Rubrik, Inc. (‘Rubrik’) offers data security solutions to organizations ranging from the largest companies worldwide to mid-sized smaller customers.
Realizing that cyberattacks ultimately target data, the company created Zero Trust Data Security to deliver cyber resilience, so that organizations can secure their data across the cloud and recover from cyberattacks.
The company built Rubrik Security Cloud, or RSC, with Zero Trust design principles to secure data across enterprise, cloud, and Saa...
Rubrik, Inc. (‘Rubrik’) offers data security solutions to organizations ranging from the largest companies worldwide to mid-sized smaller customers.
Realizing that cyberattacks ultimately target data, the company created Zero Trust Data Security to deliver cyber resilience, so that organizations can secure their data across the cloud and recover from cyberattacks.
The company built Rubrik Security Cloud, or RSC, with Zero Trust design principles to secure data across enterprise, cloud, and SaaS applications. RSC delivers a cloud-native SaaS platform that detects, analyzes, and remediates data security risks and unauthorized user activities. The company’s platform is architected to help organizations achieve cyber resilience, which encompasses cyber posture and cyber recovery. The company enables organizations to confidently accelerate digital transformation and leverage the cloud to realize business agility.
The company built a unique software-as-a-service, or SaaS, architecture that combines data and metadata from business applications across enterprise, cloud, and SaaS applications to create self-describing data as a time series. Self-describing data contains information, such as application context, identity, data sensitivity, and application lineage. This allows the company to apply artificial intelligence and machine learning directly to business data to understand emergent data threats and deliver cyber recovery. The company combined backup and recovery and cybersecurity into a single platform built with a Zero Trust architecture, significantly shrinking the attack surface that exists with legacy solutions. The company’s Zero Trust Data Security platform assumes that information technology infrastructure will be breached, and nothing can be trusted without authentication. The company’s data threat engine, powered by artificial intelligence and machine learning, analyzes the self-describing data time series to derive security intelligence from data and provide remediation recommendations. Automation is at the core of the company’s architecture ethos. The company’s automated policy-driven platform delivers data security enforcement, incident response orchestration, and API integrations with the broader security ecosystem.
The company’s business is indexed to business data growth. The company’s customers’ need for its solutions grows in lockstep with their business data growth and their need for additional data security capabilities. The company primarily sells subscriptions to RSC through its sales team and partner network by employing a land and expand sales strategy. The company lands new customers by selling subscriptions to RSC to secure any one of four distinct types of data: enterprise, unstructured data, cloud, and SaaS applications. Expansion happens along three vectors: the growth of data from applications already secured by Rubrik; new applications secured; and additional data security products. This expansion is driven by a natural flywheel effect in which the value of its platform increases as its customers’ data grows across various applications.
Data Security Platform and Products
Rubrik has a unique and purpose-built Zero Trust Data Security approach to help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. The company enables organizations to implement a Zero Trust framework at the data layer, deliver data availability that withstands the aforementioned adverse conditions, and uphold data integrity even when infrastructure is compromised or attacked.
RSC, built with a Zero Trust design, automates data policy management and enforcement, delivers threat analytics and response, and orchestrates rapid recovery. RSC is a cloud-native SaaS platform that secures data across disparate sources, allowing customers to have a single point of control from one user interface. RSC is built on a proprietary framework that represents time-series data and metadata generated across enterprise, cloud, and SaaS applications. The company builds products on top of RSC to address a myriad of use cases that help its customers achieve cyber resilience, from hardening their data security posture to cyber recovery. These use cases include protection and recovery from cyberattacks, malicious insiders, and operational disruptions; orchestration of cyber and operational recovery, failover/failback testing, and cloud migration; sensitive data classification and visibility into over-privileged data access; monitoring for governance, regulatory compliance, and data breaches; and identification, containment, and remediation of ransomware and other security threats.
