All Posts
Varonis Enhances Salesforce Security With High-Risk Permissions Remediation
Sep 17, 2024
Identify and automatically remediate high-risk Salesforce permissions to reduce risk and improve your SaaS security posture.
Data Theft in Salesforce: Manipulating Public Links
Sep 16, 2024
Varonis Threat Labs uncovered a vulnerability in Salesforce's public link feature that threat actors could exploit to retrieve sensitive data.
Speed Data: Military Information Security With Mike Taylor
Sep 12, 2024
Mike Taylor, the Hospital Ship Joint Task Director at the U.S. Department of Defense, shares his responsibilities in securing the USNS Mercy and USNS Comfort and challenges the conventional views of military ships.
Speed Data: Unpacking Gen AI With Yohan Kim
Sep 09, 2024
Yohan Kim, Distinguished Security Technical Architect for Salesforce, gives insight into AI functionality and customer sentiments on Varonis' Speed Data show.
Data Security in the Cloud: Key Use Cases for DSPM
Sep 06, 2024
Discover the key use cases for data security posture management (DSPM) and why this framework is only one part of a holistic data security approach.
Protecting Salesforce: Remediating Misconfigured Sites
Sep 05, 2024
Varonis enables organizations to identify and remediate misconfigured Salesforce Site guest permissions that expose sensitive data publicly.
What The New SEC Cyber Disclosure Guidelines Mean For Your Business
Aug 29, 2024
Discover the challenges the new SEC cybersecurity guidelines present for your CISO and learn tips on how to handle them at your organization.
What’s New in Varonis: August 2024
Aug 28, 2024
Learn more about Varonis’ new AI data classification, EDR integrations, MDDR executive dashboard, Azure permissions analysis, and more.
AWS Misconfigurations Lead to Exposed Data
Aug 22, 2024
Discover how a recent data extortion campaign exposed sensitive files in thousands of AWS environments and what you can do to prevent it from happening to you.
Speed Data: Pentesting and Proactive Threat Hunting With Tim Callahan
Aug 21, 2024
Aflac CISO Tim Callahan shares his favorite aspects of cybersecurity and what challenges him the most.
The EU AI Act: What it is and Why it’s Important
Aug 16, 2024
An overview of the world’s first comprehensive AI regulation, its compliance requirements, and how to prevent penalties of up to €35 million ($38 million).
Varonis Announces Integrations With SentinelOne and Microsoft Defender for Endpoint
Aug 07, 2024
Varonis now integrates with leading EDR providers Microsoft Defender for Endpoint and SentinelOne, expanding our MDDR visibility to customers’ endpoints.
Varonis Announces AI-Powered Data Discovery and Classification
Aug 06, 2024
Varonis' new LLM-driven data scanning gives customers a deeper business context with unmatched precision and scale.
What's New in Varonis: July 2024
Jul 25, 2024
Learn more about Varonis’ New NoSQL database support and expanded Salesforce exposure remediations.
Speed Data: AWS, Gen AI, and SecDataOps With Jonathan Rau
Jul 22, 2024
The VP and Distinguished Engineer at Query explains what most organizations get wrong about cloud security.
CrowdStrike Blue Screen Recovery Steps
Jul 19, 2024
Updates and recovery steps for the Windows blue screen of death (BSOD) issue currently affecting devices and VMs running CrowdStrike Falcon Sensor.
The Power and Peril of RMM Tools
Jul 18, 2024
Discover real-world examples of remote monitoring and management (RMM) tool exploits and how to protect your organization from these attacks.
Varonis Accelerates the Secure Adoption of Microsoft Copilot for Microsoft 365
Jul 09, 2024
Varonis and Microsoft forged a new strategic collaboration to help organizations safely harness one of the most powerful productivity tools on the planet — Microsoft Copilot for Microsoft 365.
Speed Data: Tips for Safeguarding Sensitive Data With Jon Densmore
Jul 09, 2024
Jon Densmore, the CISO for First Mutual Holding Company, shares the best way to prepare for a breach.
Salesforce Einstein Copilot: Boosting Productivity With a Focus on Security
Jul 03, 2024
AI tools like Salesforce Einstein Copilot can improve efficiency, but also increase risk. Check out these tips on preparing for a Copilot rollout.
OpenSSH 'RegreSSHion' RCE Vulnerability
Jul 02, 2024
A critical vulnerability in OpenSSH's server, dubbed 'regreSSHion,' raises the risk of remote code execution with root privileges.
Why Your Org Needs a Copilot Security Scan Before Deploying AI Tools
Jun 28, 2024
Assessing your security posture before deploying gen AI tools like Copilot for Microsoft 365 is a crucial first step.
Varonis Achieves "In Process" Status for FedRAMP® Authorization
Jun 27, 2024
Varonis announces "in process" status for FedRAMP® authorization, continuing to provide robust data security solutions for agencies and public-sector organizations nationwide.
Integrate Data-Centric Insights Into Your Security Workflows Using Webhooks
Jun 27, 2024
Use webhooks to easily integrate Varonis’ unique, data-centric insights into your security stack to consolidate monitoring and enhance security workflows.
