Ransomware and malware attack protection

Is it possible to implement Coachroadh DB architecture in a way where backups are no needed as mitigation for ransomware/malware attacks? Typically with malware attacks, there is a risk that all replicated instances are impacted and the only way to recover data is through backup disks.

Are there any other mitigating factors with Cockroach DB or would backups still be the best way to mitigate impact of ransomware attacks?

Hello! Here’s an overview of the security features of CRDB.

Also, we do not recommend backups as a way to mitigate the impact of ransomware/malware attacks, as these attacks may corrupt or modify the backups.

Hi - the link you pointed to has majority of the preventive controls for securing CRDB. I’m looking for mitigating controls in case malicious user is able to get to one of the instances. Is there a way to prevent all the replicas from being corrupted, in case data is encrypted in one of replicas?

I don’t quite understand what you’re asking. Are you asking, what steps does cockroach take if a malicious user gains access your cluster? Or a node on the cluster?