Varonis debuts trailblazing features for securing Salesforce. Learn More

Introducing Athena AI our new generative AI layer for the Varonis Data Security Platform.

Learn more

Blog / All Posts

All Posts

Varonis Expands DSPM Capabilities with Deeper Azure and AWS Support

Nathan Coppinger

Nathan Coppinger

Varonis is expanding its IaaS coverage to AWS databases and Azure Blob Storage, strengthening the CSPM and DSPM pillars of our Data Security Platform.

Megan Garza and Mark Weber

Speed Data: The Next Generation of Cybersecurity With Mark Weber

Megan Garza

Megan Garza

Executive in Residence for the Catholic University of America Mark Weber shares tips for mentoring future cybersecurity professionals.

Exchange Online image showing data regulations being monitored

How Varonis Helps With Email Security

Yumna Moazzam

Yumna Moazzam

Discover how you can proactively reduce your email attack surface, stop data exfiltration, and curb gen AI risk with accurate and automated email security.

Varonis Athena AI

Varonis Introduces Athena AI to Transform Data Security and Incident Response

Avia Navickas

Avia Navickas

Using Athena AI, the new gen AI layer for Varonis, natural language, customers can conduct in-depth security investigations and analyses more efficiently.

Gartner DSPM ratings for Varonis

Varonis Leads DSPM Market on Gartner Peer Insights

Avia Navickas

Avia Navickas

As a leader in data security, Varonis is proud to be rated No. 1 in Gartner’s Data Security Posture Management category.

What's New in Varonis: November 2023

Yumna Moazzam

Yumna Moazzam

This month, Varonis’ Data Security Platform gets new features for accelerating investigations, improving your email security posture, and enabling Zero Trust in hybrid environments.

Megan Garza and Illena Armstrong

Speed Data: Fusing Empathy and Enterprise With Illena Armstrong

Megan Garza

Megan Garza

Illena Armstrong shares her advice for future executives, discusses the importance of teamwork, and explains why empathy is powerful for leaders.

AI at Work with Microsoft Copilot example

AI At Work: Three Steps To Prepare And Protect Your Business

Yaki Faitelson

Yaki Faitelson

Discover how your business can prepare and protect your sensitive data from the risks that generative AI presents.

CSPM and DSPM overview

DSPM vs. CSPM Solutions: Bridging Data and Cloud Security With Varonis

Nathan Coppinger

Nathan Coppinger

Explore the essential roles of DSPM and CSPM solutions, and see how Varonis uniquely enables you to bridge the gap between cloud and data security. 

Michelle Griffey and Megan Garza

Speed Data: The Importance of Asking for Help With Michelle Griffey

Megan Garza

Megan Garza

Michelle Griffey, Chief Risk Officer for Communisis, shares the importance of asking for help and how the widespread adoption of AI is a good and bad thing.

What is a Data Risk Assessment and Why You Should Take One

Lexi Croisdale

Lexi Croisdale

Conducting a Data Risk Assessment can help your organization map its sensitive data and build out a comprehensive security strategy. Here's how to perform it.

how Varonis' Data Risk Assessment works

How Varonis’ Data Risk Assessment Works

Lexi Croisdale

Lexi Croisdale

Explore how Varonis' free Data Risk Assessment works and what makes it the most-advanced DRA in the industry.

Megan Garza and Scott Godes

Speed Data: Behind the Scenes of Cyber Insurance Recovery With Scott Godes

Megan Garza

Megan Garza

Scott Godes, Insurance Recovery Litigator for Barnes & Thornburg LLP, chats about the importance of cyber insurance, and how data privacy has evolved.

Canda flag on globe

Varonis Launches Data Center in Canada for Cloud-Native Security

Rachel Hunt

Rachel Hunt

We're excited to announce the opening of our data center in Toronto to support new customers and existing customers moving to Varonis' SaaS offering.

cybersecurity maturation model certification

Cybersecurity Maturation Model Certification 2.0: How Varonis Ensures Certification for Defense Contractors

Shane Walsh

Shane Walsh

Varonis can help you achieve compliance and implement the Cybersecurity Maturity Model Certification 2.0 (CMMC) program to safeguard cybersecurity across the government’s DIB.

