| CPC G06F 21/565 (2013.01) [G06F 11/1435 (2013.01); G06F 11/1469 (2013.01); G06F 16/156 (2019.01); G06F 21/53 (2013.01); G06F 21/56 (2013.01); G06F 21/568 (2013.01); G06F 2201/84 (2013.01); G06F 2221/032 (2013.01); G06F 2221/034 (2013.01)] | 18 Claims |
|
1. A method, comprising:
identifying, in respective snapshot chains for respective computing objects of a plurality of computing objects, a most recent, non-infected snapshot, wherein the identifying comprises mounting snapshots in the respective snapshot chains and determining whether the mounted snapshots are infected by malware, and wherein a first computing object of the plurality of computing objects is a first virtual machine, a first file system, a first database, or a first network attached storage system, and a second computing object of the plurality of computing objects is a second virtual machine, a second file system, a second database, or a second network attached storage system;
displaying a graphical user interface showing:
at least a portion of the respective snapshot chains, wherein the respective snapshot chains are represented as one or more individual snapshots, and wherein a representation of an individual snapshot indicates whether the individual snapshot is infected with malware, and
across the respective snapshot chains, a cut line delineating infected snapshots from non-infected snapshots, wherein snapshots above the cut line are restricted from being recovered;
receiving a command to recover, for the respective computing objects, non-infected data; and
recovering, in response to the command, for the respective computing objects, a non-infected snapshot from the respective snapshot chains in accordance with the cut line.
|