Commvault CEO: The ‘Channel Is Front And Center For Us As A Business’

‘We are not only investing in making sure that our relationships are where they need to be, but also on the technology side to make sure we’re technically engaged and doing all the right things for customers,’ Commvault CEO Sanjay Mirchandani tells CRN.

Data protection and management technology developer Commvault has in the past couple of years moved from a focus on backups to full-blown protection of not only data but the applications and environments around that data to facilitate customer resiliency.

That, in turn, has made Tinton Falls, N.J.-based Commvault ready to make data resilient and manageable for use with AI, including new AI platforms such as DeepSeek and Grok AI, said Commvault CEO Sanjay Mirchandani.

Mirchandani, in an exclusive meeting with CRN, said his company is preparing for however businesses will need to use their data.

[Related: Storage 100: The Digital Bridge Between The Cloud And On-Premises Worlds]

“We’ll meet our customers where they are,” he said. “If any or all of those LLMs or models or platforms become mainstream for customers, we will absolutely support them. We already support just about every storage product there is. We support every cloud there is. We support just about every workload there is because we have to meet our customers where they are.”

Commvault in the past year has made a couple of strategic acquisitions that have armed it with the technology needed to make that claim, including Clumio, which provides the ability to manage data at massive scale, and Appranix, which provides the ability to discover and recover not only data but applications, Mirchandani said.

“We’re going to see a lot of innovation at a different scale, and as the technology gets more efficient and more accessible we’re going to be right there with our customers,” he said. “But in the meantime, the non-negotiables—large data sets, algorithms to manage large data sets, approaches to bring them back to life, vector databases, where they store the data, the logic—we’re doing a lot of work in that space.”

Mirchandani also discussed the impacts of rival Rubrik’s recent IPO, rival Cohesity’s acquisition of Veritas, and potential impacts of the new U.S. presidential administration. He also commented on what he called a record third fiscal quarter 2025, with revenue up 21 percent, annual recurring revenue up 20 percent to 21 percent, and subscription business up 39 percent, leading the company to increase its full-year revenue growth guidance to 17 percent, up from its earlier guidance of 8 percent.

There’s a lot going on with Commvault and with data management and AI. Here is more of CRN’s conversation with Mirchandani.

Fund manager hand writing increasing graph to screen monitor. Investment and analysis stock concept.

Commvault had a great third fiscal quarter 2025. What were the highlights?

It was the best quarter of our company’s history, across the board. Twenty-one percent growth on the revenue line in constant currency. Our ARR [annual recurring revenue] grew 20 [percent] to 21 percent. Our subscription business grew 39 percent. Our SaaS business grew north of 71 percent. … In addition, it was a quarter where just about everything came together well for us. And our cyber resilience platform, Commvault Cloud, is finally getting the respect it deserves in the sense that customers understand the capabilities and understand what we’re adding by way of innovation into it. There’s a good tailwind from the fact that cyber resilience is a thing.

What was behind the record quarter?

It’s one of these things where your strategy, the market and your execution come together. If you look at the market, there’s no respite in ransomware attacks or cyber breaches or cyberattacks. That’s just gone up and up and up. And customers understand they need a platform that keeps them not only safe but also brings them back. And for us, it’s all about recovery. That’s what our platform does. So No. 1, we’re solving our customers’ problems, and for the last year or two we’ve been really getting the word out on the need to go beyond backup to resilience. No. 2, I honestly believe, and I’m highly biased, but I believe and I think the analysts believe, that our platform is an industry leader by way of innovation, what we’re building by way of getting customers prepared for an attack, being able to recover from an attack, rinse, repeat. So in good times and bad times you know exactly what to do. Our innovations like Cleanroom Recovery, like Active Directory backup, are all capabilities customers can use to get more and more resilient as they mature in that journey. And the third is execution. I think the last time we talked, we were constantly making adjustments, making sure we’re focused, making sure we’re prioritizing, putting resources where they matter, all of that.

How much of Commvault’s success comes from the channel side?

Channel is absolutely front and center for us as a business. We are not only investing in making sure that our relationships are where they need to be, but also on the technology side to make sure we’re technically engaged and doing all the right things for customers. If you think about cyber resilience in the connected world, it spans backup protection and data recovery. Now we’re doing application recovery, the cloud-native world, multiple clouds. And then there’s the business side of resilience, meaning is a customer compliant? Different types of partners work with us to make sure customers actually use the technology to deliver resilience. So there’s the technology elements of it, and there’s the business elements of it, and we’re engaging across the board.

OK, so a record third fiscal quarter 2025. Does Commvault expect a record full fiscal year 2025?

Well, we’ve beaten and raised guidance three times this quarter.

In 2024, we saw a couple of major data protection and management space events: Rubrik closed its IPO and Cohesity acquired Veritas. Do these signify a significant change in this business given those two companies’ early focus on cyber resilience as opposed to traditional data protection?

I think there’s more data security than they would say they were doing. So one thing is, there’s one less competitor. But with the consolidation, it also brings a lot more attention to the business. We’ve been a ‘Lone Ranger’ for a long time, since 2006. It’s good to see Rubrik in the public market. And the paint is still wet on the [Cohesity-Veritas] merger. So we’ll see how they do. There’s a lot of work in front of them. I’ve been on both sides of mergers, so yes, there’s a lot of work to do. But the moves really bring attention to the sector, and I think to our approach to data protection and cyber resilience, both connected or hybrid. We separate ourselves from the pack around the hybrid multi-cloud world. Customers that we talk to are definitely hybrid, and they’re definitely now multi-cloud or becoming multi-cloud, and we’re the only seamless platform that allows customers to start in the cloud and come into the software cycle or seamlessly attach the on-premises world to the SaaS world. We’re not alone now. It’s nice to see Rubrik in the public market. I hope they do well. I think [Cohesity CEO Sanjay] Poonen has his work cut out for him on getting those two companies together and building on the strategy they can take to customers. There’s a lot of work for him to do. But we’re focused on winning.