Megan Garza and Siwar El Assad

Speed Data: Why Cybersecurity is an Unceasing Progression With Siwar El Assad

Megan Garza

Megan Garza

Siwar El Assad chats about the impact of cybersecurity on modern society, the reality of breaches, and how a chance encounter led Siwar to the industry.

DSPM dashboard

DSPM Deep Dive: Debunking Data Security Myths

Kilian Englert

Kilian Englert

DSPM is the leading acronym in cybersecurity. However, the recent buzz has cluttered the meaning of data security posture management. Let's demystify it.

Varonis Announces Salesforce Shield Integration

Nathan Coppinger

Nathan Coppinger

Varonis now integrates with Salesforce Shield to provide deep visibility into Salesforce and help organizations secure their mission-critical data.

Megan Garza and Rick Howard

Speed Data: Rethinking Traditional Cybersecurity Principles With Rick Howard

Megan Garza

Megan Garza

Rick Howard, author, journalist, and Senior Fellow at the CyberWire, chats about his new book on rebooting cybersecurity principles with Varonis' Megan Garza.

eyeball with skull, threat detected

The Benefits of Threat and Data Breach Reports

Scott Shafer

Scott Shafer

Threat and data breach reports can help organizations manage security risks and develop mitigation strategies. Learn our three pillars of effective data protection and the benefits from these reports.

Salesforce taking data

The Biggest Security Risks to Your Salesforce Org

Lexi Croisdale

Lexi Croisdale

Discover how Salesforce professionals and security teams can combat the most concerning risks in their environments.

three ways Varonis fights insider threats

Three Ways Varonis Helps You Fight Insider Threats

Shane Walsh

Shane Walsh

Insider threats are difficult for organizations to combat. Varonis’ modern cybersecurity answer uses the data security triad of sensitivity, access, and activity to combat threats.

AJ Forysiak

Speed Data: Tackling Federal Cybersecurity Challenges With AJ Forysiak

Megan Garza

Megan Garza

Building networks with military, civilian, and intelligence community leaders is just part of AJ’s day-to-day as the Business Development Executive for the Varonis Department of Defense team.

Illustration of a globe centered on the UK featuring the British flag.

Varonis Opens UK Data Centre to Support SaaS Customers

Rachel Hunt

Rachel Hunt

UK expansion will help Varonis customers demonstrate compliance with the U.K.’s Data Protection Act.

AI pixel face

Rewards and Risks: What Generative AI Means for Security

Lexi Croisdale

Lexi Croisdale

As AI has grown in popularity, concerns are being raised about the risks involved with using the technology. Learn the rewards and risks of using generative AI.

CISO first 90 days guide

A CISO's First 90 Days: The Ultimate Action Plan and Advice

Avia Navickas

Avia Navickas

Over the last 10 years, the role of the CISO has become pretty complex. By the end of this blog you'll have a solid 90-day plan to step into a new CISO role.

Megan Garza and Kieron Newsham

Speed Data: Bringing Resiliency and Passion to Cybersecurity with Kieron Newsham

Megan Garza

Megan Garza

Kieron Newsham, Chief Technologist of Cybersecurity for Softcat, shares how his military background helps him in his role and his passion for security.

Generative AI Security: Preventing Microsoft Copilot Data Exposure

Rob Sobers

Rob Sobers

This article describes how Microsoft 365 Copilot's security model works and the risks that must be considered to ensure a safe rollout.

Varonis Delivers Market-leading Salesforce Security

Avia Navickas

Avia Navickas

Varonis delivers market-leading Salesforce security

What’s new in Varonis: August 2023

Yumna Moazzam

Yumna Moazzam

This month brings you several new features to help security teams enforce Zero Trust across their cloud and on-prem environments.

cloud being protected

How to Protect Your Cloud Environment From Today’s Top 5 Threats

Lexi Croisdale

Lexi Croisdale

Learn the top five cloud threats after your sensitive data and how to protect your organization from them.

A black justice scale floats on a sapphire blue background. A computer monitor is shown over the scale.

SEC Cybersecurity Disclosure Requirements’ Impact on Your Business

Rob Sobers

Rob Sobers

New SEC regulations change how public companies disclose hacks, breaches, and cyber incidents. Here’s everything you need to know.

