Commvault has announced a collaboration with CloudSEK to address the growing issue of exposed credentials that are increasingly found on dark web marketplaces and forums.

The integration is designed to strengthen enterprise defences against identity-based cyberattacks, which are seeing a sharp rise due to the proliferation of stolen credentials and the adoption of automated, AI-powered attack methods.

The partnership incorporates CloudSEK’s dark web credential intelligence directly into Commvault’s Active Directory Vulnerability Assessments and Advanced Audit and Anomaly Detection offerings.

By fusing external data on credential exposure with internal identity telemetry, enterprises gain the capacity to detect compromised accounts early in the attack cycle. This enables prompt actions such as disabling, locking, or resetting at-risk credentials and rolling back unauthorised changes within Active Directory environments before attackers can escalate privileges or execute ransomware attacks.

Current industry data highlights the urgency of these measures, with over 24 billion stolen credentials circulating across underground channels, according to the joint statement by the two companies.

Recent trends show the time between credential exposure and malicious exploitation has compressed from months to mere hours as attackers leverage automated and agent-driven techniques. In 2024 alone, 107 billion identity records have reportedly been exposed worldwide, and last year 57% of cyberattacks began with a compromised identity.

Through this integration, vulnerabilities detected across internal systems, public sources, and dark web channels are automatically scored and prioritised. The platform provides security teams with specific remediation guidance, allowing resources to be concentrated on the most critical issues and reducing manual effort associated with incident response.

“In today’s AI-driven threat landscape, partnerships are critical to closing the gap between external intelligence and internal action,” said, AVP – Partnerships at

CloudSEK partnerships assistant vice president (AVP) Nivya Ravi said: “By embedding CloudSEK’s predictive threat intelligence into enterprise security workflows, we enable organisations to act on exposed credentials and identity risks before attackers can operationalise them. This is about shifting from reactive detection to proactive disruption.”

Commvault intends to make the CloudSEK integration available at no extra cost to customers using its Active Directory Vulnerability Assessments and Advanced Audit and Anomaly Detection solutions later this summer. For organisations seeking expanded capability, an upgrade path to the full suite of CloudSEK solutions will also be provided.

Commvault chief technology and AI officer Pranay Ahlawat said: “By integrating CloudSEK’s external exposure threat intelligence with Commvault’s Active Directory protection capabilities, we’re expanding customers’ ability to uncover hidden identity risks earlier and neutralise identity-based threats before they escalate – critical as attacks become more AI-driven and agentic.”

In a parallel update to its portfolio, Commvault has revealed planned support for Okta within its Identity Resilience suite.

As hybrid cloud architectures, SaaS deployments, and automated workflows become standard across enterprises, identity systems have emerged as essential control points for securing organisational operations. However, these systems are now frequent targets for disruption, whether through misconfiguration or targeted attacks.

Disruptions in identity provider platforms like Okta can quickly lead to widespread access issues. Users may be locked out of applications, authentication processes may fail, and business operations can be interrupted, which can potentially cause immediate productivity loss and direct impact on revenue.

Many organisations currently rely on manual processes to restore affected identity environments, introducing greater operational risk and prolonging downtime during incidents.

Commvault’s new offerings for Okta focus on automating protection and recovery procedures. The solution features policy-driven backups of critical objects such as users, groups, applications and policies within Okta.

With granular restoration capabilities, organisations can recover only altered or deleted items at specific points in time without restoring the entire environment. This approach minimises disruption while maintaining operational continuity.

Backups are maintained in immutable storage isolated from production systems to reduce exposure to ransomware attacks or unauthorised changes.

The company has outlined that early access for Okta support will launch in spring 2026, with general availability anticipated by summer 2026. The product will be delivered globally as part of Commvault’s Cloud Identity Resilience suite on a per-user pricing model.