The company’s access to time-series data and metadata allows it to deliver a breadth of products that span the following areas:
Data Protection: The company cyber-proofs various sources of data in an organization with secure, access-controlled backups. The company’s data protection products are built for ease of deployment and use, scalability, and rapid recovery from cyberattacks, malicious insiders, and operational disruptions. The company offers data protection products to manage enterprise, unstructured data, cloud, and SaaS applications. The company also protects identity provider services, such as Microsoft Active Directory and EntraID.
Data Threat Analytics: The company detects data threats and identifies the blast radius of a cyberattack to speed up data recovery. It combines Anomaly Detection, Threat Monitoring, and Threat Hunting. Anomaly Detection uses advanced machine learning to detect deletions, modifications, and encryptions. Threat Monitoring continuously monitors for indicators of compromise commonly used by bad actors to establish persistent access, move laterally, or exfiltrate data. Threat Hunting allows incident responders and Security Operations Center (SOC) analysts to hunt for indicators of compromise and determine the initial point, scope, and time of infection.
Data Security Posture: The company strengthens cyber posture by locating sensitive data proliferation and identifying data risks. This includes Sensitive Data Monitoring and User Intelligence, which altogether discovers where data lives, sensitivity of data, and user access and activity.
Cyber Recovery: The company improves cyber readiness and incident response with orchestrated Cyber Recovery Simulation, Threat Containment, and orchestrated Active Directory Forest Recovery. Cyber Recovery Simulation is used by the company’s customers to create, test, and validate recovery plans, while also staying compliant with policy and audit requirements. Cyber Recovery can also be used to recover compromised data within a safe environment for forensic analysis. Threat Containment is used to quarantine data infected with malware so that recovery is enabled without reinfection. Active Directory Forest Recovery orchestrates the recovery of an organization’s Active Directory identity service to the desired point in time while avoiding malware reintroduction.
The company’s products are delivered and consumed via its RSC platform. RSC secures data across enterprise, cloud, and SaaS applications, including:
Enterprise: VMware, Microsoft Hyper-V, Red Hat OpenShift, Microsoft SQL Server, Oracle, PostgreSQL, IBM Db2, Microsoft Windows, Nutanix, Kubernetes, Cassandra, MongoDB, Linux, UNIX, AIX, NAS, Epic, and SAP HANA.
Cloud/SaaS: GCP, Azure, AWS, M365 (Microsoft Teams, SharePoint, Exchange Online, and OneDrive), Salesforce, and Atlassian Jira Cloud.
Architecture Matters
The following attributes of the company’s platform architecture allow it to offer a differentiated approach to data security:
Time-Series Data and Metadata: The company designs its platform to manage time-series data and metadata as core assets. The company’s platform combines data and metadata together into self-describing data and records its history over time. To provide a single point of control for data across enterprise, cloud, and SaaS applications, the company has constructed a proprietary framework to uniformly represent self-describing data across time. Doing so gives the company full context of data and unlocks security use cases, allowing it to build products for cyber recovery and security intelligence.
Zero Trust Design: The company employs Zero Trust principles to prevent threats at the data layer. The company’s use of native immutability, secure protocols, logical air gap, encryption, role-based access controls, multi-factor authentication, and native services upholds data integrity and availability.
Data Threat Engine: The company has developed a proprietary machine learning and artificial intelligence-based data threat monitoring and management engine to surface anomalous activities and indicators of data breaches. The company’s self-describing data, which combines data and metadata, gives it the ability to surface emergent data threats, understand data sensitivity, and identify malicious user activities.
Automation: Core to the company’s product design ethos is automation. To consistently secure and manage data at scale, its platform delivers automated end-to-end policy management and enforcement, orchestration of security incident response, and API integrations.
Growth Strategy
The company’s strategies are to continue to grow its SaaS solutions; grow its customer base; expand within its customer base; innovate and extend its product leadership; grow and harness its partner ecosystem; expand its global footprint; and pursue strategic acquisitions.
Customers
The company sells to organizations of various sizes that operate across a wide range of industries, including financial services; retail, trade, and transportation; energy and industrials; healthcare and life sciences; public sector and education; technology, media, and communications; and services.