Do you have any big strategic plans for calendar 2025?

Well, without getting ahead of ourselves, because for us at the end of this quarter we will be in fiscal year 2026, we’re not giving any projections into 2026. But strategically, I think we are continuing to change the dynamics of resilience. We were the data guys. We always said we made data protection and data recovery look easy for customers because that’s what we did. Over the past year and half, we were the ones saying to really bring customers back to life in a connected world, it has to go past the data to include the applications, the IT environments, the configurations. We did it initially through our acquisition of Appranix where cloud-native applications can be not only discovered, but configurations and data can all be used from a recovery point of view. So we extended our reach beyond data into applications.

Now we’re saying one size doesn’t fit all. As you go into AI, into large data sets, into massive scale, the technology and the approaches to apply to those problems, to solve those problems and protect those environments, are very different than, say, dealing with Kubernetes three years ago. And so we acquired Clumio four months ago. Clumio brings us intellectual property that allows you to do massive scale changes, such as versioning in AWS S3 to go back with billions of objects after a catastrophic event or human error, a data breach, to snap back to a point in time and bring it exactly back to where it was. It’s a quicker, cheaper, faster approach to traditional resilience.

To sum it up, first we’re going beyond data to applications, configurations, environments, all of that. And second, we’re focusing on large data sets, AI-type data sets, and making sure that the technology we’re building truly gives customers usable, cost-effective, fast, predictable capabilities in that world as it evolves.

Technology artificial intelligence digital ai hand concept on cyber future business tech science innovation futuristic network strategy background virtual data communication learning assistant search. As you look at the AI environment, what are some things that Commvault and Clumio can do to make data either more accessible or more safe?

First and foremost, we as a company have always been known for our ability to do large-scale data applications. That’s how we built our reputation. We’re a massively scalable architecture. And what we’ve been doing is really twofold. One is, we think of AI in two buckets. One is using AI in our technology to enable customers to recover better and be more resilient. And so a lot of our new work has been historically and continues to be focused on using AI, machine learning, newer technologies, to make predictable recovery points, scan for threats, look at anomaly detection, those kinds of things that allows data to be trusted. On the other side, when you look at the large emerging space of AI applications, there’s different approaches as [Monday’s DeepSeek AI news] showed us. There will be different approaches as this amazing technology set grows. What we’re doing is making sure that we can protect large data sets. So regardless of which approach it is, the data is going to be growing. It’s going to be massive. It’s going to be at a scale that we’ve never seen from sources that are diverse. And everything we’ve learned in protecting data, policy, sanctity, dominance of the data, all comes into play here.

In addition, we’re doing all the fundamentals. I mean, we just announced a whole bunch of support for vector databases, and all the underpinnings, if you would, of the componentry of an AI app. So we’ve got to get all that right. Plus look at the immersive logic of bringing it all together for customers. And Clumio, just as a sidebar, does some of that data set management at massive scale. We’re going to take some of that IP and mainstream it into our overall capabilities. We’re both a consumer of AI within our products to deliver a better product to our customers, and able to have massive data play to our strengths to make sure we can help customers govern, be compliant, and be secure across these emerging data sets.

Does the emergence of the new DeepSeek AI platform, or something like Twitter’s Grok AI, change the way a company like Commvault approaches AI?

We’ll meet our customers where they are. If any or all of those LLMs or models or platforms become mainstream for customers, we will absolutely support them. We already support just about every storage product there is. We support every cloud there is. We support just about every workload there is because we have to meet our customers where they are. It’s still early days in some cases. We’re going to see a lot of innovation at a different scale, and as the technology gets more efficient and more accessible, we’re going to be right there with our customers. But in the meantime, the non-negotiables—large data sets, algorithms to manage large data sets, approaches to bring them back to life, vector databases, where they store the data, the logic—we’re doing a lot of work in that space. We’ve seen it before. Kubernetes apps, as an example. As Kubernetes apps grew, there was a whole new way of managing and protecting those apps, and we were always a step ahead of our customers. Same thing with AI. It’s exciting.

A big change in 2025 is a new U.S. presidential administration with new federal spending priorities. How big is Commvault’s federal business, and how do you see that being impacted by executive orders or other things the new administration has said it’s been working on?

For us, the public sector has been a consistent performer. It’s one where in pretty much every market that we operate is a contributor to our revenue. And public sector is not a place where we’re going to suddenly do something different. There’s a more steady state thinking approach. We have a federal team in the U.S. Our product, most importantly, is FedRAMP High-certified. It’s a government security standard they measure technology against. ‘High’ is the highest standard, as I understand it. And our competitors are nowhere in the mix. That is a badge of honor in a sense that it allows federal government agencies to be able to procure our technology knowing that it meets the technical bar. So it’s a good business for us. It’s one where we have consistent performance, and we don’t look at it as changing one way or the other.

So you’re not seeing any big changes from the change in administration?

In the past week? No.

Going forward?

If we see it, we’re going to be all over it. We do have the right technologies. And I honestly believe that regardless of administration, the focus on resilience and companies to be able to survive and come back and in the face of a breach is important. That’s not going to change. That ship has sailed. So we’re just making sure we keep America secure.

Close