Is Your Data Insider-Proof? Five Steps To Keep Your Secrets Safe

Yaki Faitelson

Yaki Faitelson

This article explains the five steps you can take to see how prepared you are for a nefarious insider or an outside attacker that compromises an insider's account or computer.

Speed Data: The Impact of AI on Attack Vectors With Justin Michael

Megan Garza

Megan Garza

Corbin Capital Partners CTO Justin Michael discusses the hot topic of ChatGPT. Justin leads guarding sensitive data for the leading asset management firm.

Microsoft Word document surrounded by storm clouds

Taking Microsoft Office by "Storm"

Jason Hill

Jason Hill

The “Storm-0978” ransomware group is actively exploiting an unpatched Microsoft Office and Windows HTML remote code execution vulnerability.

drive in the cloud being hacked, illustration

Building a Cloud Security Program From the Ground Up

Megan Garza

Megan Garza

There’s no one-size-fits-all approach to cloud security, but Varonis has laid out a blueprint to help guide you through the steps and start off strong.

Strengthening Resilience: Data Security vs Data Resilience Tools

Nathan Coppinger

Nathan Coppinger

Learn the difference between backup tools and true DSPs and what to look for when you’re choosing a DSP.

Megan Garza and Jordan McClintock

Speed Data: The Importance of Data Privacy With Jordan McClintick

Megan Garza

Megan Garza

Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. talks about how his law degree helps him in his current role in data privacy.

Varonis in the Cloud: Building a Secure and Scalable Data Security Platform

John Neystadt

John Neystadt

How we built our cloud-native SaaS platform for scalability and security—without taking any shortcuts.

Black snake graphic exploits computer files

How the MOVEit Vulnerability Impacts Federal Government Agencies

Megan Garza

Megan Garza

Our latest State of Cybercrime episode examines the MOVEit vulnerability and its impact on victims, including federal government agencies.

What’s new in Varonis: June 2023

Yumna Moazzam

Yumna Moazzam

This month brings more cloud security features to help you better govern your SaaS and IaaS security posture.

Salesforce logo with users floating to the top, showcasing too many shared permissions and profile accesses

10 Tips to Pay Back Your Salesforce Technical Debt

Lexi Croisdale

Lexi Croisdale

Learn best practices for managing and analyzing permissions in Salesforce and how the need for quick solutions can put your organizations data at risk.

Megan Garza and Matt Radolec in conversation bubbles

Speed Data: The Commoditization of Cybercrime With Matt Radolec

Megan Garza

Megan Garza

Matt Radolec at Varonis discusses the future of cybersecurity, the rise of ransomware-as-a-service (RaaS), and what security risks keep him up at night.

Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers

Dolev Taler

Dolev Taler

Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system

id badge graphic with passport booklet underneath, red exclamation point showing security breech

How to Deal With Sensitive Data in Salesforce: A Guide to Data Classification

Megan Garza

Megan Garza

Salesforce Ben and the Varonis team up to discuss Salesforce data classification best practices.

Ghost Sites: Stealing Data From Deactivated Salesforce Communities

Nitay Bachrach

Nitay Bachrach

Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.

Speed Data: CISO Leadership Tips With Pat Benoit

Megan Garza

Megan Garza

Pat shared the four leadership rules he follows, what it takes to succeed in cybersecurity, and why he just might be “The Most Interesting Man in the World.”

What's New in Varonis: May 2023

Yumna Moazzam

Yumna Moazzam

Check out the new features that help security teams automatically enforce least privilege and uniformly apply sensitivity labels across their hybrid cloud and on-prem environments.

Meta's $1.3B Fine: What can Happen if you Don’t Monitor Your PII

Brian Vecci

Brian Vecci

Continuous discovery and data monitoring critical to identify misplaced PII.

What Automation Means For Cybersecurity—And Your Business

Yaki Faitelson

Yaki Faitelson

This article explains how automation can help turn the right information into action, helping to defend against cyberattacks, mitigate risk, shore up compliance and improve productivity.

Salesforce Misconfiguration Causes Sensitive Data Leaks

Rob Sobers

Rob Sobers

Brian Krebs recently reported that an alarming number of organizations—including banks and healthcare providers—are leaking sensitive information due to a misconfiguration in Salesforce Communities.

