AWS Partner Network (APN) Blog

Cyber recovery with AWS Elastic Disaster Recovery and Elastio Platform

​By Eswar Nalamaru, Product Manager – Elastio
By Stuart Lupton, Sr. Specialist SA, Storage – AWS

AWS partner Elastio
Connect with Elastio

In today’s digital landscape, where consumers expect services to be “always on, always available,” organizations face challenges that can disrupt operations. Cyberattacks like ransomware threaten businesses with data theft, financial losses, system outages, and reputational harm, disrupting operations. Robust recovery is crucial for maintaining customer trust and business resilience.

However, traditional disaster recovery cannot protect against sophisticated cyberattacks that compromise recovery point integrity. Cyber actors often employ stealthy tactics, gradually encrypting data to evade detection, leading to the inadvertent backup of malicious data. This scenario results in corrupted recovery points, leaving organizations without a clean state to restore when it matters.

This is why organizations are now investing in data integrity validation, a critical level of protection that ensures recovery data is clean, uncorrupted, and ransomware-free before it’s ever needed. This post will explore the Elastio Platform and its integration with AWS Elastic Disaster Recovery to automate the verification of replicated recovery points for real-time data integrity assurance.

About Elastio and AWS Elastic Disaster Recovery

The Elastio Ransomware Recovery Assurance Platform provides this critical layer by continuously validating the integrity of backups and storage. It detects ransomware encryption and data corruption proactively, giving teams the confidence that their recovery points are trustworthy.

AWS Elastic Disaster Recovery (AWS DRS) is a service that reduces downtime and data loss with fast, reliable recovery of on-premises and cloud-based applications to Amazon Web Services (AWS). It can decrease your recovery point objective (RPO) to seconds and recovery time objective (RTO) to minutes. You can quickly recover operations after unexpected events, such as software issues or data center hardware failures.

When integrated, AWS DRS and Elastio Platform offer a complete solution: rapid recovery combined with data integrity validation. The Elastio Platform automatically scans the replicated data handled by AWS DRS, identifying hidden threats like ransomware encryption and validating recoverability. This ensures that your recovery points are not just available, but free from ransomware

Disaster Recovery using AWS DRS

AWS DRS continuously replicates your source servers’ data (including operating system, system state configurations, databases, applications, and files) to a staging area subnet in your AWS account. During replication, the data is encrypted in transit and at rest. In the event of a disaster or planned migration, AWS DRS simplifies and automates the recovery process, allowing you to launch your business-critical applications on AWS with minimal downtime.

Key features of AWS DRS include:

  • Continuous data replication with RPO of seconds
  • Fast failover with automated recovery instance launch
  • Non-disruptive disaster recovery testing
  • Support for a wide range of operating systems and applications
  • Point-in-time recovery capabilities
  • Cost-effective disaster recovery with minimal compute resources during replication

With these capabilities, AWS DRS provides a robust foundation for disaster recovery. However, in today’s evolving threat landscape, particularly with the rise of sophisticated ransomware attacks, organizations need additional layers of protection to ensure their recovery points are available and free from cyber threats.

Elastio Ransomware Recovery Assurance Platform

Clean, safe, and usable recovery points is ensured by Elastio Ransomware Recovery Assurance Platform (Elastio Platform) integration with replication and recovery processes. It acts as an expert system, scanning for indicators of malicious file-level encryption caused by ransomware actors or insider threats. This transforms traditional disaster recovery into cyber recovery, a modern Zero Trust-aligned approach that ensures organizations recover confidently from verified, uncompromised data.

By automatically and proactively scanning replicated data, Elastio provides near real-time insights into ransomware risk and data integrity, identifying threats like the below.

  • Zero-Day Ransomware Encryption: Powered by a behavioral machine learning engine, Elastio detects ransomware encryption at the file level, even from previously unseen (zero-day) variants, with 99.999% accuracy
  • Unauthorized Encryption: The platform alerts on abnormal or unauthorized encryption, providing critical protection against insider threats.
  • File System Corruption: Elastio Platform detects structural damage that could render recovery points unusable—even if the data appears intact on the surface.
  • Pre-Detonation Ransomware: By spotting dormant ransomware binaries embedded within files before they execute, Elastio helps stop outbreaks before they begin.

