Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Read the report
Data Security Threat Research Varonis Products Cloud Security Ransomware Active Directory Privacy & Compliance
View by category
Data Security Threat Research Varonis Products Cloud Security Ransomware Active Directory Privacy & Compliance
Featured
Data Security
Varonis Named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
Avia Navickas
Avia Navickas Mar 22, 2023
Varonis Named a Leader in the Forrester Wave™: Data Security Platforms, Q1 2023, receiving the highest score in the strategy category.
Featured
Varonis Products
What’s new in Varonis: June 2023
Yumna Moazzam
Yumna Moazzam Jun 28, 2023
This month brings more cloud security features to help you better govern your SaaS and IaaS security posture.
Featured
Threat Research
Using Power Automate for Covert Data Exfiltration in Microsoft 365
Eric Saraga
Eric Saraga Feb 02, 2022
How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.
Featured
Threat Research
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
Nitay Bachrach
Nitay Bachrach May 31, 2023
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
Try Varonis free.

Get a detailed data risk report based on your company’s data. Deploys in minutes.

Get started
Featured collections
Latest articles
See all articles
speed-data:-the-importance-of-data-privacy-with-jordan-mcclintick
Speed Data: The Importance of Data Privacy With Jordan McClintick
speed-data:-the-importance-of-data-privacy-with-jordan-mcclintick
Megan Garza
July 10, 2023
Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. talks about how his law degree helps him in his current role in data privacy.
varonis-in-the-cloud:-building-a-secure-and-scalable-data-security-platform
Varonis in the Cloud: Building a Secure and Scalable Data Security Platform
varonis-in-the-cloud:-building-a-secure-and-scalable-data-security-platform
John Neystadt
July 10, 2023
How we built our cloud-native SaaS platform for scalability and security—without taking any shortcuts.
how-the-moveit-vulnerability-impacts-federal-government-agencies
How the MOVEit Vulnerability Impacts Federal Government Agencies
how-the-moveit-vulnerability-impacts-federal-government-agencies
Megan Garza
June 29, 2023
Our latest State of Cybercrime episode examines the MOVEit vulnerability and its impact on victims, including federal government agencies.
what’s-new-in-varonis:-june-2023
What’s new in Varonis: June 2023
what’s-new-in-varonis:-june-2023
Yumna Moazzam
June 28, 2023
This month brings more cloud security features to help you better govern your SaaS and IaaS security posture.
See all articles
Data Security
See all Data Security
speed-data:-the-importance-of-data-privacy-with-jordan-mcclintick
Speed Data: The Importance of Data Privacy With Jordan McClintick
speed-data:-the-importance-of-data-privacy-with-jordan-mcclintick
Megan Garza
July 10, 2023
Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. talks about how his law degree helps him in his current role in data privacy.
how-the-moveit-vulnerability-impacts-federal-government-agencies
How the MOVEit Vulnerability Impacts Federal Government Agencies
how-the-moveit-vulnerability-impacts-federal-government-agencies
Megan Garza
June 29, 2023
