Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Read the report
Try Varonis free.

Get a detailed data risk report based on your company’s data. Deploys in minutes.

Featured collections
speed-data:-the-importance-of-data-privacy-with-jordan-mcclintick
Speed Data: The Importance of Data Privacy With Jordan McClintick
Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. talks about how his law degree helps him in his current role in data privacy.
varonis-in-the-cloud:-building-a-secure-and-scalable-data-security-platform
Varonis in the Cloud: Building a Secure and Scalable Data Security Platform
How we built our cloud-native SaaS platform for scalability and security—without taking any shortcuts.
how-the-moveit-vulnerability-impacts-federal-government-agencies
How the MOVEit Vulnerability Impacts Federal Government Agencies
Our latest State of Cybercrime episode examines the MOVEit vulnerability and its impact on victims, including federal government agencies.
what’s-new-in-varonis:-june-2023
What’s new in Varonis: June 2023
This month brings more cloud security features to help you better govern your SaaS and IaaS security posture.
See all articles
speed-data:-the-importance-of-data-privacy-with-jordan-mcclintick
Speed Data: The Importance of Data Privacy With Jordan McClintick
Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. talks about how his law degree helps him in his current role in data privacy.
how-the-moveit-vulnerability-impacts-federal-government-agencies
How the MOVEit Vulnerability Impacts Federal Government Agencies
Our latest State of Cybercrime episode examines the MOVEit vulnerability and its impact on victims, including federal government agencies.
10-tips-to-pay-back-your-salesforce-technical-debt
10 Tips to Pay Back Your Salesforce Technical Debt
Learn best practices for managing and analyzing permissions in Salesforce and how the need for quick solutions can put your organizations data at risk.
speed-data:-ciso-leadership-tips-with-pat-benoit
Speed Data: CISO Leadership Tips With Pat Benoit
Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”
See all Data Security
imposter-syndrome:-ui-bug-in-visual-studio-lets-attackers-impersonate-publishers
Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system
ghost-sites:-stealing-data-from-deactivated-salesforce-communities
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
hardbit-2.0-ransomware
HardBit 2.0 Ransomware
HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023.
neo4jection:-secrets,-data,-and-cloud-exploits
Neo4jection: Secrets, Data, and Cloud Exploits
With the continuous rise of graph databases, especially Neo4j, we're seeing increased discussions among security researchers about issues found in those databases. However, given our experience with graph databases ― from designing complex and scalable solutions with graph databases to attacking them ― we've noticed a gap between public conversations and our security researchers' knowledge of those systems.
See all Threat Research
varonis-in-the-cloud:-building-a-secure-and-scalable-data-security-platform
Varonis in the Cloud: Building a Secure and Scalable Data Security Platform
How we built our cloud-native SaaS platform for scalability and security—without taking any shortcuts.
what’s-new-in-varonis:-june-2023
What’s new in Varonis: June 2023
This month brings more cloud security features to help you better govern your SaaS and IaaS security posture.
what's-new-in-varonis:-may-2023
What's New in Varonis: May 2023
Check out the new features that help security teams automatically enforce least privilege and uniformly apply sensitivity labels across their hybrid cloud and on-prem environments.
varonis-launches-third-party-app-risk-management
Varonis Launches Third-Party App Risk Management
Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
See all Varonis Products
what-automation-means-for-cybersecurity—and-your-business
What Automation Means For Cybersecurity—And Your Business
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
how-varonis'-approach-to-sspm-helps-your-company
How Varonis' approach to SSPM helps your company
Adopt a data-first approach with Varonis' SSPM, securing SaaS apps & reducing risk. Learn how you can get better visibility, automation, and protection.
what-is-idor-(insecure-direct-object-reference)?
What is IDOR (Insecure Direct Object Reference)? - Varonis
Insecure Direct Object References (IDOR) are common, potentially devastating vulnerabilities resulting from broken access control in web applications.
change-these-7-security-settings-after-creating-a-new-aws-account
AWS Security Best Practices for a New Account
Use these seven AWS security best practices for simple configuration changes on a new AWS account.
See all Cloud Security
speed-data:-the-commoditization-of-cybercrime-with-matt-radolec
Speed Data: The Commoditization of Cybercrime With Matt Radolec
Matt Radolec at Varonis discusses the future of cybersecurity, the rise of ransomware-as-a-service (RaaS), and what security risks keep him up at night.
four-must-know-cyber-tips-for-your-business
Four Must-Know Cyber Tips for Your Business
The real story behind today’s breaches is never about an isolated bad decision—it’s about the many decisions made long before a sleepy network administrator gets a call from an attacker.
ryuk-ransomware:-breakdown-and-prevention-tips
Ryuk Ransomware: Breakdown and Prevention Tips
Ryuk ransomware targets large organizations and spreads with deadly speed. Learn about the strain and how to prevent your company from becoming a victim.
why-every-cybersecurity-leader-should-‘assume-breach’
Why Every Cybersecurity Leader Should ‘Assume Breach’
Any system, account or person at any time can be a potential attack vector. With such a vast attack surface, you need to assume attackers will breach at least one vector.
See all Ransomware
azure-managed-identities:-definition,-types,-benefits-+-demonstration
Azure Managed Identities: Complete Guide with Free Demonstration
Use this guide to learn about Azure managed identities: What they are, how many types there are, and what benefits they offer, plus how they work.
group-policy-objects-(gpos):-how-they-work-&-configuration-steps
Group Policy Objects (GPOs): How They Work & Configuration Steps
Group Policy Objects (GPOs) let system admins control and implement cybersecurity measures from a single location. Learn about GPOs and how they work here.
12-group-policy-best-practices:-settings-and-tips-for-admins
12 Group Policy Best Practices: Settings and Tips for Admins | Varonis
Group Policy configures settings, behavior, and privileges for user and computers. In this article, you’ll learn best practices when working with Group Policy.
securing-azure-blob-storage:-set-up-guide
Securing Azure Blob Storage: Set-Up Guide | Varonis
Security is vital in today’s cloud-first environment. Cloud services are often enabled to solve an issue quickly, but no one goes back to verify if security best practices have been…
See all Active Directory
meta's-$1.3b-fine:-what-can-happen-if-you-don’t-monitor-your-pii
Meta's $1.3B Fine: What can Happen if you Don’t Monitor Your PII
Continuous discovery and data monitoring critical to identify misplaced PII.
hipaa-compliance:-your-complete-2023-checklist
HIPAA Compliance: Your Complete 2023 Checklist
Is your organization ready to comply with 2023 HIPAA updates and changes? Ensure HIPAA compliance with your comprehensive 2023 checklist.
australian-privacy-act-2022-updates
Australian Privacy Act 2022 Updates
A series of stunning data breaches in 2022 has prompted lawmakers to begin making changes to the 1988 Australian Privacy Act in the form of the new Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022.
the-12-pci-dss-requirements:-4.0-compliance-checklist
The 12 PCI DSS Requirements: 4.0 Compliance Checklist
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) is right around the corner. Prepare with our PCI DSS compliance checklist.
See all Privacy & Compliance
We're Varonis.
Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.