How Varonis' approach to SSPM helps your company

How Varonis' approach to SSPM helps your company

Rob Sobers

Rob Sobers

Adopt a data-first approach with Varonis' SSPM, securing SaaS apps & reducing risk. Learn how you can get better visibility, automation, and protection.

Varonis Launches Third-Party App Risk Management

Nathan Coppinger

Nathan Coppinger

Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.

Data Security Posture Management (DSPM): Best Practices Guide for CISOs

Rob Sobers

Rob Sobers

Master Data Security Posture Management (DSPM) best practices with our CISOs' guide. Learn to select the right tool, maintain compliance, and prevent data breaches.

Your Guide to the 2023 RSA Conference

Megan Garza

Megan Garza

Varonis has compiled the top RSAC sessions you won’t want to miss. Follow our handy agenda to take advantage of everything RSAC 2023 has to offer.

Varonis Opens Australia Data Centre to Support SaaS Customers

Rachel Hunt

Rachel Hunt

Australian expansion allows Varonis customers to achieve automated data security outcomes while following national standards for data privacy.

The Exact Data Security Roadmap We've Used with 7,000+ CISOs

Rob Sobers

Rob Sobers

Explore the Varonis data security roadmap for modern protection, aiding 7,000+ CISOs in compliance and safeguarding valuable data.

Global threat trends and the future of incident response | Varonis

Global Threat Trends and the Future of Incident Response

Megan Garza

Megan Garza

The Varonis Incident Response team discusses recent global threat trends and shares why proactive IR is the future of data security.

80 Cybersecurity Statistics and Trends [updated 2023]

Megan Garza

Megan Garza

We’ve compiled more than 70 cybersecurity statistics for 2023, to give you a better idea of the current state of overall security.

Top Cybersecurity Trends for 2023

Megan Garza

Megan Garza

We’ve pulled together top security predictions for 2023 to help you determine where you should heed caution and where you can breathe easily.

Varonis Named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Avia Navickas

Avia Navickas

Varonis Named a Leader in the Forrester Wave™: Data Security Platforms, Q1 2023, receiving the highest score in the strategy category.

A Step-By-Step Guide to California Consumer Privacy Act (CCPA) Compliance

David Harrington

David Harrington

CCPA Compliance: Everything you need to know about protecting user data under the California Consumer Privacy Act.

HIPAA Compliance: Your Complete 2023 Checklist

David Harrington

David Harrington

Is your organization ready to comply with 2023 HIPAA updates and changes? Ensure HIPAA compliance with your comprehensive 2023 checklist.

How Varonis Saves Salesforce Admins Hours in Their Day

Nathan Coppinger

Nathan Coppinger

Varonis provides industry leading Salesforce management and permission implications capabilities to help save Salesforce admins hours in their day.

HardBit 2.0 Ransomware

Jason Hill

Jason Hill

HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023.

Neo4jection: Secrets, Data, and Cloud Exploits

Nitay Bachrach

Nitay Bachrach

With the continuous rise of graph databases, especially Neo4j, we're seeing increased discussions among security researchers about issues found in those databases. However, given our experience with graph databases ― from designing complex and scalable solutions with graph databases to attacking them ― we've noticed a gap between public conversations and our security researchers' knowledge of those systems.

VMware ESXi in the Line of Ransomware Fire

Jason Hill

Jason Hill

Servers running the popular virtualization hypervisor VMware ESXi have come under attack from at least one ransomware group over the past week, likely following scanning activity to identify hosts with Open Service Location Protocol (OpenSLP) vulnerabilities.

Varonis Enhances GitHub Security Offering With Secrets Discovery and Data Classification

Nathan Coppinger

Nathan Coppinger

Varonis is extending our world-class data classification capabilities to discover secrets, keys, and other sensitive data embedded in your GitHub repositories and source code. 

Varonis Announces Proactive Incident Response for SaaS Customers

Yumna Moazzam

Yumna Moazzam

Varonis offers the brightest minds in offensive and defensive security, watching your data for threats.