Our latest State of Cybercrime episode examines the MOVEit vulnerability and its impact on victims, including federal government agencies.
10-tips-to-pay-back-your-salesforce-technical-debt
10 Tips to Pay Back Your Salesforce Technical Debt
10-tips-to-pay-back-your-salesforce-technical-debt
Lexi Croisdale
June 22, 2023
Learn best practices for managing and analyzing permissions in Salesforce and how the need for quick solutions can put your organizations data at risk.
speed-data:-ciso-leadership-tips-with-pat-benoit
Speed Data: CISO Leadership Tips With Pat Benoit
speed-data:-ciso-leadership-tips-with-pat-benoit
Megan Garza
May 30, 2023
Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”
See all Data Security
Threat Research
See all Threat Research
imposter-syndrome:-ui-bug-in-visual-studio-lets-attackers-impersonate-publishers
Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
imposter-syndrome:-ui-bug-in-visual-studio-lets-attackers-impersonate-publishers
Dolev Taler
June 7, 2023
Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system
ghost-sites:-stealing-data-from-deactivated-salesforce-communities
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
ghost-sites:-stealing-data-from-deactivated-salesforce-communities
Nitay Bachrach
May 31, 2023
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
hardbit-2.0-ransomware
HardBit 2.0 Ransomware
hardbit-2.0-ransomware
Jason Hill
February 20, 2023
HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023.
neo4jection:-secrets,-data,-and-cloud-exploits
Neo4jection: Secrets, Data, and Cloud Exploits
neo4jection:-secrets,-data,-and-cloud-exploits
Nitay Bachrach
February 8, 2023
With the continuous rise of graph databases, especially Neo4j, we're seeing increased discussions among security researchers about issues found in those databases. However, given our experience with graph databases ― from designing complex and scalable solutions with graph databases to attacking them ― we've noticed a gap between public conversations and our security researchers' knowledge of those systems.
See all Threat Research
Varonis Products
See all Varonis Products
varonis-in-the-cloud:-building-a-secure-and-scalable-data-security-platform
Varonis in the Cloud: Building a Secure and Scalable Data Security Platform
varonis-in-the-cloud:-building-a-secure-and-scalable-data-security-platform
John Neystadt
July 10, 2023
How we built our cloud-native SaaS platform for scalability and security—without taking any shortcuts.
what’s-new-in-varonis:-june-2023
What’s new in Varonis: June 2023
what’s-new-in-varonis:-june-2023
Yumna Moazzam
June 28, 2023
This month brings more cloud security features to help you better govern your SaaS and IaaS security posture.
what's-new-in-varonis:-may-2023
What's New in Varonis: May 2023
what's-new-in-varonis:-may-2023
Yumna Moazzam
May 30, 2023
Check out the new features that help security teams automatically enforce least privilege and uniformly apply sensitivity labels across their hybrid cloud and on-prem environments.
varonis-launches-third-party-app-risk-management
Varonis Launches Third-Party App Risk Management
varonis-launches-third-party-app-risk-management
Nathan Coppinger
April 25, 2023
Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
See all Varonis Products
Featured videos
 
