Ransomware Recovery license can opt to purchase the Backup Security Posture and Observability license exclusively.  To obtain the license, contact Support. 

Note: Currently, this feature is available only for Druva Public Cloud customers. 

►Here is a quick video to get you started

For more information, see Rollback Actions.

Leverage the Backup Security Posture and Observability license to enhance the security posture and observability of your backup environment

We have added a completely new license, Backup Security Posture and Observability, which includes capabilities such as Rollback Actions, Security events and SIEM integrations (FireEye Helix and Splunk)

Also, the Security Events and Rollback Actions capabilities can now be accessed from the Security Posture category under the Cyber Resilience service. 
Action required: Existing Ransomware Recovery customers will get this offering as part of their existing license. Customers who don’t have a Ransomware Recovery license can opt to purchase the Backup Security Posture and Observability license exclusively. 

Changed access path for Security Events services

You can now access the Security Events and Unusual Data Activity (UDA) services from the new Cyber Resilience > Security Posture services section.


Customer action required: None. With the Ransomware Recovery license, Security Events service is available by default.

For more information, see Security Events.

Known Issues


Issue Description
REAL-22865 The Quarantine Bay listing page erroneously lists those resources (Servers and Virtual Machines) whose backup sets are deleted and are no longer available.


At times, after you trigger a rollback, all the entities in the delete request, the following message is displayed:

Rollback Service Temporarily Unavailable

Workaround: You can safely ignore the message and track the Rollback Request. 

Cloud Upgrade on March 24, 2022

New Feature

Quarantine infected VMware resources

You can now isolate the infected virtual machines to prevent the infection from spreading.
The Quarantine Bay feature in the Ransomware Recovery module enables you to quarantine infected snapshots on the impacted virtual machines and helps safeguard your organization from further infection by barring users or administrators from downloading or restoring the infected data to other data sources.

For more information, see,

►Here is a glimpse of the update

Known Issues


Issue Description
REAL-22397 Suppose log backups follow a full backup, and the start time of your quarantine range falls between the creation times of a full backup snapshot and the subsequent log backup snapshot. Druva Phoenix blocks SQL PIT restores from the log backups marked as quarantine, however, the UI allows you to submit such a restore job.

Cloud Upgrade on March 10, 2022

This release has minor bug fixes.

Cloud Upgrade on Feb 24, 2022

This release has minor bug fixes.

Cloud Upgrade on Feb 10, 2022

This release has minor bug fixes.

Cloud Upgrade on Jan 27, 2022

New Feature

A new Ransomware Recovery Overview page

You can now get a complete picture of the overall status of each resource in a single pane of glass. Use the Overview page to view the important details such as the number of Quarantined Resources, Curated Snapshots, Malicious File Scan Jobs, Unusual Data Activity Alerts, and so on. With this view, you can quickly identify the actionable to ensure business continuity.

►Here is a glimpse of the update

Customer action required: None.

For more information, see the Overview page.


Prevent accidental deletion of Endpoints and Servers data

You will now be prompted to provide a reason when you delete a snapshot or file hash value. This capability will help prevent accidental deletions, and the reason will be captured in the Audit Trail for auditing purposes.

►Here is a glimpse of the update
Delete_CS_reason box.png
ADP_Audit Trail_1.png

Customer action required: None.

For more information, see,

Cloud Upgrade on Nov 18, 2021


Option to create Curated Snapshot from Quarantine Bay

You no longer need to go to Curated Snapshot UI to create a Curated Snapshot for Endpoints and Servers. Now you can create a Curated Snapshot while quarantining the resource itself. For your ease, we have now added this option to the Quarantine Bay UI as well.

With this enhancement, you have to navigate to Quarantine Bay UI, select the Resource Name, and click More options.jpg > Create Curated Snapshot.

Curated Snapshot_Qurantinebay.jpg

Cloud Upgrade on Sep 23, 2021

New Feature

Monitor Curated Snapshots for endpoints and servers

We have now added Download Report functionality that helps you monitor and review the details of malicious files discovered while scanning the files to create Curated Snapshot for endpoints and servers.

Administrators can now generate and download the report in CSV format and get an overview of primary details such as the File Name, File Type, list of skipped files from Curated Snapshot along with its reason, and so on.


For more information, see,

Cloud Upgrade on Sep 09, 2021

New Feature

Introducing Curated Snapshots for endpoints and servers

We are excited to bring in the Curated Snapshots feature to you that allows you to create a customized snapshot that is the latest, cleanest, and safest scanned file version available for restore. You can restore files for endpoints and servers from the Curated Snapshot without any security or malware risks. 

This enhancement eliminates the need to perform multiple granular restores from various snapshots and thus accelerates recovery time and minimizes data loss in the event of cyber security attacks.


For more information, see Curated Snapshots.

Cloud Upgrade on July 30, 2021

Fixed Issue

Issue Description
REAL-16027 Unusual Data Activity (UDA) encryption alert does not get generated when you backup encrypted files.

Cloud Upgrade on July 24, 2021

Known Issue

Issue Description
REAL-16027 Unusual Data Activity (UDA) encryption alert does not get generated when you backup encrypted files.

Cloud Upgrade on June 03, 2021

New Feature - Protect your data from ransomware attacks

At Druva, the security of your organization's data is our topmost priority. With the increasing risk of ransomware attacks, data breaches, and unauthorized access, now it's not only important to safeguard your data but also to have a response plan in place in case you face a cyber threat.