What’s new in Varonis: June 2024
Jun 27, 2024
This month, we released new updates designed to help you accelerate security workflows, automate your DSPM efforts, and manage shadow databases.
Speed Data: The (Non)Malicious Insider With Rachel Beard
Jun 26, 2024
Salesforce's Rachel Beard discusses why insider threats may not always have ill intentions and why security in the CRM is crucial.
Protecting Salesforce: Preventing Public Link Creation
Jun 25, 2024
Identify and prevent the creation of Salesforce public links and reduce your blast radius with Varonis.
Cloud Security Essentials: The Case for Automated DSPM
Jun 21, 2024
Data security posture management (DSPM) has emerged as a standard for securing sensitive data in the cloud and other environments. However, without automation, DSPM doesn’t stand a chance. Automation is crucial to overcoming the challenges of securing data in the cloud.
Varonis’ Expands Database Support to Amazon Redshift
Jun 12, 2024
Varonis for AWS now supports Amazon Redshift, enabling organizations to ensure their critical data warehouses are secure.
Varonis Adds Automated Remediation for AWS to Industry-Leading DSPM Capabilities
Jun 12, 2024
New automation remediates public exposure and removes stale users, roles, and access keys in AWS, cementing Varonis as the only Data Security Platform with active DSPM capabilities.
Discover Shadow Databases With Varonis’ Industry-Leading DSPM
Jun 12, 2024
Varonis now enables organizations to close significant security gaps by discovering and remediating “shadow” databases across AWS environments.
Speed Data: Why Your Team is Your Greatest Cybersecurity Tool With Terry Inns
Jun 11, 2024
The Group Director of Operations Support for Jacobs shares his insights based on years of experience in the field.
A Practical Guide to Safely Deploying Gen AI
Jun 06, 2024
Varonis and Jeff Pollard, Forrester Security and Risk Analyst, share insights into how to securely integrate generative AI into your organization.
Varonis Recognized as Gartner’s Customers’ Choice in DSPM
Jun 05, 2024
Varonis leads the DSPM market with more reviews than any other vendor, more verified five-star ratings, and the highest overall product score.
Targeted Campaign Against Snowflake Customers: What You Need to Know
Jun 04, 2024
Recent data breaches of prominent Snowflake cloud customers highlight the risks of compromised cloud storage accounts.
What is Data Security Posture Management (DSPM)?
May 31, 2024
Learn what data security posture management (DSPM) is and isn't, why it’s important, how it works, and how to evaluate DSPM solutions.
How to Prevent Your First AI Data Breach
May 30, 2024
Learn how the broad use of gen AI copilots will inevitably increase data breaches, which Varonis' Matt Radolec shared in an RSA Conference 2024 Keynote session.
What's New in Varonis: May 2024
May 30, 2024
Varonis brings a UI refresh, easier policy management, expanded automated remediation capabilities in AWS, automation rollback, and privacy automation.
Speed Data: Exploring the Virtual CISO Role With Robert Blythe
May 29, 2024
Bob Blythe talks about the virtual CISO market, gen AI, and where the future of tech is headed.
How Varonis Helps Schools Secure Data
May 24, 2024
K–12 schools, school districts, and universities rely on Varonis to combat threat actors, prevent breaches, and continuously improve their data security posture.
Varonis Leaders Shine as CRN’s Women of the Channel
May 15, 2024
The leading source for channel news honored three Varonis team members.
Speed Data: Developing ‘Security as a Service’ With Alexis Bonnell
May 14, 2024
Alexis Bonnell, CIO for the U.S. Air Force Research Laboratory, shares her thoughts on the relationship between knowledge and AI.
The Future of Cloud Data Security: Doing More With DSPM
May 09, 2024
Learn what you need to be aware of when evaluating a DSPM solution, why IaaS automation is crucial, and how you can prepare your org for the future of DSPM.
Introducing Varonis for Microsoft 365 Copilot
May 07, 2024
Varonis for Microsoft 365 Copilot is the industry's first purpose-built cybersecurity solution to secure Microsoft’s AI-powered productivity tool before and after deployment.
Dropbox Sign Data Breach: What You Need to Know
May 03, 2024
Dropbox Sign's recent data breach highlights how non-human identities are driving more profound breaches.
Data Classification Buyer's Guide: How To Choose a Data Classification Solution
Apr 30, 2024
Understand the different data classification offerings available, why traditional efforts fail, and what top 5 elements to consider when choosing a vendor.
What's New in Varonis: April 2024
Apr 30, 2024
Learn more about Varonis for Microsoft 365 Copilot, new security posture reporting, and more about our new MDDR service.
Speed Data: Security Leaders, Salesforce, and Social Consciousness With Doug Merrett
Apr 23, 2024
Doug Merrett of Platinum7 shares his thoughts on the importance of education, philanthropy, and realistic expectations in the tech world.
Is Microsoft Copilot Worth the Investment?
