Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Read the report
Try Varonis free.

Get a detailed data risk report based on your company’s data. Deploys in minutes.

Featured collections
imposter-syndrome:-ui-bug-in-visual-studio-lets-attackers-impersonate-publishers
Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system
how-to-deal-with-sensitive-data-in-salesforce:-a-guide-to-data-classification
How to Deal With Sensitive Data in Salesforce: A Guide to Data Classification
Salesforce Ben and the Varonis team up to discuss Salesforce data classification best practices.
ghost-sites:-stealing-data-from-deactivated-salesforce-communities
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
speed-data:-featuring-pat-benoit,-global-ciso-for-brinks,-inc.
Speed Data: Featuring Pat Benoit, Global CISO for Brinks, Inc.
Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”
See all articles
speed-data:-featuring-pat-benoit,-global-ciso-for-brinks,-inc.
Speed Data: Featuring Pat Benoit, Global CISO for Brinks, Inc.
Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”
what-automation-means-for-cybersecurity—and-your-business
What Automation Means For Cybersecurity—And Your Business
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
data-security-posture-management-(dspm):-best-practices-guide-for-cisos
Data Security Posture Management (DSPM): Best Practices Guide for CISOs
Master Data Security Posture Management (DSPM) best practices with our CISOs' guide. Learn to select the right tool, maintain compliance, and prevent data breaches.
your-guide-to-the-2023-rsa-conference
Your Guide to the 2023 RSA Conference
Varonis has compiled the top RSAC sessions you won’t want to miss. Follow our handy agenda to take advantage of everything RSAC 2023 has to offer.
See all Data Security
imposter-syndrome:-ui-bug-in-visual-studio-lets-attackers-impersonate-publishers
Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system
ghost-sites:-stealing-data-from-deactivated-salesforce-communities
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
hardbit-2.0-ransomware
HardBit 2.0 Ransomware
HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023.
neo4jection:-secrets,-data,-and-cloud-exploits
Neo4jection: Secrets, Data, and Cloud Exploits
With the continuous rise of graph databases, especially Neo4j, we're seeing increased discussions among security researchers about issues found in those databases. However, given our experience with graph databases ― from designing complex and scalable solutions with graph databases to attacking them ― we've noticed a gap between public conversations and our security researchers' knowledge of those systems.
See all Threat Research
what's-new-in-varonis:-may-2023
What's New in Varonis: May 2023
Check out the new features that help security teams automatically enforce least privilege and uniformly apply sensitivity labels across their hybrid cloud and on-prem environments.
varonis-launches-third-party-app-risk-management
Varonis Launches Third-Party App Risk Management
Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
varonis-opens-australia-data-centre-to-support-saas-customers
Varonis Opens Australia Data Centre to Support SaaS Customers
Australian expansion allows Varonis customers to achieve automated data security outcomes while following national standards for data privacy.
how-varonis-saves-salesforce-admins-hours-in-their-day
How Varonis Saves Salesforce Admins Hours in Their Day
Varonis provides industry leading Salesforce management and permission implications capabilities to help save Salesforce admins hours in their day.
See all Varonis Products
what-automation-means-for-cybersecurity—and-your-business
What Automation Means For Cybersecurity—And Your Business
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
how-varonis'-approach-to-sspm-helps-your-company
How Varonis' approach to SSPM helps your company
Adopt a data-first approach with Varonis' SSPM, securing SaaS apps & reducing risk. Learn how you can get better visibility, automation, and protection.
what-is-idor-(insecure-direct-object-reference)?
What is IDOR (Insecure Direct Object Reference)? - Varonis
Insecure Direct Object References (IDOR) are common, potentially devastating vulnerabilities resulting from broken access control in web applications.
change-these-7-security-settings-after-creating-a-new-aws-account
AWS Security Best Practices for a New Account
Use these seven AWS security best practices for simple configuration changes on a new AWS account.
See all Cloud Security
four-must-know-cyber-tips-for-your-business
Four Must-Know Cyber Tips for Your Business
The real story behind today’s breaches is never about an isolated bad decision—it’s about the many decisions made long before a sleepy network administrator gets a call from an attacker.
ryuk-ransomware:-breakdown-and-prevention-tips
Ryuk Ransomware: Breakdown and Prevention Tips
Ryuk ransomware targets large organizations and spreads with deadly speed. Learn about the strain and how to prevent your company from becoming a victim.
why-every-cybersecurity-leader-should-‘assume-breach’
Why Every Cybersecurity Leader Should ‘Assume Breach’
Any system, account or person at any time can be a potential attack vector. With such a vast attack surface, you need to assume attackers will breach at least one vector.
bad-rabbit-ransomware
Bad Rabbit Ransomware
Bad Rabbit is a ransomware strain that spread via hacked websites, infected systems via a fake Adobe installer and held encrypted files for Bitcoin.
See all Ransomware
azure-managed-identities:-definition,-types,-benefits-+-demonstration
Azure Managed Identities: Complete Guide with Free Demonstration
Use this guide to learn about Azure managed identities: What they are, how many types there are, and what benefits they offer, plus how they work.
group-policy-objects-(gpos):-how-they-work-&-configuration-steps
Group Policy Objects (GPOs): How They Work & Configuration Steps
Group Policy Objects (GPOs) let system admins control and implement cybersecurity measures from a single location. Learn about GPOs and how they work here.
12-group-policy-best-practices:-settings-and-tips-for-admins
12 Group Policy Best Practices: Settings and Tips for Admins | Varonis
Group Policy configures settings, behavior, and privileges for user and computers. In this article, you’ll learn best practices when working with Group Policy.
securing-azure-blob-storage:-set-up-guide
Securing Azure Blob Storage: Set-Up Guide | Varonis
Security is vital in today’s cloud-first environment. Cloud services are often enabled to solve an issue quickly, but no one goes back to verify if security best practices have been…
See all Active Directory
meta's-$1.3b-fine:-what-can-happen-if-you-don’t-monitor-your-pii
Meta's $1.3B Fine: What can Happen if you Don’t Monitor Your PII
Continuous discovery and data monitoring critical to identify misplaced PII.
hipaa-compliance:-your-complete-2023-checklist
HIPAA Compliance: Your Complete 2023 Checklist
Is your organization ready to comply with 2023 HIPAA updates and changes? Ensure HIPAA compliance with your comprehensive 2023 checklist.
australian-privacy-act-2022-updates
Australian Privacy Act 2022 Updates
A series of stunning data breaches in 2022 has prompted lawmakers to begin making changes to the 1988 Australian Privacy Act in the form of the new Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022.
the-12-pci-dss-requirements:-4.0-compliance-checklist
The 12 PCI DSS Requirements: 4.0 Compliance Checklist
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) is right around the corner. Prepare with our PCI DSS compliance checklist.
See all Privacy & Compliance
We're Varonis.
Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.