Built on years of cyber intelligence expertise, the Elastio Platform empowers organizations to meet aggressive recovery objectives with confidence. By ensuring clean, validated recovery points are available, businesses can restore operations swiftly and securely. Minimizing downtime, preventing reinfection, and maintaining continuity in the face of growing cyber threats.

AWS DRS and Elastio Platform Integration: How It Works

Integrating Elastio with AWS DRS automates the scanning and validation of replicated recovery points, providing near real-time assurance of data integrity.

The deployment process for the Elastio Platform begins with subscribing through the AWS Marketplace. After subscription, customers can proceed with deploying the Elastio Platform in their AWS environment using either an AWS CloudFormation template, which can be generated within the Elastio Console, or through Terraform. For organizations requiring multi-region scanning capabilities, Elastio can be deployed across multiple AWS Regions as needed.

To enable scanning functionality for AWS DRS snapshots, customers need to either add the elastio:action=scan tag to specific source servers or configure scanning for all protected instances through Elastio Settings. The Elastio platform scans hourly snapshots for signs of ransomware encryption and daily snapshots for ransomware encryption and malware binaries, striking a balance between robust security and operational efficiency.

If you’re already using the Elastio Platform to protect AWS Backup, you can also extend the same deployment to cover AWS DRS.

The Elastio Platform can be deployed either in a dedicated AWS account to adopt a centralized scan architecture, or individually in each AWS account where AWS DRS is used. The Elastio Platform scan cluster, which leverages AWS Batch, dynamically scales by provisioning on-demand instances during scan operations and scaling down when idle, ensuring efficient resource utilization.

Figure 1, illustrates Elastio Platform’s scan architecture deployed to a dedicated AWS account. AWS DRS snapshots are shared with the account where the Elastio Platform scan cluster resides, and all scans are performed within your environment. Only scan metadata and inventory details are sent to Elastio Platform’s backend for dashboarding and reporting purposes.

Elastio Platform’s scan architecture diagram

Figure 1 – Elastio Platform’s scan architecture diagram

For customers who prefer a hands-off experience, Elastio Platform offers a fully managed solution, where the scan cluster runs in Elastio Platform’s backend — simplifying operations while maintaining robust protection.

Customer Benefits

Integrating AWS DRS and Elastio Platform delivers capabilities that organizations need for modern cyber recovery, such as:

  • Integrated Speed and Assurance – The combined solution pairs AWS DRS’s rapid failover with Elastio’s data integrity validation, enabling fast recovery that’s also clean, trusted, and secure.
  • Cyber-Resilient Recovery by Design – Together, AWS DRS and Elastio bring recovery workflows in line with Zero Trust principles, adding proactive scanning for ransomware and data corruption into data protection workflows.
  • Confident Compliance Posture – With automated validation reports confirming the integrity of recovery points, organizations can simplify audits and meet emerging cyber regulations like NYDFS, DORA, and beyond.
  • Operational Continuity with Less Risk – Pre-validated, ransomware-free recovery points reduce uncertainty during critical moments—minimizing downtime, avoiding reinfection, and supporting seamless continuity.

Conclusion

The integration of AWS DRS and the Elastio Ransomware Recovery Assurance Platform represents a modern approach to cyber recovery. This combined solution delivers both rapid failover capabilities and automated data integrity validation, enabling organizations to recover with confidence knowing their recovery points are both available and free from ransomware. As cyber threats continue to evolve, this integrated approach helps organizations maintain business continuity while reducing recovery risks.

Ready to experience the power of clean and secure recovery?

Request a tailored demo to see how the Elastio Platform and Elastic Disaster Recovery can safeguard your critical data. Take the next step towards ransomware-resilient recovery.
.
Connect with Elastio
.

Elastio – AWS Partner Spotlight

Elastio is an AWS Partner that integrates with AWS Elastic Disaster Recovery to scan recovery points for threats and quickly identifies the last clean recovery point.

Contact Elastio | Partner Overview | AWS Marketplace