Apr 18, 2024
Is Microsoft Copilot worth the investment? Varonis experts weigh in on the ROI of the powerful generative AI tool based on Forrester Research's latest study.
Stop Configuration Drift With Varonis
Apr 16, 2024
Stop configuration drift in your environment with Varonis' automated data security posture management platform.
Palo Alto Networks PAN-OS Zero-Day Active Exploit: What You Need to Know
Apr 12, 2024
Palo Alto Networks issued a warning on April 12, 2024, that a critical, unpatched vulnerability in their PAN-OS firewall is being actively exploited.
Sisense Data Breach: What You Need to Know
Apr 11, 2024
The U.S. Cybersecurity and Infrastructure Agency (CISA) issued an alert this week warning Sisense customers of a data breach. Here's what you need to know.
Ensuring Data Integrity in the Age of AI: How State and Local Governments Can Protect Their Data
Apr 09, 2024
Varonis Field CTO Brian Vecci chats about enhancing digital integrity for state and local governments in the age of AI.
Speed Data: Combating the Cybersecurity Skills Shortage With Bryan Chnowski
Apr 09, 2024
Bryan Chnowski, Deputy CISO for Nuvance Health, explains why one of the most significant cybersecurity risks on the horizon is the shortage of workers.
Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection
Apr 09, 2024
Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.
XZ Backdoor: Supply Chain Jump Scare
Apr 05, 2024
While the XZ backdoor is scary, most companies learned from SolarWinds
Know Before You Go: Your Guide to RSAC 2024
Apr 03, 2024
Discover what sessions, events, and activities should be added to your RSA Conference 2024 agenda.
Speed Data: The Benefits of Simplicity With Mark Bruns
Mar 29, 2024
CISO Mark Burns shares cybersecurity knowledge amassed over 25 years, the pros and cons of gen AI, how to protect data, and why compromise is key.
What's New in Varonis: March 2024
Mar 28, 2024
Varonis unveiled updates designed to help you detect and investigate threats, improve your Salesforce and Azure security posture, and streamline your data discovery requests.
What is Managed Data Detection and Response (MDDR)?
Mar 26, 2024
XDR and MDR offerings are threat-focused and leave you data-blind. Varonis MDDR helps mitigate complex threats to your most valuable asset: data.
Increased Threat Activity Targeting Ivanti Vulnerabilities
Mar 20, 2024
A recent surge in activity targeting Ivanti Connect Secure (ICS) involves chaining two vulnerabilities that give threat actors the ability to execute arbitrary commands remotely.
6 Prompts You Don't Want Employees Putting in Copilot
Mar 15, 2024
Discover what simple prompts could expose your company’s sensitive data in Microsoft Copilot.
Generative AI Security: Preparing for Salesforce Einstein Copilot
Mar 12, 2024
See how Salesforce Einstein Copilot’s security model works and the risks you must mitigate to ensure a safe and secure rollout.
DSPM Buyer's Guide: How to Choose a DSPM Solution
Mar 11, 2024
Understand the different types of DSPM solutions, avoid common pitfalls, and ask questions to ensure you purchase a data security solution that meets your unique requirements.
Speed Data: Preparing for the Unknown in Cybersecurity With Ian Hill
Mar 11, 2024
Ian Hill, the Director of Information and Cybersecurity for Upp Telecommunications, offers his take on AI and the future of tech, shares his tricks for a good cyber defense, and explains why the best-laid plans of mice and security professionals often go astray.
Understanding and Applying the Shared Responsibility Model at Your Organization
Mar 07, 2024
To avoid significant security gaps and risks to sensitive data, organizations need to understand the shared responsibility model used by many SaaS providers.
Varonis MDDR: Industry's First Managed Data Detection and Response Offering
Mar 05, 2024
Varonis MDDR introduces a new 24x7x365 threat detection and response service built to stop data breaches.
Speed Data: Film, Foodies, and the Future of Tech With David Ulloa
Feb 27, 2024
Dr. David Ulloa, Chief Security Information Officer at IMC Companies, shares the best line of defense against a sophisticated threat actor.
What’s New in Varonis: Feb 2024
Feb 26, 2024
Improve your data security posture management efforts with this month's updates to the Varonis Data Security Platform.
Varonis joins Marsh McLennan Agency’s Cyber Resiliency Network
Feb 20, 2024
Varonis is teaming up with Marsh McLennan Agency. Together, we'll help organizations improve their cyber resilience with industry-leading DSPM solutions.
Security Vulnerabilities in Apex Code Could Leak Salesforce Data
Feb 20, 2024
Varonis' threat researchers identified high- and critical-severity vulnerabilities in Apex, a programming language for customizing Salesforce instances.
DSPM Report Highlights Risks That Lead to Significant Data Breaches
Feb 14, 2024
Varonis' new DSPM report reveals that typical companies are widening their blast radius by oversharing permissions, excess ghost users, lack of MFA, and more.
Speed Data: Thinking From a Cyberattacker's Perspective With Dalal Alharthi
Feb 13, 2024
Dr. Dalal Alharthi talks about the importance of organizations anticipating a breach and seeing the world through the eyes of an attacker.