Introducing Automated Posture Management: Fix Cloud Security Risks with One-Click

Nathan Coppinger

Nathan Coppinger

Varonis launches Automated Posture Management to effortlessly fix cloud Security risks with a simple click of a button

CrossTalk and Secret Agent: Two Attack Vectors on Okta's Identity Suite

Tal Peleg and Nitay Bachrach

Tal Peleg and Nitay Bachrach

Varonis Threat Labs discovered and disclosed two attack vectors on Okta's identity suite: CrossTalk and Secret Agent.

Introducing Least Privilege Automation for Microsoft 365, Windows, Google Drive, and Box

Yumna Moazzam

Yumna Moazzam

Varonis announces least privilege automation for Microsoft 365, Google Drive, and Box.

Varonis Launches Customizable Data Security Posture Management (DSPM) Dashboard

Nathan Coppinger

Nathan Coppinger

Varonis introduces a new customizable DSPM dashboard to help improve data security posture management

Australian Privacy Act 2022 Updates

Michael Buckbee

Michael Buckbee

A series of stunning data breaches in 2022 has prompted lawmakers to begin making changes to the 1988 Australian Privacy Act in the form of the new Privacy Legislation Amendment (Enforcement and Other Measures) Bill 2022.

file analysis for cloud data classification

Varonis adds file analysis to cloud data classification capabilities

Yumna Moazzam

Yumna Moazzam

We’re excited to announce that Data Classification Cloud now includes robust file analysis for verifying classification results across your cloud environment.

Four Must-Know Cyber Tips for Your Business

Yaki Faitelson

Yaki Faitelson

The real story behind today’s breaches is never about an isolated bad decision—it’s about the many decisions made long before a sleepy network administrator gets a call from an attacker.

Varonis Threat Labs Discovers SQLi and Access Flaws in Zendesk

Tal Peleg

Tal Peleg

Varonis Threat Labs found a SQL injection vulnerability and a logical access flaw in Zendesk Explore, the reporting and analytics service in the popular customer service solution, Zendesk.

The Logging Dead: Two Event Log Vulnerabilities Haunting Windows

Dolev Taler

Dolev Taler

You don’t have to use Internet Explorer for its legacy to have left you vulnerable to LogCrusher and OverLog, a pair of Windows vulnerabilities discovered by the Varonis Threat Labs team.

Varonis and Coretx XSOAR

Automate Data Security With Varonis Data-centric Insights and Cortex XSOAR

Yumna Moazzam

Yumna Moazzam

Discover how to leverage Varonis data risk insights with Cortex XSOAR to accelerate investigations.

What is IDOR (Insecure Direct Object Reference)?

Robert Grimmick

Robert Grimmick

Insecure Direct Object References (IDOR) are common, potentially devastating vulnerabilities resulting from broken access control in web applications.

Azure Managed Identities: Definition, Types, Benefits + Demonstration

Neeraj Kumar

Neeraj Kumar

Use this guide to learn about Azure managed identities: What they are, how many types there are, and what benefits they offer, plus how they work.

SaaS Risk Report Reveals Exposed Cloud Data is a $28M Risk for Typical Company

Rachel Hunt

Rachel Hunt

The Great SaaS Data Exposure examines the challenge CISOs face in protecting data across a growing portfolio of SaaS apps and services such as Microsoft 365.

The 12 PCI DSS Requirements: 4.0 Compliance Checklist

David Harrington

David Harrington

Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) is right around the corner. Prepare with our PCI DSS compliance checklist.

Varonis Adds Secrets Discovery for On-Prem and Cloud Data Stores

Rob Sobers

Rob Sobers

Varonis can help you scan your environments for rogue secrets exposed in files and code stored on-prem and in the cloud.

Change These 7 Security Settings After Creating a New AWS Account

Shane Waterford

Shane Waterford

Use these seven AWS security best practices for simple configuration changes on a new AWS account.

Fighting Golden Ticket Attacks with Privileged Attribute Certificate (PAC)

Masha Garmiza

Masha Garmiza

Learn how and why to control the Active Directory Environment state with PACRequestorEnforcement, the implications of doing so and how to detect Golden Ticket attacks happening in your network.

Compare Salesforce user permissions with ease

Nathan Coppinger

Nathan Coppinger

DatAdvantage Cloud now enables admins to compare two Salesforce users’ effective permissions side-by-side with a simple click of a button.