Commercial Offerings
RSC is a cloud-native SaaS platform that secures data across disparate sources. The company builds products on top of RSC to address a myriad of use cases that help its customers achieve cyber resilience. The company’s primary commercial products are as follows:
Data Protection
Enterprise Data Protection: The company cyber-proofs enterprise data on physical systems, operating systems, virtual machines, databases, file systems, and containers with air-gapped, immutable, access-controlled backups.
Unstructured Data Protection: The company cyber-proofs unstructured file and object data stored on petabyte-scale NAS systems with air-gapped, immutable backups.
Cloud Data Protection: The company cyber-proofs Azure, AWS, and GCP cloud application data and databases with secure, access-controlled backups.
SaaS Data Protection: The company cyber-proofs M365, Salesforce, and Atlassian Jira Cloud data with air-gapped, immutable data resilience and rapid recovery at scale.
Identity Provider Services Protection: The company cyber-proofs Microsoft Active Directory and EntraID with immutable backups and rapid recovery across hybrid environments.
Data Threat Analytics
The company detects data threats and identifies the blast radius of a cyberattack to speed up data recovery. It combines Anomaly Detection, Threat Monitoring, and Threat Hunting. Anomaly Detection uses advanced machine learning to detect deletions, modifications, and encryptions. Threat Monitoring continuously monitors for indicators of compromise commonly used by bad actors to establish persistent access, move laterally, or exfiltrate data. Threat Hunting allows incident responders and SOC analysts to hunt for indicators of compromise and determine the initial point, scope, and time of infection.
Data Security Posture
The company strengthens cyber posture by locating sensitive data proliferation and identifying data risks. This includes Sensitive Data Monitoring and User Intelligence, which altogether discovers where data lives, sensitivity of data, and user access and activity. A hardened cyber posture helps customers proactively reduce the risk of cyberattacks, data exfiltration, and sensitive data exposure, in addition to enhancing data governance for generative AI.
Cyber Recovery
The company improves cyber readiness and incident response with orchestrated Cyber Recovery Simulation, Threat Containment, and orchestrated Active Directory Forest Recovery. Cyber Recovery Simulation is used by the company’s customers to create, test, and validate recovery plans, while also staying compliant with policy and audit requirements. Cyber Recovery can also be used to recover compromised data within a safe environment for forensic analysis. Threat Containment quarantines data infected with malware to prevent malware reinfection during recovery. Active Directory Forest Recovery orchestrates the recovery of an organization’s Active Directory identity service to the desired point in time while avoiding malware reintroduction.
In addition, the company offers Ruby for AI data defense and recovery. Ruby is designed to augment human efforts with its generative AI capabilities, helping customers scale their data security operations with automation, boosting productivity, and bridging the users’ skills gap. Ruby uses Microsoft Azure OpenAI Service in combination with the company’s own proprietary, internally developed software. The company’s proprietary software augments user queries to generate prompts that are submitted to the Azure OpenAI model and also enhances the model output to generate responses presented back to the user. The company chose to use Microsoft Azure OpenAI Service based on its security features and because it offers an advanced AI model provisioned in Rubrik’s Azure environment, such that the data stays within Rubrik’s control.
The company’s commercial products are used by customers to deliver business resilience against operational failures and cyberattacks. Customers use the company’s Data Protection, Cyber Recovery, and Data Security Posture products to strengthen cyber posture, comply with regulations, and conduct recovery from operational failures, human errors, or natural disasters. During a cyberattack, customers use Data Threat Analytics in addition to the products to identify, contain, and remediate data threats, determine the scope of sensitive data exposure, recover data, and conduct event response.
The company’s RSC platform is built to be highly flexible and scalable, enabling it to innovate and deliver new data security products in the future.
The company’s products are available for purchase via four subscription editions to its RSC platform, which are as follows:
Foundation Edition: The company keeps data secure and recoverable from cyberattacks and operational failures.
Business Edition: The company builds upon Foundation Edition by proactively monitoring for ransomware.
Enterprise Edition: The company builds upon Business Edition by continuously monitoring data risk and orchestrating cyber recovery.