Behind the Varonis Rebrand
Feb 12, 2024
Discover the strategy behind Varonis' rebrand that involved a full transition to a hero archetype and the introduction of Protector 22814.
Automatically Remove Salesforce Public Links with Varonis
Feb 06, 2024
Varonis’ least privilege automation capabilities now remove public Salesforce links automatically.
Varonis Delivers Market-leading Salesforce Security
Feb 06, 2024
Varonis delivers market-leading Salesforce security
Speed Data: Hiring the Right Cybersecurity Professionals With Leah McLean
Feb 01, 2024
Cofounder of the nonprofit Whole Cyber Human Initiative, Leah McLean, shares her advice for recruiting teams looking for cybersecurity superstars and why it’s so important for women to have representation in tech.
What’s new in Varonis: Jan 2024
Jan 31, 2024
This month brings you a fresh set of updates designed to improve your cybersecurity journey.
Varonis Introduces Universal Classification Support for Databases
Jan 30, 2024
Integrate Varonis with virtually any network-connected database to discover and classify sensitive data at scale with pinpoint accuracy.
Varonis Expands Coverage to Help Secure Critical Snowflake Data
Jan 24, 2024
Varonis extends DSPM coverage to Snowflake, providing enhanced visibility and data security for critical Snowflake data.
Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes
Jan 18, 2024
Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords.
Speed Data: When Lives Depend on Strong Security With John Mason
Jan 18, 2024
Tempo Technology Services' John Mason shares why strong cybersecurity in healthcare is so critical and how organizations can combat malicious actors.
Varonis Named a Leader in GigaOm’s 2023 Radar Report for Data Security Platforms
Jan 12, 2024
Varonis is proud to be named a Leader in GigaOm’s first-ever Radar Report for Data Security Platforms.
Speed Data: The Principles of GRC With Hannah DeWane
Jan 04, 2024
Hannah DeWane at Varonis shares her day-to-day world of security audits and the wonderful world of risk management.
2024 Cybersecurity Trends: What You Need to Know
Dec 26, 2023
Learn more about data security posture management, AI security risks, compliance changes, and more to prepare your 2024 cybersecurity strategy.
What’s new in Varonis: December 2023
Dec 19, 2023
This month brings you several new features to help security teams manage and secure their critical cloud data.
Straight From the CISO: Top Tips for Today's Cybersecurity Leaders
Dec 14, 2023
We’ve gained massive insight from our conversations with CISOs and other cybersecurity leaders. Now, we're passing along their wisdom to you.
Varonis Joins Salesforce AppExchange
Dec 14, 2023
The Varonis Data Security Platform can now be found on the Salesforce AppExchange
Navigating the Complex Landscape of Data Protection in the Federal Sector
Dec 13, 2023
Varonis' Justin Wilkins and Trevor Brenn highlight the importance of data security for the federal sector, the risks of gen AI, and more.
Is Your Org Ready for Microsoft Copilot?
Dec 12, 2023
Enjoy this step-by-step guide showing you how to deploy generative AI tools safely with Varonis.
Varonis Expands DSPM Capabilities with Deeper Azure and AWS Support
Dec 05, 2023
Varonis is expanding its IaaS coverage to AWS databases and Azure Blob Storage, strengthening the CSPM and DSPM pillars of our Data Security Platform.
Speed Data: The Next Generation of Cybersecurity With Mark Weber
Nov 21, 2023
Executive in Residence for the Catholic University of America Mark Weber shares tips for mentoring future cybersecurity professionals.
How Varonis Helps With Email Security
Nov 20, 2023
Discover how you can proactively reduce your email attack surface, stop data exfiltration, and curb gen AI risk with accurate and automated email security.
Varonis Introduces Athena AI to Transform Data Security and Incident Response
Nov 14, 2023
Using Athena AI, the new gen AI layer for Varonis, natural language, customers can conduct in-depth security investigations and analyses more efficiently.
Varonis Leads DSPM Market on Gartner Peer Insights
Nov 09, 2023
As a leader in data security, Varonis is proud to be rated No. 1 in Gartner’s Data Security Posture Management category.
What's New in Varonis: November 2023
Nov 07, 2023
This month, Varonis’ Data Security Platform gets new features for accelerating investigations, improving your email security posture, and enabling Zero Trust in hybrid environments.
Speed Data: Fusing Empathy and Enterprise With Illena Armstrong
Nov 06, 2023
Illena Armstrong shares her advice for future executives, discusses the importance of teamwork, and explains why empathy is powerful for leaders.
AI at Work: Three Steps to Prepare and Protect Your Business
Oct 31, 2023
Discover how your business can prepare and protect your sensitive data from the risks that generative AI presents.
DSPM vs. CSPM Solutions: Bridging Data and Cloud Security With Varonis
Oct 27, 2023
Explore the essential roles of DSPM and CSPM solutions, and see how Varonis uniquely enables you to bridge the gap between cloud and data security.
