RSAC 2026 Conference | Gagan Gulati, NetApp & Michelle Graff, Commvault

Clips
More from RSAC 2026 Conference

Gagan Gulati

Senior VP and General Manager for Data Service

NetApp

Michelle Graff

SVP Global Partners and Channels

Commvault

play_circle_outline NetApp and Commvault long-standing partnership integrating data protection and storage capabilities.

play_circle_outline Closed-Loop Resiliency Ops: Real-Time Primary Storage Threat Detection Triggering Automated Commvault Recovery Workflows

play_circle_outline Synthetic recovery enables clean restores without reinfecting data.

play_circle_outline Minimizing Blast Radius: NetApp Detects Encryption Attacks, Snapshots, Blocks Users and Sends Alerts

Info
Transcript

Gagan Gulati, NetApp & Michelle Graff, Commvault

Gagan Gulati

Senior VP and General Manager for Data Service NetApp

Michelle Graff

SVP Global Partners and Channels Commvault

In this interview from RSAC 2026, Gagan Gulati, vice president and general manager of data services at NetApp, joins Michelle Graff, senior vice president of partners at Commvault, to talk with theCUBE Research's Christophe Bertrand about how their long-running partnership is delivering autonomous, closed-loop cyber resilience — from threat detection to clean recovery — in the AI era. Gulati details NetApp's autonomous ransomware protection capability, which identifies encryption attacks on primary storage in real time and immediately triggers snapshots while... Read more

explore Keep Exploring

Could you please introduce yourself and describe the alliance between NetApp and Commvault and the value it provides to customers? add

How does the NetApp–Commvault integration enable earlier detection, faster response, and quicker recovery from attacks on primary storage? add

How do the companies integrate — both architecturally and in go‑to‑market/customer and partner engagements — to enable clean/synthetic recovery and minimize the blast radius from a cyber/ransomware incident? add

How does an autonomous ransomware protection solution integrated with Commvault detect attacks and enable rapid, trustworthy recovery to minimize business liability? add

bolt Powered by CUBE AI

Gagan Gulati, NetApp & Michelle Graff, Commvault

search

Christophe Bertrand

>> Welcome back to RSAC 2026. I'm Christophe Bertrand, principal analyst with theCube Research. We're here to talk about a great alliance, great partners who have been partners for many years. And I'm very pleased to welcome Gagan Gulati who is VP and GM of data services at Commvault and Michelle Graff who is SVP of partners. Sorry, NetApp, for Gagan.

Gagan Gulati

>> Yes.

Christophe Bertrand

>> And Michelle for Commvault. Great partnership, lots of customers in common. And I have to say there's plenty going on at this show. Lots of discussions about AI and cyber resiliency and resiliency operations. Oh, my God. But I want to talk about specifically this alliance. I think it's a very important thing to start with. So before we do that, could you please quickly introduce yourself? You have a very big job at NetApp, and then Michelle we'll talk about your job and then the alliance. So, Gagan, go ahead.

Gagan Gulati

>> Christophe, first of all, again, a pleasure to be with you. My role at NetApp is to lead our data services team that primarily focuses on helping our customers with ensuring that data is well secured, well governed, well protected. And in this role, we build a lot of technology ourselves to help achieve that. And then we work with many of our partners, including Commvault, to make sure that our customers get the best value and continue to utilize NetApp as the most secure storage on the planet.

Christophe Bertrand

>> Perfect. And Michelle, tell us about yourself.

Michelle Graff

>> Yeah, excellent. So as you said, I run our global partner organization. And my role is ultimately to help unlock the power of investments that customers have already made in organizations like NetApp that we power with and leveraging Commvault solutions to help them do that.

Christophe Bertrand

>> Right. And so let's talk about DoubleClick on the alliance. Obviously this is a very critical alliance. I think a lot of commonalities in terms of philosophies, in terms of go to market, and of course data being at the heart of everything. So, Michelle, tell us more about the alliance. I know it's been going on for many years and really the value that your customers are getting from this partnership.

Michelle Graff

>> Yeah. So Christophe, there's never probably been a more critical time for organizations to rethink their cyber resiliency. With the rapid rise of data to power AI, but also the rapid rise of AI powered threats, it's critical for organizations to rethink their resiliency and shift to more of what we're calling a res ops model. And that is ultimately a continuous closed loop around resiliency ops. And we can't do that without our partners. So Commvault and NetApp are building a unified solution to be able to help customers autonomously detect threats as well as recover cleanly and reliably from those threats.

Christophe Bertrand

>> Yes. And that's absolutely critical. That's really the one thing that people care about, which is the ability to recover. A lot of discussions happen around detection. We'll talk about that. But at the end of the day, if you can't recover, you're nowhere and do very much like the resilience ops positioning and messaging because I think that's really what it's all about at the end of the day. So you mentioned closed loop, and I want to talk about close loop architectures and really Gagan, I'd like for you to talk about this announcement that you've just made at RSAC 2026.