Enterprise Proactive Edition: The company builds upon Enterprise Edition by adding data security posture management.
The company’s commercial offerings are accompanied by customer support. The company offers several support solutions and capabilities that enhance the value proposition of its software and SaaS solutions:
SentryAI: SentryAI is the company’s proprietary AI deep learning-based platform for system health monitoring, allowing it to deliver proactive customer service throughout the entire customer lifecycle. The company’s platform uses AI to detect anomalous behavior from telemetry data from its customers. Data analyzed includes performance, security and SLA compliance, and capacity utilization. SentryAI is included within its base support offering.
Customer Experience Manager, or CEM: The company offers dedicated customer experience managers to proactively monitor the health of its customers’ environments, preemptively detect and resolve emerging issues, including those related to cybersecurity, deliver operational risk management, and recommend strategies for ROI scaling and maximization.
Premium-Plus Add-on Support: The company’s program provides a CEM and an Assigned Support Engineer, or ASE, for personalized, technical support. The company’s dedicated teams develop an in-depth understanding of its customers’ unique environment requirements, collaborate closely with its customers’ operation teams, and provide a direct path to accelerate resolution times.
Ransomware Recovery Team: The company’s 24x7 Ransomware Recovery Team assists and complements its customers’ recovery plans.
Education: The company offers Rubrik University, which includes instructor-led training with hands-on labs, on-demand e-learning courses, and certification exams. Education capabilities are targeted at different types of users and delivery modalities to suit end-customer needs. The company has instructor-led training and self-paced on-demand courses.
Certification Program: The company’s certification program enables technical personnel to demonstrate and validate in-depth knowledge of data security by becoming a Rubrik Certified Systems Administrator.
As of February 26, 2025, the company achieved an average Net Promoter Score, or NPS, of >80. The company’s NPS is verified by the Customer Relationship Management Institute LLC.
Technology
The company has designed a highly differentiated and innovative architecture that consists of the following elements:
Time-Series Data and Metadata: The company’s architecture combines data and metadata from business applications to create self-describing data as a time series. Self-describing data is important, since it contains information, such as application context, user identity, data sensitivity, and application lineage, allowing the company to understand emergent data threats and deliver cyber recovery. In addition, the company has constructed a proprietary framework to uniformly represent this time-series data and metadata from enterprise, cloud, and SaaS applications. Since the company has a common way to represent data across a multitude of application sources, it can easily introduce new products on top of its platform.
Zero Trust Design: The company employs Zero Trust principles to prevent threats at the data layer. The company’s usage of native immutability, secure protocols, logical air gap, encryption, role-based access controls, multi-factor authentication, and native services allows it to preserve data integrity and reduce software supply chain risk.
Native Immutability: The company’s platform was custom-designed to provide built-in immutability and preserve data integrity. The company’s proprietary, append-only file system, combined with data integrity checks, protects data from unauthorized modification, encryption, or deletion, thereby preventing data from being compromised.
Secure Protocols: The company architected its platform to allow data access only in an authenticated manner and via secure protocols. Contrast this approach to that of legacy technologies, which offer multi-tier architectures with a full trust security model leveraging insecure network and storage protocols, thereby leaving data vulnerable to corruption, deletion, or theft.
Logical Air Gap: Data is protected by creating a multi-layered barrier between data and malicious actors. Logical processes, such as encryption, hashing, and granular role-based access controls, prevent data from being modified, deleted, or stolen. The company’s immutable, append-only file system also contributes to establishing a logical air gap by preventing data from being manipulated once written.
Native Services: The company’s platform provides robust built-in functionality with native services. The company does not provide privileged access to third-party applications, thereby reducing the risk of software supply chain attacks.
Threat Engine: The company’s threat engine uses machine learning and threat intelligence to analyze its time-series data and metadata, detecting anomalies, encryption, content sensitivity, and malware. The company can identify the initial point, scope, and time of attack to avoid malware reinfection during recovery.