Speed Data: The Importance of Asking for Help With Michelle Griffey
Oct 24, 2023
Michelle Griffey, Chief Risk Officer for Communisis, shares the importance of asking for help and how the widespread adoption of AI is a good and bad thing.
What is a Data Risk Assessment and Why You Should Take One
Oct 23, 2023
Conducting a Data Risk Assessment can help your organization map its sensitive data and build out a comprehensive security strategy. Here's how to perform it.
How Varonis’ Data Risk Assessment Works
Oct 13, 2023
Explore how Varonis' free Data Risk Assessment works and what makes it the most advanced DRA in the industry. Ensure your data is protected today.
Speed Data: Behind the Scenes of Cyber Insurance Recovery With Scott Godes
Oct 11, 2023
Scott Godes, Insurance Recovery Litigator for Barnes & Thornburg LLP, chats about the importance of cyber insurance, and how data privacy has evolved.
Varonis Launches Data Center in Canada for Cloud-Native Security
Oct 11, 2023
We're excited to announce the opening of our data center in Toronto to support new customers and existing customers moving to Varonis' SaaS offering.
Cybersecurity Maturation Model Certification 2.0: How Varonis Ensures Certification for Defense Contractors
Oct 05, 2023
Varonis can help you achieve compliance and implement the Cybersecurity Maturity Model Certification 2.0 (CMMC) program to safeguard cybersecurity across the government’s DIB.
Speed Data: Why Cybersecurity is an Unceasing Progression With Siwar El Assad
Sep 27, 2023
Siwar El Assad chats about the impact of cybersecurity on modern society, the reality of breaches, and how a chance encounter led Siwar to the industry.
DSPM Deep Dive: Debunking Data Security Myths
Sep 21, 2023
DSPM is the leading acronym in cybersecurity. However, the recent buzz has cluttered the meaning of data security posture management. Let's demystify it.
Varonis Announces Salesforce Shield Integration
Sep 13, 2023
Varonis now integrates with Salesforce Shield to provide deep visibility into Salesforce and help organizations secure their mission-critical data.
Speed Data: Rethinking Traditional Cybersecurity Principles With Rick Howard
Sep 11, 2023
Rick Howard, author, journalist, and Senior Fellow at the CyberWire, chats about his new book on rebooting cybersecurity principles with Varonis' Megan Garza.
The Benefits of Threat and Data Breach Reports
Sep 08, 2023
Threat and data breach reports can help organizations manage security risks and develop mitigation strategies. Learn our three pillars of effective data protection and the benefits from these reports.
The Biggest Security Risks to Your Salesforce Org
Sep 05, 2023
Discover how Salesforce professionals and security teams can combat the most concerning risks in their environments.
Three Ways Varonis Helps You Fight Insider Threats
Sep 02, 2023
Insider threats are difficult for organizations to combat. Varonis’ modern cybersecurity answer uses the data security triad of sensitivity, access, and activity to combat threats.
Speed Data: Tackling Federal Cybersecurity Challenges With AJ Forysiak
Aug 30, 2023
Building networks with military, civilian, and intelligence community leaders is just part of AJ’s day-to-day as the Business Development Executive for the Varonis Department of Defense team.
Varonis Opens UK Data Centre to Support SaaS Customers
Aug 29, 2023
UK expansion will help Varonis customers demonstrate compliance with the U.K.’s Data Protection Act.
Rewards and Risks: Why Generative AI Security is Essential
Aug 28, 2023
Learn the most significant gains of gen AI and what security risks you should be concerned with before deploying AI tools at your org.
A CISO's First 90 Days: The Ultimate Action Plan and Advice
Aug 23, 2023
Over the last 10 years, the role of the CISO has become pretty complex. By the end of this blog you'll have a solid 90-day plan to step into a new CISO role.
Speed Data: Bringing Resiliency and Passion to Cybersecurity with Kieron Newsham
Aug 15, 2023
Kieron Newsham, Chief Technologist of Cybersecurity for Softcat, shares how his military background helps him in his role and his passion for security.
Copilot Security: Ensuring a Secure Microsoft Copilot Rollout
Aug 08, 2023
This article describes how Microsoft 365 Copilot's security model works and the risks that must be considered to ensure a safe rollout.
What’s new in Varonis: August 2023
Aug 07, 2023
This month brings you several new features to help security teams enforce Zero Trust across their cloud and on-prem environments.
How to Protect Your Cloud Environment From Today’s Top 5 Threats
Aug 04, 2023
Learn the top five cloud threats after your sensitive data and how to protect your organization from them.
SEC Cybersecurity Disclosure Requirements’ Impact on Your Business
Aug 02, 2023
New SEC regulations change how public companies disclose hacks, breaches, and cyber incidents. Here’s everything you need to know.
Is Your Data Insider-Proof? Five Steps To Keep Your Secrets Safe
Aug 02, 2023
This article explains the five steps you can take to see how prepared you are for a nefarious insider or an outside attacker that compromises an insider's account or computer.