The availability of this feature may be limited based on the license type, region, and other criteria. To access this feature, contact your Druva Account Manager or Druva Support.

To help you protect the data minimize the risks of data loss, we have developed the Accelerated Ransomware Recovery module that aids you to do the following:

  • Detect anomalous behavior - When a data source is attacked by ransomware, it starts manipulating the data stored in it. Such behavior is suspicious in nature and is unlike how the resource owner works with the data on that data source. Since anomalies of this type often indicate issues that require attention, the Unusual Data Activity feature flags such anomalous behavior and notifies you via an alert email. For more information, see Unusual Data Activity.

  • Quarantine infected data sources - When you are already aware that a data source is infected with ransomware, you would want to isolate the infected data in order to contain the infection and restrict it from spreading. The Quarantine feature in the Ransomware Recovery module enables you to quarantine infected snapshots on the impacted data sources and helps safeguard your organization from further infection by barring users or administrators from downloading or restoring the infected data to other data sources. For more information see Ransomware Recovery for EndPoints and Ransomware Recovery for Servers.

  • Scan the data before restoring - Securely backed up data might already be infected and when you restore such data to a particular destination, you run the risk of infecting the destination machine. Using the Malicious File Scan feature, you can scan the data for viruses and malware during a data restore activity. Moreover, you can enable this feature for end-users so that they too can scan the data before restoring it. Druva scans the entire data for potential viruses and malware and blocks the malicious files and only restores the clean files. For more information, see Scan Files Before Restoring.

  • Restrict unauthorized data access - With the employees of an organization spread across the globe, it is critical that only the authorized people in the organization have access to the relevant data that you back up. Druva offers Insights, a dashboard that shows you the details of all administrator login events, data access events, and API requests made from new geographic locations in the past week or month. If you see that someone is accessing the data from an undesired location, you can block their account. This information helps you gain situational awareness about access to the backed-up data by gathering events from all Druva products. For more information, Security Insights Dashboard.

Cloud Upgrade on July 03, 2020

New Features

Realize Storage Insights - Subscribe to saved filters

Realize administrators can now subscribe to saved filters and be informed about the non-critical data growth in their organization on a regular basis. Filters can also be subscribed by non-Realize administrators or other staff in the organization.


For subscribe instructions, see About Realize Storage Insights.


Search Recommendations using Backup Set or Server Name

Administrators can now search and view particular Recommendations using the Backup Set or Server name.


Sort Recommendations

By default, Recommendations are listed in order with the backup set having the largest amount of non-critical data at the top and the least at the bottom. Now,  administrators have the option to sort the recommendations based on the following parameters-

  • Date Created - List Recommendations by date created with the latest generated recommendation at the top.
  • Non Critical Data Growth - List Recommendations by the growth of non-critical data in backup sets with the largest amount at the top.
  • Non Critical Data Size - The default, lists Recommendations by the non-critical data size with backup set having the largest amount of non-critical data at the top.


For more information, see About Recommendations.

Known Issue

Issue Description
REAL-2797 If a Backup set name is too lengthy, complete name is not displayed in the Select Resources Filter in Realize Storage Insights.


Cloud Upgrade on Jun 19, 2020


Druva Realize is now enabled for Product Cloud Administrators

In addition to Druva Cloud Administrators, now Phoenix Cloud administrators can access Realize Storage Insights and Recommendations services.

New Features

Realize Storage Insights - More options to export Realize Storage Insights view

In addition to PDF, Realize administrators can now export Realize Storage Insights view using the following options -

  • Email - Share Realize Storage Insights view over Email as a PDF attachment.

  • CSV - Export Realize Storage Insights view in CSV format. Administrators can have a more granular view of the data or use the CSV to ingest in 3rd party applications for further processing and gain additional insights.

Recommendations - Exclude non-critical file types from Phoenix Content Rule using Recommendations

Administrators can now update the Phoenix Content Rule associated with a backup set directly from a Recommendation and exclude the non-critical file types from backup.

Administrators have option to exclude the non-critical files either from a particular backup set or all the backup sets to which a Phoenix Content Rule is associated.

Use the Exclude Non Critical Data feature in a Recommendation to exclude the file types.


After update, non-critical file types are excluded from backup starting the next backup cycle.

For more information, see About Recommendations.


Cloud Upgrade on May 21, 2020

New Feature

File Analytics - Option to export File Analytics view as a PDF file

Administrators can now export their File Analytics view to a PDF file. This feature helps administrators print their view or share it with other administrators for collaboration purpose.


See Realize Storage Insights.

UI Enhancements


Based on customer interaction with Recommendations, we have updated to make it more intuitive and clear layout to display non-critical data information and enable you to actions. See Recommendations.


Cloud Upgrade on April 23, 2020

New Feature

Introducing Audit Trails - Log and monitor activities performed by administrators

Audit Trails captures the activities performed by the administrators in the Realize Management Console and logs it. Audit Trails helps track and monitor all the activities ensuring complete transparency, traceability, and accountability of all the administrators, thereby aiding forensics and compliance initiatives.

Audit Trails captures details such as the name of the administrator who performed the action, the activity performed, the resource on which the activity was performed and the timestamp of when the action was performed. For more information, see Audit Trails.

Audit Trails are available for actions performed by administrators on the Recommendations service.

  • Was this article helpful?