What Is a Data Leak? Definition and Prevention

Josue Ledesma

Josue Ledesma

Learn why data leaks can be devastating for companies and how you can defend against them.

What Is Zero Trust? Architecture and Security Guide

Michael Buckbee

Michael Buckbee

Zero trust is a security model that protects against both malicious insiders and external attacks that have breached your perimeter.

U.S. Privacy Laws: The Complete Guide

David Harrington

David Harrington

This guide breaks down the entirety of the U.S. privacy law ecosystem to help you understand the rights and obligations of citizens and businesses.

SOC 2 Compliance Definition & Checklist

David Harrington

David Harrington

System and Organization Controls (SOC 2) compliance requires adherence to specific guidelines. This detailed definition and checklist can get you started.

What is Mimikatz? The Beginner's Guide

Michael Buckbee

Michael Buckbee

Mimikatz is an open-source application that allows users to view and save authentication credentials like Kerberos tickets.

Anatomy of a SolidBit Ransomware Attack

Jason Hill

Jason Hill

Solidbit is a ransomware variant derived from Yashma and containing elements of LockBit. Discover how Solidbit's capabilities, execution, what file types it targets, and how to tell if you're been infected.

How to Use Wireshark: Comprehensive Tutorial + Tips

Kody Kinzie

Kody Kinzie

Learn how to use Wireshark, a widely-used network packet and analysis tool. This tutorial has everything from downloading to filters to packets.

Your Sales Data Is Mission-Critical: Are You Protecting It?

Yaki Faitelson

Yaki Faitelson

If you’re like many executives, you might assume your data is secure within those cloud applications. That’s a dangerous assumption, though. Cloud providers are responsible for everything that delivers their application (e.g., their data center); it’s your responsibility to protect the data inside it.

Varonis Cloud Security MITRE ATT&CK

Varonis Maps Cloud Security Alerts to MITRE ATT&CK

Yumna Moazzam

Yumna Moazzam

In Varonis’ latest update of DatAdvantage Cloud, we’re layering MITRE ATT&CK tactics and techniques over cloud alerts to aid in faster incident response.

SecurityRWD - How Amazon S3 Object-Tagging Can Put Form Around Flat Storage

Kilian Englert

Kilian Englert

Your favorite Varonis team members Ryan O'Boyle and Kilian Englert will explain how unlike classic storage arrays or traditional file servers, S3 buckets are a linear, flat storage solution, offering data object-tagging to create a sense of hierarchy.

How to Create S3 Buckets in AWS with CloudFormation: Step-by-Step Guide

Shane Waterford

Shane Waterford

Use AWS CloudFormation to create resources such as S3 buckets. Infrastructure as code enables a repeatable, reliable deployment process. Learn more here.

What Is SQL Injection? Identification & Prevention Tips

Alvin Mwambi

Alvin Mwambi

SQL injection is a serious open web application security project (OWASP) vulnerability. Learn more about how to combat injection attacks in this article.

What Is a Privacy Impact Assessment (PIA)?

David Harrington

David Harrington

A privacy impact assessment (PIA) helps firms protect data. Find out about this robust approach to data loss prevention and how to implement your own PIA.

161 Cybersecurity Statistics and Trends [updated 2023]

Rob Sobers

Rob Sobers

These cybersecurity statistics for 2023 are grouped by category and include breaches, costs, crime type, compliance, industry-specific stats, job outlook.

Data Lifecycle Management (DLM): Everything You Need to Know

David Harrington

David Harrington

Data lifecycle management (DLM) is the process of managing data from creation to deletion. In this article, we’ll cover how DLM works and why you need it.

What is the CIA Triad?

Josue Ledesma

Josue Ledesma

Learn how the CIA triad can be used to classify, secure, and protect your data.

What Is Network Access Control? Explaining NAC Solutions

Robert Grimmick

Robert Grimmick

Explore network access control (NAC), a technology aimed at giving organizations more control over who can access their network and with what permissions.

Ransomware Statistics, Data, Trends, and Facts [updated 2023]

Rob Sobers

Rob Sobers

Ransomware is one of the most common types of malware used in cyberattacks. Check out these comprehensive ransomware statistics, plus prevention tips.

