Osmium Data Group had the pleasure to cover the 2025 edition of Commvault SHIFT, aired in EMEA on Wednesday 19-Nov-25.
The event was rich in content, perspectives, and announcements. We are distilling below the key points and takeaways from our perspective, starting with AI Resilience, then delving into product announcements, to close on Mean Time to Cyber Recovery, an acronym that makes sense.
Introducing AI Resilience
During the keynote, Sanjay Mirchandani, Commvault’s CEO, emphasized that we are entering a new period defined by such scale and complexity that manual operations are no longer feasible.
To protect workloads effectively and address the increasing volume of cyber threats, organizations must rely more heavily on automation. And at this scale, automation becomes inseparable from AI. This is why the keynote focused on AI resilience i.e., augmenting Commvault’s portfolio with AI embedded in its fabric to eliminate tedious manual work, proactively identify threats, provide IT teams with key insights, and significantly simplify restores and cyber recovery operations.
It’s also important to clarify that AI in this context does not refer to LLMs or the hype that is being hammered upon our heads for the past 12-24 months. Pranay Ahlawat, Commvault’s Chief Technology and AI Advisor, pointed out that AI should deliver value, not hype. Commvault’s approach reflects this philosophy.
Product Announcements
This year, the key announcements focused around Commvault Cloud Unity, Identity Resilience, and Cyber Resilience. Let’s unpack these:
Commvault Cloud Unity
The major announcement was Commvault Cloud Unity. It represents the next stage of evolution for Commvault Cloud, but it goes far beyond traditional capabilities.
Over the past few years, Commvault has acquired several companies to strengthen its cloud-native and security portfolio. They purchased Appranix, which offered cloud-native data protection and disaster recovery with application-aware recovery capabilities across AWS and Azure. They also acquired Clumio, the undisputed leader in AWS cloud-native workload protection, particularly for mission-critical workloads, known for exceptional performance and availability. More recently, they added Satori, which brings additional security capabilities.
Integrating three completely different technologies into a unified product is a big bet organizations either succeed or fail – and most either fail spectacularly or never try, to be forever stuck in portfolio sprawl limbo. Commvault appears to have been successful. It’s important to highlight that Commvault Cloud Unity also builds on earlier work following the Metallic acquisition, thus creating a coherent platform.
A key highlight is the unified management experience. Customers now benefit from a single point of control for all deployed instances, supported by a central policy engine that applies consistently across on-prem systems, cloud environments, and hybrid architectures. Cloud Unity supports multi-region and multi-cloud deployments across AWS, Azure, and Google Cloud, with broad workload coverage, including SaaS applications. The platform also consolidates reporting, offering unified insights into cost, consumption, and health metrics.
On top of this, Commvault announced Synthetic AI Recovery, a technology that allows organizations to recover the most relevant and clean backup snapshot. A great benefit for customers is that the analysis is based on existing index / telemetry data, making it available as soon as a customer upgrades to Commvault Cloud Unity, without any learning period. This clearly ties into the AI Resilience strategy highlighted by Sanjay Mirchandani.
Identity Resilience
Commvault Identity Resilience is a new solution, effectively available for Active Directory and Entra ID, with plans to add support for Okta in 2026. The solution continuously scans Active Directory for common vulnerabilities and proactively proposes remediation steps.
Furthermore, the solution includes audit logs and a dashboard, allowing administrators to detect suspicious changes, but also to follow how an attack unfolds and spreads.
More importantly, it allows changes to be rolled back regardless of the scale of the attack, reverting back single changes or entire attack chains. It also integrates with Cleanroom Recovery (see below).
Cyber Resilience
In this area, Commvault relies primarily on its Cleanroom Recovery solution, one of the very few fully productized clean room architectures available in the market. This year, Cleanroom Recovery is improved by the addition of Recovery Runbooks.
Organizations can now create application blueprints to recover entire applications, including even Active Directory Forests and related VMs & resources.
This effectively allows full cyber recovery orchestration, delivering end-to-end resilience across platforms, and drastically reduces MTCR (see below).
MTCR – An Acronym That Matters
“Oh no, yet another acronym! What have we done to be punished this way?” is probably something you’ve said once in your life if you’re a technologist.
But this time, it’s different. MTCR stands for Mean Time to Cyber Recovery. Although it might sound like a buzzword, we have to praise Commvault since this is one of the rare cases where there is actually merit.
With MTCR, Commvault has been thinking about a metric that correlates to business value. It’s not that RPO/RTO are inherently bad, but they typically assume the time and point where data gets recovered, irrespective of its cleanliness. RPO and RTO are relevant in backup recovery and operational disaster recovery scenarios, where SLAs range from minutes to hours, sometimes to days.
But in Cyber Recovery scenarios, Darren Thomson, VP & CTO EMEA Commvault, states that “Realistically, the MTCR is typically four months”, due to the complexity of manual recovery processes and the inability to clearly determine whether data to be recovered is clean and trustworthy. This is light years away from typical RPO/RTO SLAs.
Unless you have a cleanroom recovery solution, the data cleanup process after a cyber attack is likely to be very tedious and lengthy, assuming that there is even something left to recover from, without any guarantee about data health. In contrast, leveraging solutions like Commvault Cleanroom Recovery do the heavy lifting and greatly simplify cyber recovery operations.
We must therefore clearly separate DR from Cyber Resilience. In our TrendScape for Data Protection, we go as far as distinguishing Operational Disaster Recovery and Cyber Resiliency. The first has no security implications, while the second does.
The Osmium Perspective
Commvault SHIFT 2025 was a solid edition packed with industry-relevant announcements that deliver value across the entire data protection stack.
The event is timely and coincides with our release of our first TrendScape market research report focusing on Data Protection, released slightly ahead of these announcements. In our report, we recognize Commvault as a leader both in technical execution and EMEA Readiness, putting the company among a compact group of EMEA Champions.
The announcements around Commvault Cloud Unity, Identity Resilience, and Cyber Resilience demonstrate a solid strategy, outstanding thought leadership, and flawless execution against roadmap, including the successful integration of acquired startups Appranix, Clumio, and Satori.
To find out more about Commvault SHIFT 2025, watch the sessions on-demand here.
