CybersecurityHardwareM&AEntrepreneurship

Why Object First Is Best for Veeam

Tech Field Day
Tech Field DayMar 26, 2026

Why It Matters

By embedding Object First’s absolute‑immutability technology, Veeam can offer customers a ransomware‑resilient backup stack, turning a common point of failure into a competitive security differentiator.

Key Takeaways

  • Object First provides absolute immutability using S3 object lock.
  • Ransomware attacks often compromise backup storage, not backup software.
  • Zero‑trust data resilience segments backup software from immutable storage.
  • Object First’s appliance sets up in under 15 minutes, simplifying security.
  • Veeam acquisition integrates Object First into portfolio for enhanced protection.

Summary

The video explains why Object First’s storage solution is positioned as the optimal backup target for Veeam customers, especially after Veeam’s recent acquisition of the startup. Founded by Veeam’s own co‑founders, Object First was built to address a glaring weakness: ransomware actors routinely breach backup storage, leaving otherwise functional Veeam backup‑and‑replication software unable to restore data. By delivering truly immutable storage, the company aims to make Veeam’s data protection stack ransomware‑proof. Key insights include hard data points – 96% of ransomware incidents target backup storage and only about half of affected firms can recover within a week. Object First proposes a “zero‑trust data resilience” framework that extends classic zero‑trust principles to backup environments. The approach rests on three pillars: native S3 object‑lock with compliance mode, zero‑time‑to‑immutability that writes data directly to immutable storage, and a dedicated physical appliance that isolates storage from the hypervisor layer. The presenter highlights several concrete examples: the S3 object‑lock feature cannot be disabled once enabled, ensuring “absolute immutability”; the “eight‑eyes validation” process requires two parties on each side to authenticate any support action; and third‑party penetration tests are publicly published. These details illustrate how Object First eliminates the administrative loopholes that traditional DIY S3 or direct‑attached storage solutions expose. For Veeam users, the integration promises faster, more reliable recovery, reduced operational overhead, and a clear security advantage in an environment where ransomware threats are escalating. The 15‑minute deployment and automatic firmware updates further lower the barrier to adopting a hardened backup storage tier, potentially setting a new industry baseline for immutable, zero‑trust data protection.

Original Description

Object First was founded with the specific mission of creating a backup storage solution that is ransomware proof. The company focuses on addressing the primary vulnerability in data protection: the storage target. Since 96% of ransomware attacks target backup data to prevent recovery, Object First provides an intentionally hardened, immutable storage appliance designed specifically for Veeam Backup & Replication. As of January 2026 Object First has been officially acquired by Veeam, integrating their technology directly into the Veeam portfolio.
The presentation introduces the concept of Zero Trust Data Resilience (ZTDR), which applies zero-trust principles specifically to the backup ecosystem. This framework emphasizes three core pillars: segmenting backup software from storage to minimize the blast radius of an attack, creating multiple resilient zones for data copies, and utilizing absolute immutability. Unlike standard immutable storage that can often be bypassed by administrative overrides or governance modes, absolute immutability ensures that once data is written, it cannot be altered or deleted by anyone, including the customer or the vendor, until the set retention period expires. This is achieved through the strict enforcement of S3 Object Lock in compliance mode and a hardware-integrated security layer.
Object First offers a physical appliance that is designed to be secure, simple, and powerful. The device can be racked and configured in under 15 minutes because it limits user privileges by default, reducing the human attack surface and preventing accidental or malicious configuration changes. Security is further bolstered by eight-eyes validation for support and regular third-party penetration testing. On the performance side, the appliance leverages Veeam’s Smart Object Storage API to provide high-speed ingest and rapid recovery features like Instant VM Recovery. By focusing solely on being the best storage target for Veeam, Object First eliminates the trade-offs between security and performance found in DIY or general-purpose storage solutions.
Presented by Anthony Cusimano, Director of Solution Marketing. Recorded live at Tech Field Day Extra at RSAC 2026 in San Francisco on March 23, 2026. Watch the entire presentation at https://techfieldday.com/appearance/object-first-presents-at-tech-field-day-extra-at-rsac-2026/ or visit https://techfieldday.com/event/rsac2026/ or https://ObjectFirst.com/ for more information.

Comments

Want to join the conversation?

Loading comments...