Identity systems are becoming one of the most critical parts of enterprise infrastructure. As organizations rely more heavily on cloud applications, automation, and AI-driven systems, identity platforms increasingly control who and what can access core business services.
Commvault’s latest updates focus on protecting that layer.
The company has expanded its Identity Resilience portfolio to support Okta environments and announced an integration with CloudSEK to help organizations detect exposed credentials circulating on the dark web. Together, the updates aim to help security teams detect identity risks earlier and recover faster when identity systems are disrupted.
Expanding Identity Resilience to Okta
Many organizations already rely on identity providers such as Okta to manage authentication and access across applications. But when an identity platform becomes unavailable or misconfigured, the operational impact can be immediate. Users can lose access to applications, systems may fail to authenticate, and core business processes can stall.
Commvault says its new support for Okta focuses on helping organizations recover quickly when those disruptions occur.
Brad Kirby, VP of Product Management at Commvault, told ChannelE2E that the additional recovery layer is designed to address situations where the identity platform itself experiences problems.
“Okta is already designed for resilience. However, when any identity provider is disrupted, organizations can experience widespread operational impact due to things like human error, misconfiguration, malicious activity, and insider threats. Through this expanded partnership, Commvault will provide organizations with independent, immutable protection and rapid recovery to minimize downtime and restore access quickly.”
In many environments, restoring identity systems still involves manual scripts or complex recovery processes. That approach can slow down response times during an incident.
“If an identity system is compromised or misconfigured, manual recovery can take hours or even days,” Kirby said. “Commvault is delivering automated recovery workflows to help reduce manual effort and the risk of errors during identity restoration. Customers can restore affected objects and attributes in minutes, as well as recover entire Active Directory forests up to 22x faster.”
The solution provides automated protection and granular recovery of identity objects such as users, groups, applications, and policies. Organizations can restore specific objects or configurations rather than rebuilding the entire identity environment.
Industry analysts say that type of recovery capability is becoming increasingly important as identity systems take on a larger operational role.
“Identity resilience is fundamental to achieving higher levels of operating resilience,” said Dave Gruber, Principal Analyst at Omdia. “While identity management and security have always been critical to security programs, the AI-era, and more specifically, the use of agent-based AI solutions, is elevating the importance of both identity and data resilience.”
Protecting Machine and AI-Driven Identities
Identity environments are also becoming more complex as organizations deploy automation tools, APIs, and AI-driven systems. These technologies often introduce large numbers of machine identities and service accounts.
Kirby said identity resilience must account for those automated systems as well.
“AI is reshaping how organizations protect themselves. With this work, customers will benefit from intelligent anomaly detection, risk prioritization, automated remediation workflows, and correlated external and internal threat signals. Commvault’s approach is purpose-built for the agentic enterprise and helps protect against AI-driven threats while enabling safe AI adoption.”
Commvault positions its identity resilience platform as broader than traditional backup systems, which typically focus on restoring files or databases.
“Traditional backup vendors focus primarily on data recovery,” Kirby said. “Unlike them, Commvault’s technology extends into arming enterprises with identity-specific granular recovery, full Active Directory forest recovery, continuous identity change auditing, vulnerability assessments, external credential exposure intelligence, and immutable, air-gapped identity protection. This goes beyond backup into comprehensive cyber resilience.”
Detecting Exposed Credentials Earlier
Alongside the Okta expansion,
Commvault also announced an integration with CloudSEK to help security teams identify compromised credentials earlier.
Credential theft remains one of the most common entry points for cyberattacks. According to the companies, nearly 80% of breaches involve compromised credentials, and billions of stolen usernames and passwords circulate across underground marketplaces and criminal forums.
The integration brings CloudSEK’s dark web credential intelligence into Commvault’s Active Directory protection tools. The goal is to help organizations identify exposed credentials and take action before attackers use them.
“With this solution, administrators will be able to do things like disable and lock accounts, force credential resets, and roll back malicious changes,” Kirby said. “As a result, this enables security teams to act before compromised credentials are weaponized.”
CloudSEK monitors dark web marketplaces, stealer logs, and other external sources for stolen credentials. That intelligence is then correlated with activity inside Active Directory environments.
“CloudSEK will enhance identity security workflows by embedding external credential intelligence directly into Commvault’s identity resilience capabilities,” Kirby said. “It connects external exposure signals with internal directory activity - reducing manual correlation and accelerating response.”
By connecting those external signals with internal monitoring tools, security teams can identify compromised accounts earlier and respond by disabling accounts, resetting credentials, or reversing malicious changes.
“By integrating CloudSEK’s external exposure threat intelligence with Commvault’s Active Directory protection capabilities, we’re expanding customers' ability to uncover hidden identity risks earlier and neutralize identity-based threats before they escalate – critical as attacks become more AI-driven and agentic,” said Pranay Ahlawat, Chief Technology and AI Officer at Commvault.
“In today’s AI-driven threat landscape, partnerships are critical to closing the gap between external intelligence and internal action,” said Nivya Ravi, AVP – Partnerships at CloudSEK. “By embedding CloudSEK’s predictive threat intelligence into enterprise security workflows, we enable organizations to act on exposed credentials and identity risks before attackers can operationalize them. This is about shifting from reactive detection to proactive disruption.”
Why Identity Recovery and Early Detection Matter
Identity systems often become the first target during ransomware attacks or large-scale intrusions. If attackers gain control of identity infrastructure, they can move laterally, escalate privileges, and disable security controls.
Kirby said the combined capabilities are intended to help organizations recover from those scenarios more quickly.
“Identity is often the first system targeted in ransomware attacks,” he said. “With this expanded partnership, Commvault and CloudSEK will enable organizations to identify compromised credentials early, roll back malicious Active Directory changes, restore identity objects to clean points in time, and protect identity backups in immutable, air-gapped storage. At the end of the day, this supports clean recovery of both identity systems and business operations.”
Commvault’s identity resilience support for Okta is expected to enter early access in spring 2026, with general availability planned for summer. The CloudSEK integration is also expected to be available this summer for customers using Commvault’s Active Directory vulnerability assessment and audit tools.
