Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Read the report
Try Varonis free.

Get a detailed data risk report based on your company’s data. Deploys in minutes.

Featured collections
what's-new-in-varonis:-may-2023
What's New in Varonis: May 2023
Check out the new features that help security teams automatically enforce least privilege and uniformly apply sensitivity labels across their hybrid cloud and on-prem environments.
meta's-$1.3b-fine:-what-can-happen-if-you-don’t-monitor-your-pii
Meta's $1.3B Fine: What can Happen if you Don’t Monitor Your PII
Continuous discovery and data monitoring critical to identify misplaced PII.
what-automation-means-for-cybersecurity—and-your-business
What Automation Means For Cybersecurity—And Your Business
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
salesforce-misconfiguration-causes-sensitive-data-leaks
Salesforce Misconfiguration Causes Sensitive Data Leaks
Brian Krebs recently reported that an alarming number of organizations—including banks and healthcare providers—are leaking sensitive information due to a misconfiguration in Salesforce Communities.
See all articles
what-automation-means-for-cybersecurity—and-your-business
What Automation Means For Cybersecurity—And Your Business
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
data-security-posture-management-(dspm):-best-practices-guide-for-cisos
Data Security Posture Management (DSPM): Best Practices Guide for CISOs
Master Data Security Posture Management (DSPM) best practices with our CISOs' guide. Learn to select the right tool, maintain compliance, and prevent data breaches.
your-guide-to-the-2023-rsa-conference
Your Guide to the 2023 RSA Conference
Varonis has compiled the top RSAC sessions you won’t want to miss. Follow our handy agenda to take advantage of everything RSAC 2023 has to offer.
the-exact-data-security-roadmap-we've-used-with-7,000+-cisos
The Exact Data Security Roadmap We've Used with 7,000+ CISOs
Explore the Varonis data security roadmap for modern protection, aiding 7,000+ CISOs in compliance and safeguarding valuable data.
See all Data Security
hardbit-2.0-ransomware
HardBit 2.0 Ransomware
HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023.
neo4jection:-secrets,-data,-and-cloud-exploits
Neo4jection: Secrets, Data, and Cloud Exploits
With the continuous rise of graph databases, especially Neo4j, we're seeing increased discussions among security researchers about issues found in those databases. However, given our experience with graph databases ― from designing complex and scalable solutions with graph databases to attacking them ― we've noticed a gap between public conversations and our security researchers' knowledge of those systems.
vmware-esxi-in-the-line-of-ransomware-fire
VMware ESXi in the Line of Ransomware Fire
Servers running the popular virtualization hypervisor VMware ESXi have come under attack from at least one ransomware group over the past week, likely following scanning activity to identify hosts with Open Service Location Protocol (OpenSLP) vulnerabilities.
crosstalk-and-secret-agent:-two-attack-vectors-on-okta's-identity-suite
CrossTalk and Secret Agent: Two Attack Vectors on Okta's Identity Suite
Varonis Threat Labs discovered and disclosed two attack vectors on Okta's identity suite: CrossTalk and Secret Agent.
See all Threat Research
what's-new-in-varonis:-may-2023
What's New in Varonis: May 2023
Check out the new features that help security teams automatically enforce least privilege and uniformly apply sensitivity labels across their hybrid cloud and on-prem environments.
varonis-launches-third-party-app-risk-management
Varonis Launches Third-Party App Risk Management
Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
varonis-opens-australia-data-centre-to-support-saas-customers
Varonis Opens Australia Data Centre to Support SaaS Customers
Australian expansion allows Varonis customers to achieve automated data security outcomes while following national standards for data privacy.
how-varonis-saves-salesforce-admins-hours-in-their-day
How Varonis Saves Salesforce Admins Hours in Their Day
Varonis provides industry leading Salesforce management and permission implications capabilities to help save Salesforce admins hours in their day.
See all Varonis Products
what-automation-means-for-cybersecurity—and-your-business
What Automation Means For Cybersecurity—And Your Business
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
how-varonis'-approach-to-sspm-helps-your-company
How Varonis' approach to SSPM helps your company
Adopt a data-first approach with Varonis' SSPM, securing SaaS apps & reducing risk. Learn how you can get better visibility, automation, and protection.
what-is-idor-(insecure-direct-object-reference)?
What is IDOR (Insecure Direct Object Reference)? - Varonis
Insecure Direct Object References (IDOR) are common, potentially devastating vulnerabilities resulting from broken access control in web applications.
change-these-7-security-settings-after-creating-a-new-aws-account
AWS Security Best Practices for a New Account
Use these seven AWS security best practices for simple configuration changes on a new AWS account.
See all Cloud Security
four-must-know-cyber-tips-for-your-business
Four Must-Know Cyber Tips for Your Business
The real story behind today’s breaches is never about an isolated bad decision—it’s about the many decisions made long before a sleepy network administrator gets a call from an attacker.
ryuk-ransomware:-breakdown-and-prevention-tips
Ryuk Ransomware: Breakdown and Prevention Tips
Ryuk ransomware targets large organizations and spreads with deadly speed. Learn about the strain and how to prevent your company from becoming a victim.
why-every-cybersecurity-leader-should-‘assume-breach’
Why Every Cybersecurity Leader Should ‘Assume Breach’
Any system, account or person at any time can be a potential attack vector. With such a vast attack surface, you need to assume attackers will breach at least one vector.
bad-rabbit-ransomware
Bad Rabbit Ransomware
Bad Rabbit is a ransomware strain that spread via hacked websites, infected systems via a fake Adobe installer and held encrypted files for Bitcoin.
See all Ransomware
azure-managed-identities:-definition,-types,-benefits-+-demonstration
Azure Managed Identities: Complete Guide with Free Demonstration
Use this guide to learn about Azure managed identities: What they are, how many types there are, and what benefits they offer, plus how they work.
group-policy-objects-(gpos):-how-they-work-&-configuration-steps
Group Policy Objects (GPOs): How They Work & Configuration Steps
Group Policy Objects (GPOs) let system admins control and implement cybersecurity measures from a single location. Learn about GPOs and how they work here.
12-group-policy-best-practices:-settings-and-tips-for-admins
12 Group Policy Best Practices: Settings and Tips for Admins | Varonis
Group Policy configures settings, behavior, and privileges for user and computers. In this article, you’ll learn best practices when working with Group Policy.
securing-azure-blob-storage:-set-up-guide
Securing Azure Blob Storage: Set-Up Guide | Varonis
Security is vital in today’s cloud-first environment. Cloud services are often enabled to solve an issue quickly, but no one goes back to verify if security best practices have been…
See all Active Directory
meta's-$1.3b-fine:-what-can-happen-if-you-don’t-monitor-your-pii
Meta's $1.3B Fine: What can Happen if you Don’t Monitor Your PII
Continuous discovery and data monitoring critical to identify misplaced PII.
hipaa-compliance:-your-complete-2023-checklist
HIPAA Compliance: Your Complete 2023 Checklist
Is your organization ready to comply with 2023 HIPAA updates and changes? Ensure HIPAA compliance with your comprehensive 2023 checklist.
australian-privacy-act-2022-updates
Australian Privacy Act 2022 Updates
A series of stunning data breaches in 2022 has prompted lawmakers to begin making changes to the 1988 Australian Privacy Act in the form of the new Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022.
the-12-pci-dss-requirements:-4.0-compliance-checklist
The 12 PCI DSS Requirements: 4.0 Compliance Checklist
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) is right around the corner. Prepare with our PCI DSS compliance checklist.
See all Privacy & Compliance
We're Varonis.
Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.