Speed Data: The Impact of AI on Attack Vectors With Justin Michael
Jul 25, 2023
Corbin Capital Partners CTO Justin Michael discusses the hot topic of ChatGPT. Justin leads guarding sensitive data for the leading asset management firm.
Taking Microsoft Office by "Storm"
Jul 18, 2023
The “Storm-0978” ransomware group is actively exploiting an unpatched Microsoft Office and Windows HTML remote code execution vulnerability.
Building a Cloud Security Program From the Ground Up
Jul 17, 2023
There’s no one-size-fits-all approach to cloud security, but Varonis has laid out a blueprint to help guide you through the steps and start off strong.
Strengthening Resilience: Data Security vs Data Resilience Tools
Jul 13, 2023
Learn the difference between backup tools and true DSPs and what to look for when you’re choosing a DSP.
Speed Data: The Importance of Data Privacy With Jordan McClintick
Jul 10, 2023
Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. talks about how his law degree helps him in his current role in data privacy.
Varonis in the Cloud: Building a Secure and Scalable Data Security Platform
Jul 10, 2023
How we built our cloud-native SaaS platform for scalability and security—without taking any shortcuts.
How the MOVEit Vulnerability Impacts Federal Government Agencies
Jun 29, 2023
Our latest State of Cybercrime episode examines the MOVEit vulnerability and its impact on victims, including federal government agencies.
What’s new in Varonis: June 2023
Jun 28, 2023
This month brings more cloud security features to help you better govern your SaaS and IaaS security posture.
10 Tips to Pay Back Your Salesforce Technical Debt
Jun 22, 2023
Learn best practices for managing and analyzing permissions in Salesforce and how the need for quick solutions can put your organizations data at risk.
Speed Data: The Commoditization of Cybercrime With Matt Radolec
Jun 21, 2023
Matt Radolec at Varonis discusses the future of cybersecurity, the rise of ransomware-as-a-service (RaaS), and what security risks keep him up at night.
Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
Jun 07, 2023
Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system
How to Deal With Sensitive Data in Salesforce: A Guide to Data Classification
Jun 06, 2023
Salesforce Ben and the Varonis team up to discuss Salesforce data classification best practices.
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
May 31, 2023
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
Speed Data: CISO Leadership Tips With Pat Benoit
May 30, 2023
Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”
What's New in Varonis: May 2023
May 30, 2023
Check out the new features that help security teams automatically enforce least privilege and uniformly apply sensitivity labels across their hybrid cloud and on-prem environments.
Meta's $1.3B Fine: What can Happen if you Don’t Monitor Your PII
May 22, 2023
Continuous discovery and data monitoring critical to identify misplaced PII.
What Automation Means For Cybersecurity—And Your Business
May 03, 2023
This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.
Salesforce Misconfiguration Causes Sensitive Data Leaks
Apr 28, 2023
Brian Krebs recently reported that an alarming number of organizations—including banks and healthcare providers—are leaking sensitive information due to a misconfiguration in Salesforce Communities.
How Varonis' Approach to SSPM Helps Your Company
Apr 26, 2023
Adopt a data-first approach with Varonis' SSPM, securing SaaS apps and reducing risk. Learn how you can get better visibility, automation, and protection.
Varonis Launches Third-Party App Risk Management
Apr 25, 2023
Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
Data Security Posture Management (DSPM): Best Practices Guide for CISOs
Apr 19, 2023
Master Data Security Posture Management (DSPM) best practices with our CISOs' guide. Learn to select the right tool, maintain compliance, and prevent data breaches.
Your Guide to the 2023 RSA Conference
Apr 13, 2023
Varonis has compiled the top RSAC sessions you won’t want to miss. Follow our handy agenda to take advantage of everything RSAC 2023 has to offer.
Varonis Opens Australia Data Centre to Support SaaS Customers
Apr 11, 2023
Australian expansion allows Varonis customers to achieve automated data security outcomes while following national standards for data privacy.
The Exact Data Security Roadmap We've Used with 7,000+ CISOs
Apr 11, 2023
Explore the Varonis data security roadmap for modern protection, aiding 7,000+ CISOs in compliance and safeguarding valuable data.
Global Threat Trends and the Future of Incident Response
Apr 10, 2023
The Varonis Incident Response team discusses recent global threat trends and shares why proactive IR is the future of data security.
Top Cybersecurity Trends for 2023
Mar 23, 2023
We’ve pulled together top security predictions for 2023 to help you determine where you should heed caution and where you can breathe easily.
Varonis Named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023
Mar 22, 2023
Varonis Named a Leader in the Forrester Wave™: Data Security Platforms, Q1 2023, receiving the highest score in the strategy category.
A Step-By-Step Guide to California Consumer Privacy Act (CCPA) Compliance
Mar 10, 2023
CCPA Compliance: Everything you need to know about protecting user data under the California Consumer Privacy Act.
HIPAA Compliance: Your Complete 2023 Checklist
Mar 10, 2023
Is your organization ready to comply with 2023 HIPAA updates and changes? Ensure HIPAA compliance with your comprehensive 2023 checklist.