Automation: Core to the company’s design ethos is automation. To secure data at scale and with consistency, the company’s platform is architected to deliver automated end-to-end policy management, orchestration of security incident response, and API integrations.
Policy Automation: The company’s fully orchestrated policy engine simplifies how data security objectives are created, enforced, and managed. By providing simplicity and automation in securing data, organizations easily deliver a consistent and uniform data security posture.
Integration with Security Operations: The company’s solutions integrate with security tools, such as SIEM/SOAR and cloud security, to address a critical gap: security risks and threats at the data layer. Existing security tools pull in data from every corner of the infrastructure (network, applications, endpoints, etc.), but not from the data itself. By integrating continuous monitoring of data and user context, SecOps teams accelerate risk mitigation, incident response, and business resiliency.
API Integration: The company’s API-first design means that any operation performed via Rubrik’s UI is performed through multi-factor authenticated APIs. The company offers an extensive collection of pre-built integrations that allow customers to leverage its APIs to integrate data security and data policy management into self-service automation, infrastructure as code, centralized monitoring, log management, and security operations.
Go-to-Market Strategy
The company primarily sells subscriptions to RSC through its global sales team and partner network. The company targets the largest organizations worldwide to mid-sized organizations. The company sells to smaller customers through a high-velocity engagement model driven by its inside sales team.
The company utilizes a land and expand approach, acquiring new customers and expanding with existing customers. The company sells its products through subscriptions to RSC editions and can land in four distinct ways by securing enterprise, unstructured data, cloud, and SaaS applications. After the initial purchase, the company’s customers often expand the deployment of its platform within their organization. Expansion happens along three vectors: the growth of data from applications already secured by Rubrik; new applications secured; and additional data security products.
The company’s sales organization includes sales development, inside sales, sales engineering, and field sales personnel, and is segmented both geographically and by the size of prospective customers.
The company sells its subscriptions to customers through its Channel Partners utilizing a two-tier, indirect fulfillment model. The company also offers SaaS products through the marketplaces of its technology alliance partners, including GCP, Azure, and AWS.
The company leverages a mix of outbound marketing tactics, such as industry conferences, user events, webinars, and digital programs, to target new business, as well as support its upsell and cross-sell efforts. Every year, the company organizes its user conference, Rubrik Forward, to help its customers realize greater business results through data security.
Partnerships
The company’s partnerships consist of Channel Partners, system integrators, managed service providers, and technology partners. The company’s partner program is designed to maximize technology expertise, technology alliances, and geographic coverage. The company’s Rubrik Transform Partner Program is a global program that manages its business relationships with its partners.
The company’s partners help expand the reach of its technology by building brand and product awareness, generating leads, implementing its solutions, providing value-added professional services, and reselling its services. On occasion, the company may form deeper strategic relationships, such as its partnership with Microsoft that extends from driving go-to-market activities to co-engineering projects to delivering integrated Zero Trust Data Security products built on Azure.
Manufacturing
The company relies on a limited number of contract manufacturers, including Super Micro Computer, Inc., or Supermicro, to assemble, test, and load the company’s software onto Supermicro servers to deliver Rubrik-branded commodity servers, or Rubrik-branded Appliances, which the customer enterprise data relies upon.
Competition
The company’s main competitors fall into data management and protection vendors, such as Commvault, Dell EMC, IBM, Veeam, and Cohesity (which recently acquired Veritas’ data protection business).
Intellectual Property
As of January 31, 2025, the company had 326 issued U.S. patents and patents in various non-U.S. jurisdictions, 237 patent applications pending in the United States, and 5 patent applications pending in various non-U.S. jurisdictions. The company’s issued patents, as of January 31, 2025, expire between April 30, 2034, and August 8, 2043. As of January 31, 2025, the company had 12 registered trademarks in the United States, three trademark applications pending in the United States, 19 registered trademarks in various non-U.S. jurisdictions, and four trademark applications pending in various non-U.S. jurisdictions.
History
The company was founded in 2013. It was incorporated in 2013. The company was formerly known as Scaledata, Inc. and changed its name to Rubrik, Inc. in October 2014.