Webinar
State of Cybercrime: China's Silent Cyber Campaigns
 
Webinar
Data-First Forum: The Path to CISO
 
Video
The Varonis Data Security Platform
Cloud Security
See all Cloud Security
what-automation-means-for-cybersecurity—and-your-business
What Automation Means For Cybersecurity—And Your Business
what-automation-means-for-cybersecurity—and-your-business
Yaki Faitelson
May 3, 2023
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
how-varonis'-approach-to-sspm-helps-your-company
How Varonis' approach to SSPM helps your company
how-varonis'-approach-to-sspm-helps-your-company
Rob Sobers
April 26, 2023
Adopt a data-first approach with Varonis' SSPM, securing SaaS apps & reducing risk. Learn how you can get better visibility, automation, and protection.
what-is-idor-(insecure-direct-object-reference)?
What is IDOR (Insecure Direct Object Reference)? - Varonis
what-is-idor-(insecure-direct-object-reference)?
Robert Grimmick
October 14, 2022
Insecure Direct Object References (IDOR) are common, potentially devastating vulnerabilities resulting from broken access control in web applications.
change-these-7-security-settings-after-creating-a-new-aws-account
AWS Security Best Practices for a New Account
change-these-7-security-settings-after-creating-a-new-aws-account
Shane Waterford
September 16, 2022
Use these seven AWS security best practices for simple configuration changes on a new AWS account.
See all Cloud Security
Ransomware
See all Ransomware
speed-data:-the-commoditization-of-cybercrime-with-matt-radolec
Speed Data: The Commoditization of Cybercrime With Matt Radolec
speed-data:-the-commoditization-of-cybercrime-with-matt-radolec
Megan Garza
June 21, 2023
Matt Radolec at Varonis discusses the future of cybersecurity, the rise of ransomware-as-a-service (RaaS), and what security risks keep him up at night.
four-must-know-cyber-tips-for-your-business
Four Must-Know Cyber Tips for Your Business
four-must-know-cyber-tips-for-your-business
Yaki Faitelson
December 1, 2022
The real story behind today’s breaches is never about an isolated bad decision—it’s about the many decisions made long before a sleepy network administrator gets a call from an attacker.
ryuk-ransomware:-breakdown-and-prevention-tips
Ryuk Ransomware: Breakdown and Prevention Tips
ryuk-ransomware:-breakdown-and-prevention-tips
David Harrington
June 25, 2022
Ryuk ransomware targets large organizations and spreads with deadly speed. Learn about the strain and how to prevent your company from becoming a victim.
why-every-cybersecurity-leader-should-‘assume-breach’
Why Every Cybersecurity Leader Should ‘Assume Breach’
why-every-cybersecurity-leader-should-‘assume-breach’
Yaki Faitelson
May 16, 2022
Any system, account or person at any time can be a potential attack vector. With such a vast attack surface, you need to assume attackers will breach at least one vector.
See all Ransomware
Active Directory
See all Active Directory
azure-managed-identities:-definition,-types,-benefits-+-demonstration
Azure Managed Identities: Complete Guide with Free Demonstration
azure-managed-identities:-definition,-types,-benefits-+-demonstration
Neeraj Kumar
October 6, 2022
Use this guide to learn about Azure managed identities: What they are, how many types there are, and what benefits they offer, plus how they work.
group-policy-objects-(gpos):-how-they-work-&-configuration-steps
Group Policy Objects (GPOs): How They Work & Configuration Steps
group-policy-objects-(gpos):-how-they-work-&-configuration-steps
David Harrington
June 15, 2022
Group Policy Objects (GPOs) let system admins control and implement cybersecurity measures from a single location. Learn about GPOs and how they work here.
12-group-policy-best-practices:-settings-and-tips-for-admins
12 Group Policy Best Practices: Settings and Tips for Admins | Varonis
12-group-policy-best-practices:-settings-and-tips-for-admins
Jeff Brown
April 4, 2022
Group Policy configures settings, behavior, and privileges for user and computers. In this article, you’ll learn best practices when working with Group Policy.
securing-azure-blob-storage:-set-up-guide
Securing Azure Blob Storage: Set-Up Guide | Varonis
securing-azure-blob-storage:-set-up-guide
Jeff Brown
August 25, 2021
Security is vital in today’s cloud-first environment. Cloud services are often enabled to solve an issue quickly, but no one goes back to verify if security best practices have been…
See all Active Directory
Privacy & Compliance
See all Privacy & Compliance
meta's-$1.3b-fine:-what-can-happen-if-you-don’t-monitor-your-pii
Meta's $1.3B Fine: What can Happen if you Don’t Monitor Your PII
meta's-$1.3b-fine:-what-can-happen-if-you-don’t-monitor-your-pii
Brian Vecci
May 22, 2023
Continuous discovery and data monitoring critical to identify misplaced PII.
hipaa-compliance:-your-complete-2023-checklist
HIPAA Compliance: Your Complete 2023 Checklist
hipaa-compliance:-your-complete-2023-checklist
David Harrington
March 10, 2023
Is your organization ready to comply with 2023 HIPAA updates and changes? Ensure HIPAA compliance with your comprehensive 2023 checklist.
australian-privacy-act-2022-updates
Australian Privacy Act 2022 Updates
australian-privacy-act-2022-updates
Michael Buckbee
December 19, 2022
A series of stunning data breaches in 2022 has prompted lawmakers to begin making changes to the 1988 Australian Privacy Act in the form of the new Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022.
the-12-pci-dss-requirements:-4.0-compliance-checklist
The 12 PCI DSS Requirements: 4.0 Compliance Checklist
the-12-pci-dss-requirements:-4.0-compliance-checklist
David Harrington
October 3, 2022
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) is right around the corner. Prepare with our PCI DSS compliance checklist.
See all Privacy & Compliance
We're Varonis.
Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.  
Learn more