Delta anomaly detection for backups of specialized directory service assets

What is claimed is: 1 . A method for managing access to file based backups (FBBs), the method comprising: generating, at a first point-in-time, a first FBB at a first point-in-time, wherein the first FBB comprises a first set of files of an asset at the first point-in-time; generating, at a second point-in-time after the first point-in-time, a second FBB at a second point-in-time, wherein the second FBB comprises a second set of files of the asset at the second point-in-time; performing an asset analysis on a first FBB metadata file associated with the first FBB and a second FBB metadata file associated with the second FBB to generate a differencing FBB metadata file, wherein the first FBB metadata file is generated using attributes of each file in the first set of files, wherein the attributes of each file in the first set of files comprise: a file identifier of each file, a container identifier of each file, a file size of each file, a hash value of file data of each file, a checksum value of the file data of each file, a header size of each file, an offset of each file, and a directory service associated with each file, and wherein the attributes are grouped into attribute regions based on a likelihood of each attribute of the attributes changing between the first FBB and the second FBB; performing an anomaly analysis on the second FBB using the differencing FBB metadata file to obtain an anomaly report, wherein the anomaly analysis includes detecting whether any encryption was performed on each file specified in the differencing FBB metadata file, whether an executable malicious entity is stored in the file, whether data of a file specified in the differencing FBB metadata file is corrupted, and whether the data is otherwise inaccessible; and performing a remediation of the second FBB based on the anomaly report. 2 . The method of claim 1 , wherein the remediation comprises: identifying a file specified in the differencing FBB metadata file that has been compromised; retrieving a previous version of the file from the first FBB. 3 . The method of claim 1 , wherein performing the anomaly analysis comprises: scanning each file specified in the FBB metadata file to determine a cyber-security state associated with each file; and specifying the cyber-security state associated with each file in the anomaly report. 4 . The method of claim 1 , wherein performing the asset analysis comprises: comparing a first hash value of a first region in the asset to a second hash value of the first region; making a determination that the first hash value and the second hash value do not match; and specifying the first region in the differencing FBB metadata file, wherein the first hash value is associated with the first FBB and the second hash value is associated with the second FBB. 5 . The method of claim 4 , wherein the asset is a specialized directory service database associated with a specialized directory service. 6 . The method of claim 5 , wherein the first region is a file in the asset. 7 . The method of claim 5 , wherein the specialized directory service comprises a set of secondary services for accessing files in the asset. 8 . The method of claim 1 , wherein the first FBB and the second FBB are stored in a backup storage system. 9 . A non-transitory computer readable medium comprising computer readable program code, which when executed by a computer processor enables the computer processor to perform a method for managing access to file based backups (FBBs), the method comprising: generating, at a first point-in-time, a first FBB at a first point-in-time, wherein the first FBB comprises a first set of files of an asset at the first point-in-time; generating, at a second point-in-time after the first point-in-time, a second FBB at a second point-in-time, wherein the second FBB comprises a second set of files of the asset at the second point-in-time; performing an asset analysis on a first FBB metadata file associated with the first FBB and a second FBB metadata file associated with the second FBB to generate a differencing FBB metadata file, wherein the first FBB metadata file is generated using attributes of each file in the first set of files, wherein the attributes of each file in the first set of files comprise: a file identifier of each file, a container identifier of each file, a file size of each file, a hash value of file data of each file, a checksum value of the file data of each file, a header size of each file, an offset of each file, and a directory service associated with each file, and wherein the attributes are grouped into attribute regions based on a likelihood of each attribute of the attributes changing between the first FBB and the second FBB; performing an anomaly analysis on the second FBB using the differencing FBB metadata file to obtain an anomaly report, wherein the anomaly analysis includes detecting whether any encryption was performed on each file specified in the differencing FBB metadata file, whether an executable malicious entity is stored in the file, whether data of a file specified in the differencing FBB metadata file is corrupted, and whether the data is otherwise inaccessible; and performing a remediation of the second FBB based on the anomaly report, wherein the remediation comprises: re-generating a backup of a file and to obtain a re-generated file; and storing the re-generated file in the second FBB. 10 . The non-transitory computer readable medium of claim 9 , wherein performing the anomaly analysis comprises: scanning each file specified in the FBB metadata file to determine a cyber-security state associated with each file; and specifying the cyber-security state associated with each file in the anomaly report. 11 . The non-transitory computer readable medium of claim 9 , wherein performing the asset analysis comprises: comparing a first hash value of a first region in the asset to a second hash value of the first region; making a determination that the first hash value and the second hash value do not match; and specifying the first region in the differencing FBB metadata file, wherein the first hash value is associated with the first FBB and the second hash value is associated with the second FBB. 12 . The non-transitory computer readable medium of claim 11 , wherein the asset is a specialized directory service database associated with a specialized directory service. 13 . The non-transitory computer readable medium of claim 12 , wherein the first region is a file in the asset. 14 . The non-transitory computer readable medium of claim 12 , wherein the specialized directory service comprises a set of secondary services for accessing files in the asset. 15 . The non-transitory computer readable medium of claim 9 , wherein the first FBB and the second FBB are stored in an on-premise backup storage system. 16 . A system comprising: a processor; and memory comprising instructions, which when executed by the processor, perform a method comprising: generating, at a first point-in-time, a first FBB at a first point-in-time, wherein the first FBB comprises a first set of files of an asset at the first point-in-time; generating, at a second point-in-time after the first point-in-time, a second FBB at a second point-in-time, wherein the second FBB comprises a second set of files of the asset at the second point-in-time; performing an asset analysis on a first FBB metadata file associated with the first FBB and a second FBB metadata file associated with the second FBB to generate a