How Varonis Saves Salesforce Admins Hours in Their Day
Mar 08, 2023
Varonis provides industry leading Salesforce management and permission implications capabilities to help save Salesforce admins hours in their day.
HardBit 2.0 Ransomware
Feb 20, 2023
HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023.
Neo4jection: Secrets, Data, and Cloud Exploits
Feb 08, 2023
With the continuous rise of graph databases, especially Neo4j, we're seeing increased discussions among security researchers about issues found in those databases. However, given our experience with graph databases ― from designing complex and scalable solutions with graph databases to attacking them ― we've noticed a gap between public conversations and our security researchers' knowledge of those systems.
VMware ESXi in the Line of Ransomware Fire
Feb 07, 2023
Servers running the popular virtualization hypervisor VMware ESXi have come under attack from at least one ransomware group over the past week, likely following scanning activity to identify hosts with Open Service Location Protocol (OpenSLP) vulnerabilities.
Varonis Enhances GitHub Security Offering With Secrets Discovery and Data Classification
Feb 07, 2023
Varonis is extending our world-class data classification capabilities to discover secrets, keys, and other sensitive data embedded in your GitHub repositories and source code.
Varonis Announces Proactive Incident Response for SaaS Customers
Jan 31, 2023
Varonis offers the brightest minds in offensive and defensive security, watching your data for threats.
Introducing Automated Posture Management: Fix Cloud Security Risks with One-Click
Jan 26, 2023
Varonis launches Automated Posture Management to effortlessly fix cloud Security risks with a simple click of a button
CrossTalk and Secret Agent: Two Attack Vectors on Okta's Identity Suite
Jan 23, 2023
Varonis Threat Labs discovered and disclosed two attack vectors on Okta's identity suite: CrossTalk and Secret Agent.
Introducing Least Privilege Automation for Microsoft 365, Windows, Google Drive, and Box
Jan 17, 2023
Varonis announces least privilege automation for Microsoft 365, Google Drive, and Box.
Varonis Launches Customizable Data Security Posture Management (DSPM) Dashboard
Jan 03, 2023
Varonis introduces a new customizable DSPM dashboard to help improve data security posture management
Australian Privacy Act 2022 Updates
Dec 19, 2022
A series of stunning data breaches in 2022 has prompted lawmakers to begin making changes to the 1988 Australian Privacy Act in the form of the new Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022.
Varonis adds file analysis to cloud data classification capabilities
Dec 01, 2022
We’re excited to announce that Data Classification Cloud now includes robust file analysis for verifying classification results across your cloud environment.
Four Must-Know Cyber Tips for Your Business
Dec 01, 2022
The real story behind today’s breaches is never about an isolated bad decision—it’s about the many decisions made long before a sleepy network administrator gets a call from an attacker.
Varonis Threat Labs Discovers SQLi and Access Flaws in Zendesk
Nov 15, 2022
Varonis Threat Labs found a SQL injection vulnerability and a logical access flaw in Zendesk Explore, the reporting and analytics service in the popular customer service solution, Zendesk.
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
Oct 25, 2022
You don’t have to use Internet Explorer for its legacy to have left you vulnerable to LogCrusher and OverLog, a pair of Windows vulnerabilities discovered by the Varonis Threat Labs team.
Automate Data Security With Varonis Data-centric Insights and Cortex XSOAR
Oct 24, 2022
Discover how to leverage Varonis data risk insights with Cortex XSOAR to accelerate investigations.
What is IDOR (Insecure Direct Object Reference)?
Oct 14, 2022
Insecure Direct Object References (IDOR) are common, potentially devastating vulnerabilities resulting from broken access control in web applications.
Azure Managed Identities: Definition, Types, Benefits + Demonstration
Oct 05, 2022
Use this guide to learn about Azure managed identities: What they are, how many types there are, and what benefits they offer, plus how they work.
SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company
Oct 04, 2022
The Great SaaS Data Exposure examines the challenge CISOs face in protecting data across a growing portfolio of SaaS apps and services such as Microsoft 365.
The 12 PCI DSS Requirements: 4.0 Compliance Checklist
Oct 03, 2022
Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) is right around the corner. Prepare with our PCI DSS compliance checklist.
Varonis Adds Secrets Discovery for On-Prem and Cloud Data Stores
Sep 27, 2022
Varonis can help you scan your environments for rogue secrets exposed in files and code stored on-prem and in the cloud.
Change These 7 Security Settings After Creating a New AWS Account
Sep 16, 2022
Use these seven AWS security best practices for simple configuration changes on a new AWS account.
Fighting Golden Ticket Attacks with Privileged Attribute Certificate (PAC)
Sep 15, 2022
Learn how and why to control the Active Directory Environment state with PACRequestorEnforcement, the implications of doing so and how to detect Golden Ticket attacks happening in your network.
Compare Salesforce user permissions with ease
Sep 13, 2022
DatAdvantage Cloud now enables admins to compare two Salesforce users’ effective permissions side-by-side with a simple click of a button.
