From Backup to AI Trust: What Veeam Announced at VeeamON New York and Why It Matters
VeeamON 2026 in New York City was less a user conference and more a reintroduction. Over three days, Veeam launched a new platform built from its Securiti AI acquisition, previewed a major release of its core data platform, and published a governance framework exposing how few enterprises can actually prove the AI readiness they claim to have. Each announcement pointed in the same direction: Veeam is repositioning as a trust infrastructure company, and this week was the opening argument.
The headline product is the Veeam DataAI Command Platform, launched on 13 May. It is the first commercial outcome of Veeam's acquisition of Securiti AI, ranked first in GigaOm's 2026 Radar for Data Security Posture Management, combined with Veeam's own resilience capability. CEO Anand Eswaran set out the strategic premise plainly: "The infrastructure to deploy AI exists. The infrastructure to trust it doesn't." The platform is Veeam's answer to that gap.
A platform built for autonomous agents
The DataAI Command Platform is designed for an enterprise environment in which AI agents now outnumber human employees 82 to 1, and where 97% of those agents, according to data cited by Veeam, carry excessive access privileges. At that scale and speed, traditional perimeter security cannot keep up. Veeam's argument is that the control point has shifted: security must now be enforced at the data itself.
The platform is built around six capabilities. At its core is the DataAI Command Graph, an intelligence engine connected to more than 300 systems across cloud, SaaS, and on-premises environments. It maps not just what data exists, but which specific files are sensitive, who can access them, and which changes have created risk. Critically, it covers both live production data and backup data simultaneously, a cross-domain view that existing point solutions do not provide.
DataAI Security brings together data security posture management and identity intelligence in a single view. DataAI Governance enforces access at the data source, meaning a rogue or unsanctioned agent cannot reach sensitive data, regardless of how fast it operates. The distinction matters: runtime detection approaches depend on catching a threat in motion; source-level governance removes the dependency on detection speed entirely. DataAI Compliance maps against more than 100 regulatory frameworks, including GDPR, HIPAA, DORA, and the EU AI Act, generating audit-ready evidence for boards and regulators. DataAI Privacy automates real-time policy enforcement across hybrid and multi-cloud environments using a People Data Graph that unifies structured and unstructured personal data. DataAI Precision Resilience uses the platform's detailed data intelligence to recover by pinpointing what went wrong and undoing it, rather than restoring the entire system from scratch.
Two resilience products were also previewed at VeeamON New York: Veeam Intelligence ResOps for Microsoft 365, which brings the platform's intelligence to enterprise Microsoft 365 environments, and the DataAI Resilience Module, which allows existing Veeam Data Platform customers to access the new platform's capabilities without migrating their environments.
Platform v13.1 raises the security floor
On 15 May, Veeam previewed Veeam Data Platform v13.1, due for general availability in early Q3 2026. The release carries more than 70 new features across three areas.
Modernisation flexibility is addressed through portable protection across unlimited hypervisors, with OpenShift Virtualization the headline addition. Enterprises managing mixed virtualisation environments can protect workloads across all of them without rebuilding their setup. Identity resilience is addressed through Active Directory Forest Recovery, targeting one of the most damaging scenarios a security team faces: a ransomware attack that takes down the organisation's core identity infrastructure.
Recovery from AD Forest compromise has historically been one of the most time-consuming incidents in enterprise security, and its inclusion here reflects how consistently attackers have gone after identity as the primary vector rather than the consolation prize. Security depth is extended through post-quantum cryptography, expanded threat scanning across AWS, Azure, NAS, and Microsoft 365, and hybrid FIPS support. Storage costs are reduced through NAS archiving and lower long-term retention rates.
The DataAI Resilience Module, delivered alongside v13.1, provides a single management view across data protection, security posture, and recovery readiness. It includes natural language querying, automated ticket management, and predictive capacity planning, and allows operators to check whether any workload is protected and act on the answer instantly. Rehan Jalil, President of Products and Technology at Veeam, described the problem it solves. "Fragmented data tools from security to governance and operations reduce visibility, add overhead, and leave unseen gaps," he said. "We're making resilience operations more powerful and intelligent so organisations can recover clean and fast."
Research that exposes how wide the gap actually is
The third announcement was the Data and AI Trust Maturity Model, developed with Emerald Research Group from interviews with 300 senior technology and business leaders.
The central finding is a confidence gap with real consequences. Eighty percent of executives say they can scale AI safely over the next two years. Only one in three say they could produce the audit evidence to prove it right now. Nearly half admit their confidence is based more on intuition than demonstrable proof. Underneath that: 52% of organisations have scaled back AI initiatives in the past 18 months, four in ten have experienced delays, and 28% have abandoned AI programmes entirely.
The model evaluates AI readiness across 12 dimensions organised into four pillars: Understood, covering visibility across data and AI assets; Secured, covering identity, access, and data protection controls; Resilient, covering recovery and operational continuity; and Unleashed, covering the data readiness needed to support responsible AI development. Organisations are mapped against five stages from ad hoc to leading. The assessment is delivered by Veeam specialists and produces a scored profile, a peer benchmark, and a prioritised roadmap. Krista Case, Principal Analyst at theCUBE Research, grounded the model in a specific and measurable risk. "Fewer than a third of organisations are backing up even half of their AI-generated data," she said. "Attackers are going straight after the data layer through inference, corruption, poisoning, and exfiltration."
What the announcements add up to, and what comes next
The DataAI Command Platform is available now. Veeam Data Platform v13.1 and the DataAI Resilience Module reach general availability in early Q3 2026, meaning the full picture of what Veeam announced in New York will not be testable by customers until the second half of the year. The Data and AI Trust Maturity Assessment is currently available to VeeamON attendees, with global rollout scheduled for later in 2026 and partner-led delivery to follow.
That sequencing is worth noting. Veeam has made a category creation claim, positioning the DataAI Command Platform as the missing layer in enterprise AI infrastructure. That claim is credible on paper: combining the market-leading resilience platform with the top-ranked DSPM tool, and connecting both to backup data as well as live data, produces a capability set that neither Veeam alone nor Securiti AI alone could offer. Competitors moving in adjacent directions, including Rubrik and Cohesity on the resilience side and established security platforms building toward data governance, have not yet assembled the same combination under one graph.
What Veeam now has to demonstrate is adoption velocity. Category creation in enterprise infrastructure only holds if customers consolidate toward the platform rather than continuing to manage resilience and data security as separate problems, as most still do today. The maturity model is smart positioning in that regard: it surfaces the gap, benchmarks the organisation against peers, and hands Veeam a conversation with the board before a procurement decision is ever made. Whether that conversation converts into platform consolidation at scale is what VeeamON London and Sydney, and the months that follow, will begin to answer.
