Rubrik, Inc.

How does this company make money?

Customers pay a recurring subscription fee based on how many terabytes of data they have protected. Companies that want additional features — such as identity resilience tools or the ability to keep backups in air-gapped storage for longer periods — pay extra for those on top of the base subscription.

What makes this company hard to replace?

Connecting to Microsoft Active Directory and Entra ID requires deep domain controller permissions that take months to safely move to a different system. The immutable backup policies companies set up for regulatory compliance cannot simply be paused or transferred without creating a gap that may violate those requirements. On top of that, the recovery procedures built around this system get embedded in incident response plans that cyber insurance providers formally certify — meaning switching tools would require recertifying those plans from scratch.

What limits this company?

Every customer's backups need their own dedicated air-gapped hardware with cryptographic security modules. Because the immutability guarantee means nothing stored can ever be rewritten, the two standard tricks for saving storage space — compression and deduplication — are off the table. So the amount of physical storage hardware the company must provision grows in direct proportion to how many terabytes its customers protect, with no way to share infrastructure across customers to reduce that cost.

What does this company depend on?

The company cannot run without Microsoft Active Directory APIs to back up identity systems, AWS S3 Glacier and Azure Blob Storage for cloud-native immutable storage, VMware vSphere to take hypervisor-level snapshots, Okta administrative APIs to back up SaaS applications, and physical air-gapped storage appliances equipped with cryptographic hardware security modules.

Who depends on this company?

Healthcare systems running Epic and Cerner electronic health record software would lose the ability to recover patient data during a ransomware attack. Financial institutions relying on core banking platforms would be unable to restore transaction records after a cyberattack. Manufacturing companies would lose the ability to recover the PLM and ERP systems that hold their production schedules and supply chain data.

How does this company scale?

The machine learning models that scan for ransomware get better as they process data patterns from more customers, and those improvements can be rolled out across unlimited customer environments at almost no added cost. What does not get cheaper as the company grows is storage: every new customer requires dedicated air-gapped hardware with cryptographic security modules that cannot be virtualized or shared with anyone else.

What external forces can significantly affect this company?

SEC rules now require public companies to disclose serious cyber incidents within four business days, which pushes companies to invest in tools that can recover fast. GDPR and state privacy laws create financial liability for data breaches, making immutable backups a way to limit legal exposure. Meanwhile, the rise of Ransomware-as-a-Service has made attacks easier to launch and more frequent, which makes traditional backup approaches look inadequate and pushes more companies to look for stronger solutions.

Where is this company structurally vulnerable?

If an attacker managed to corrupt or spoof a backup's metadata in the brief window before the cryptographic seal locks it in, that poisoned metadata would be treated as ground truth forever after. The recovery engine would then have no way to tell which snapshots are genuinely clean and which have been silently tampered with — destroying the one thing that separates this system from ordinary backup tools that can only help after an attack is already over.