What Is a Data Leak? Definition and Prevention
Sep 09, 2022
Learn why data leaks can be devastating for companies and how you can defend against them.
What Is Zero Trust? Architecture and Security Guide
Sep 09, 2022
Zero trust is a security model that protects against both malicious insiders and external attacks that have breached your perimeter.
U.S. Privacy Laws: The Complete Guide
Sep 02, 2022
This guide breaks down the entirety of the U.S. privacy law ecosystem to help you understand the rights and obligations of citizens and businesses.
SOC 2 Compliance Definition & Checklist
Aug 26, 2022
System and Organization Controls (SOC 2) compliance requires adherence to specific guidelines. This detailed definition and checklist can get you started.
What is Mimikatz? The Beginner's Guide
Aug 26, 2022
Mimikatz is an open-source application that allows users to view and save authentication credentials like Kerberos tickets.
Anatomy of a SolidBit Ransomware Attack
Aug 22, 2022
Solidbit is a ransomware variant derived from Yashma and containing elements of LockBit. Discover how Solidbit's capabilities, execution, what file types it targets, and how to tell if you're been infected.
How to Use Wireshark: Comprehensive Tutorial + Tips
Aug 19, 2022
Learn how to use Wireshark, a widely-used network packet and analysis tool. This tutorial has everything from downloading to filters to packets.
Your Sales Data Is Mission-Critical: Are You Protecting It?
Aug 18, 2022
If you’re like many executives, you might assume your data is secure within those cloud applications. That’s a dangerous assumption, though. Cloud providers are responsible for everything that delivers their application (e.g., their data center); it’s your responsibility to protect the data inside it.
Varonis Maps Cloud Security Alerts to MITRE ATT&CK
Aug 17, 2022
In Varonis’ latest update of DatAdvantage Cloud, we’re layering MITRE ATT&CK tactics and techniques over cloud alerts to aid in faster incident response.
How to Create S3 Buckets in AWS with CloudFormation: Step-by-Step Guide
Jul 22, 2022
Use AWS CloudFormation to create resources such as S3 buckets. Infrastructure as code enables a repeatable, reliable deployment process. Learn more here.
What Is SQL Injection? Identification & Prevention Tips
Jul 22, 2022
SQL injection is a serious open web application security project (OWASP) vulnerability. Learn more about how to combat injection attacks in this article.
What Is a Privacy Impact Assessment (PIA)?
Jul 22, 2022
A privacy impact assessment (PIA) helps firms protect data. Find out about this robust approach to data loss prevention and how to implement your own PIA.
157 Cybersecurity Statistics and Trends [updated 2024]
Jul 08, 2022
These cybersecurity statistics for 2024 are grouped by category and include breaches, costs, crime type, compliance, industry-specific stats, & job outlook.
Data Lifecycle Management (DLM): Everything You Need to Know
Jul 08, 2022
Data lifecycle management (DLM) is the process of managing data from creation to deletion. In this article, we’ll cover how DLM works and why you need it.
What is the CIA Triad?
Jul 08, 2022
Learn how the CIA triad can be used to classify, secure, and protect your data.
What Is Network Access Control? Explaining NAC Solutions
Jul 07, 2022
Explore network access control (NAC), a technology aimed at giving organizations more control over who can access their network and with what permissions.
Ransomware Statistics, Data, Trends, and Facts [updated 2024]
Jul 05, 2022
Ransomware is one of the most common types of malware used in cyberattacks. Check out these comprehensive ransomware statistics, plus prevention tips.
What is SSPM? Overview + Guide to SaaS Security Posture Management
Jul 01, 2022
SaaS security posture management (SSPM) is an automated solution that helps bolster the protection of all SaaS applications used by organizations.
SOX Compliance Checklist & Audit Preparation Guide
Jun 30, 2022
The Sarbanes-Oxley Act (SOX) requires public U.S. companies meet strict reporting and security standards. Here’s what you need to know to comply with SOX.
IDS vs. IPS: What Organizations Need to Know
Jun 30, 2022
We explore IDS vs. IPS and break down the differences between the two cybersecurity systems. Read on to evaluate using them in your network.
DNS over HTTPS as a covert Command and Control channel
Jun 30, 2022
Learn how DNS over HTTPS (DoH) is being actively used as a Command and Control (C2) channel by threat actors.
What is Red Teaming? Methodology & Tools
Jun 29, 2022
Red teaming simulates real-world hacks on your organization’s data and networks and spotlight vulnerabilities that help organizations strengthen security.
What is a Security Policy? Definition, Elements, and Examples
Jun 29, 2022
A security policy is a document that spells out principles and strategies for an organization to maintain the security of its information assets.
What is Open XDR? Benefits and Security Comparisons
Jun 29, 2022
Learn all about the new open XDR solution and whether it’s the right fit for your organization’s security needs.
What is Traceroute? How It Works and How to Read Results
Jun 25, 2022
Traceroute is a tool to trace the path of an IP packet as it traverses routers locally or globally. It is primarily used for diagnostic and troubleshooting purposes.
Try Varonis free.
Deploys in minutes.