Gagan Gulati

>> Yeah. Look, I mean, we over the years at NetApp have prided ourselves in helping our customers detect the attacks early on primary storage. And with the work that NetApp and Commvault have done together, what it means is that we are able to now connect the early threat detection signals from the primary storage. And we are now able to, working with Commvault to send the signals over to Commvault so that Commvault can now therefore trigger a lot of their recovery flows, backup flows and recovery workflows right away that allows our customers to now detect these attacks early, respond quickly, and then at the end of it, most importantly, recover quickly. And that's where both the companies are coming together to help our customers do that because without such a partnership and such a deeper integration, I'm going to talk more through this, it could be hours before you know that there have been attacks. And with the advent of AI, as you know, these attackers, these malicious users within hours can actually completely ruin your infrastructure, can completely encrypt everything and run away before you even think about how to respond. So that's why this closed loop architecture of detecting threats early, and then triggering the right set of workflows to recover quickly, almost immediately is a game changer for the industry.

Christophe Bertrand

>> Yeah. I'd like to say it's almost like NIST in a box. Michelle, what's your take on the announcement?

Michelle Graff

>> Yeah. So, Christophe, imagine in a world where a cyber threat comes in. Now instead of having disparate technologies and unsiloed security and data teams, with autonomous ransomware and recovery from NetApp and with Commvault's clean recovery with synthetic recovery, when that threat comes in, we can minimize the blast radius and then recover not only just quickly, but cleanly not reinfecting the files from what's the malicious code that's been infected. And we do that through synthetic recovery.

Christophe Bertrand

>> Right. So I'd like to double kick on that because there's a bunch of integration going on behind the scenes as anybody can imagine. And I also like the fact that you can probably leverage some of the clean room capabilities and other fun things to do with the Commvault architecture as well. So let's talk about integration. I'll start with you, Michelle. What do you do from an integration perspective, both at the architectural level, but also for customers at the go-to-market level? How do you work together? And you deal with partners quite a bit, so I imagine partners are pretty key to this integration as well.

Michelle Graff

>> Yeah. It's a great question, Christophe. And you and I go back a long way in this industry, and integrations have always been the cornerstone of providing more value to customers, but I think we've catapulted into a new modern approach to integrations. And these aren't just integrations now, these are co-engineered solutions together, and it becomes the new blueprint with AI driven policies to be able to autonomously deliver much faster value and recovery for customers because they could become more predictable with the data infrastructure intelligent layer from partners like NetApp, and then from our AI threat detection, all the way to being able to ensure that you can drive policies to not reinfect your recovery. And so when you create that all together, this is now a whole new next generation of, you can call them integrations, but they're more autonomous, almost like Agentic solutions that are now powering the solution for customers.

Christophe Bertrand

>> Oh, the magic word, Agentic. I'm sure we'll talk more about that. Gagan, what's your take on the integration? You come obviously more from the storage part of the equation, maybe a little closer to the data in a sense from a production standpoint, yet it's a continuum clearly from what we've just heard. So I'd love to get your take on the integration, how you approach it.

Gagan Gulati

>> 100%. As Michelle said, one of the things that we have tried ourselves over the years, and Michelle used the name autonomous ransomware protection, is the key to all of this, because what we are able to do now with extremely high accuracy is that we can detect very early encryption attacks. We can detect in real time that there is a data breach going on, right? And when therefore these attacks happen, we, of course, will help our customers take a snapshot right away. We can help our customers block the user from doing anything else, but most importantly, and I think that's where the value of the partnership and the co-engineer integration comes in, is that we will start sending signals and alerts to the Commvault control plane, right? So now on the Commvault control plane, whether it's customer's choice automated or manually, the security operation teams come into play, the operators come into play, and now they're able to say, "Oh, I can see clearly that there was just an attack. There has been a snapshot taken. I should start immediately taking a backup." While you are bringing the rest of the situation room into play to make sure that you can totally understand what the response is going to look like, you can understand how much data was actually affected, you can start to understand how you're going to start recovering. That's the key to this, not eight hours later, but right away, right? And once you're able to do that, you know that, yes, your drive is infected or your volume is infected, your data is infected, but that volume data is infected is really small. And you know that you can, if you respond quickly and correctly, then you can recover within hours, not days, not weeks, but you can recover within hours. And with the Commvault, as Michelle was saying, technology from the other side, which is in helping cleanly recover, you now have the trust that not only can you recover quickly, you can recover with trust. And that's what most companies want. That's what CISOs want, right? That's what the CIOs want, that's what companies want, which is to reduce the liability down to a minimal. And that's what the integration really does is to give trust to the senior members of the team, to the senior leaders, that they can recover quickly, they can recover with trust, and the overall liability that they'll end up having is really small. And that's what the two of us have been trying to push for.

Christophe Bertrand

>> It makes a lot of sense. And I'm thinking RTOs and RPOs should be renamed resiliency, time objectives and point objectives, but what I'm hearing is very important for our viewers so they understand instead of having to deal with potentially weeks of recovery because you've left things essentially perpetuate themselves and the data get affected and infected and then spread across multiple domains, what you're saying is you essentially catch it early, you stop it early, you surgically fix it early, so that essentially it becomes almost irrelevant from a production standpoint. Don't really see it, doesn't really affect you, or at least at a minimum, you can minimize the impact. So I think that's very powerful. And you mentioned AI a couple of times. Michelle, I'd like to talk to you about that for a second. AI is obviously something we're seeing all around here. I mean, it's not a cyber security event, it's an AI event as far as I'm concerned, but I think there are two sides to this coin. There's AI for data protection. Clearly a lot of AI is already being leveraged in your respective solution that certainly I expect in the integration. And there's also data protection for AI protecting the AI infrastructure itself. So can you tell us more about your approach to AI at Commvault, Michelle? How does it play with the resiliency ops approach, and what do you expect it to be moving forward?

Michelle Graff

>> Yeah. So, Christophe, I would say there's three sides to this coin, right? So as threats are being powered by AI, you need to have AI driven threat prevention, but you also need to have clean data to power your AI for organizations. And so where you think about Commvault that's been protecting data for decades for hundreds of thousands of customers, it now becomes that resiliency ops of both being able to use AI powered solutions to autonomously detect those threats and be more on the offense, not just the defense, but also helping customers with being more competitive and staying relevant in their market and accelerating the use of AI. And where better to go than to your data that's already been trusted by your resiliency partner and Commvault who's been able to protect and provide governance and trust around that data to leverage that data both from a clean and be able to be resilient around that data, but also to power the right data into those AI models. We acquired a company called Satori about a year ago, and now we can actually provide the right governance and controls around the access and the utilization of that data, in addition to discovering the sensitive data that you may or may not want to be powered into those AI models.

Christophe Bertrand

>> Right. So for our viewers, I think it should be pretty obvious at this point that if you want to do AI, that's great. Go ahead. Even in Agentic AI, at the same time, you cannot do that unless you have data that you can trust. One of the precursors or requirements for trust in AI is going to be data that is essentially cyber resilient, that is clean, that is managed, et cetera, that is governed. So I think the combination is to me here very obvious. You cannot go to that next stage of AI nirvana as an organization without having some level of control, which certainly the closed loop architecture provides from a resiliency standpoint, but that's again, a precursor to anything else. So I think we've established here some very important steps. And let's talk about maybe what the future looks like in closing, some thoughts you may have. Gagan, I'm going to turn to you for this one, and then we'll talk to Michelle about this. What are your thoughts on where this is going next in the next year, couple of years?

Gagan Gulati

>> Yeah. I mean, look, to the point you made, this is the world of AI. This is a generation of AI. And as more and more companies start investing in AI, it's going to be all fueled by data, right? And we just have to, from our perspective, we want to make sure that data governance and data security don't come in the way of productivity, right? That's the key. These AI agents are hungry for data. We have many running in our company, and we want to make sure that these AI agents, as they access this data, they're able to access it in the right way. So that's number one. Number two, if you are building your own AI models, you want to make sure that the data that these models are receiving is definitely clean, is trusted, so that at the end of it, when these models are going to go into production, that's not the time when you have governance questions or you have security questions. You understand the lineage of this data, you understand that you have trust in that data. So in some sense, what the whole wave of AI has done is has brought all of these questions right to the forefront, not an after fact, but at the forefront where you have to think about your data strategy, you think about a data infrastructure strategy right at the beginning rather than at the end. So I think that's basically what we are seeing across the board. I mean, that's where we're seeing a genuine interest from our customers in terms of helping them understand where their data even exists, so we can discover it, they can understand what's sensitive, what should be, or the context of the data so that they can use it appropriately for their AI projects, whatever they may be. And I think from my perspective, I think the guidance is just focus and make sure that it's a proactive conversation rather than a reactive conversation, right? And so that at the end you don't have to worry... It's not at the end you say, "Hey, what data were you using? Are you making sure this was well governed?" And those questions can be answered at the beginning. It'll definitely ensure a much higher level productivity for all customers and all the companies than it would not.

Christophe Bertrand

>> So, Michelle, what's your take?

Michelle Graff

>> Yeah. I mean, just to summarize, I mean, AI is another workload, it's also another application. And so protect against threats within the AI, be able to recover because we know that there's going to be threats within AI, and then enable organizations to leverage the safe use of data and control the governance around that for AI. So I think together, Commvault and NetApp, we sit squarely at the center of the data in being able to both be on offense and defense for AI and to be able to empower customers to use that data safely.

Christophe Bertrand

>> Well, you summed it up perfectly. There's no safe AI without safe data, and definitely this partnership does that for your customers. Well, Michelle, thank you very much. Gagan, thank you.

Gagan Gulati

>> Thank you very much.

Michelle Graff

>> Thank you very much.

Christophe Bertrand

>> And to our viewers, thank you very much. Stay tuned. We have a lot more coverage coming up, RSAC 2026 in San Francisco.