What is SSPM? Overview + Guide to SaaS Security Posture Management

David Harrington

David Harrington

SaaS security posture management (SSPM) is an automated solution that helps bolster the protection of all SaaS applications used by organizations.

SOX Compliance Checklist & Audit Preparation Guide

David Harrington

David Harrington

The Sarbanes-Oxley Act (SOX) requires public U.S. companies meet strict reporting and security standards. Here’s what you need to know to comply with SOX.

IDS vs. IPS: What Organizations Need to Know

Josue Ledesma

Josue Ledesma

We explore IDS vs. IPS and break down the differences between the two cybersecurity systems. Read on to evaluate using them in your network.

How a Doggo Can Teach You the Difference Between Salesforce Objects and Records

Kilian Englert

Kilian Englert

What can Fido teach you about Salesforce? Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team host a special, goodest boy guest to explain the difference between objects, fields, and records in the popular CRM.

DNS over HTTPS as a covert Command and Control channel

Masha Garmiza

Masha Garmiza

Learn how DNS over HTTPS (DoH) is being actively used as a Command and Control (C2) channel by threat actors.

What is Red Teaming? Methodology & Tools

David Harrington

David Harrington

Red teaming simulates real-world hacks on your organization’s data and networks and spotlight vulnerabilities that help organizations strengthen security.

What is a Security Policy? Definition, Elements, and Examples

Robert Grimmick

Robert Grimmick

A security policy is a document that spells out principles and strategies for an organization to maintain the security of its information assets.

What is Open XDR? Benefits and Security Comparisons

Josue Ledesma

Josue Ledesma

Learn all about the new open XDR solution and whether it’s the right fit for your organization’s security needs.

What is Traceroute? How It Works and How to Read Results

Robert Grimmick

Robert Grimmick

Traceroute is a tool to trace the path of an IP packet as it traverses routers locally or globally. It is primarily used for diagnostic and troubleshooting purposes.

Ryuk Ransomware: Breakdown and Prevention Tips

David Harrington

David Harrington

Ryuk ransomware targets large organizations and spreads with deadly speed. Learn about the strain and how to prevent your company from becoming a victim.

What is an Insider Threat? Definition and Examples

Robert Grimmick

Robert Grimmick

Insider threats are internal risks to cybersecurity and data — learn more about insider threats, indicators, and how to detect them and prevent breaches.

Evil Twin Attack: What it is, How to Detect & Prevent it

Josue Ledesma

Josue Ledesma

The evil twin attack takes advantage of public WiFi connections. Learn how to prevent it from reaching you and your devices.

How to Paint the Complete Picture of Salesforce Objects and Fields

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team explain why — when it comes to understanding what Salesforce objects and fields a user can access — all levels of entitlements need to be taken into consideration to gain a holistic view of what the user can do (or cannot) do in Salesforce.

Anatomy of a LockBit Ransomware Attack

Joseph Avanzato

Joseph Avanzato

A detailed case study of the exact techniques and methods that threat actors used in a real-life ransomware attack.

What is Cyber Espionage? Complete Guide with Protection Tips

Robert Grimmick

Robert Grimmick

Cyber espionage is the unauthorized use of computer networks to access privileged information. Read on to learn more about this growing worldwide problem.

Rogue Shortcuts: LNK'ing to Badness

Jason Hill

Jason Hill

Learn how threat actors continue to manipulate Windows shortcut files (LNKs) as an exploit technique.

Varonis Adds Data Classification Support for Amazon S3

Nathan Coppinger

Nathan Coppinger

Varonis bolsters cloud security offering with data classification for Amazon S3.

Group Policy Objects (GPOs): How They Work & Configuration Steps

David Harrington

David Harrington

Group Policy Objects (GPOs) let system admins control and implement cybersecurity measures from a single location. Learn about GPOs and how they work here.

Data Protection Guide: How To Secure Google Drive for Your Business

David Harrington

David Harrington

Does your company store, handle, or transmit confidential data in Google Drive? Learn about security, encryption, and data protection in Google Workspace.

So I Creep: Aggregating Salesforce Permissions Can Add up to Excessive Risk

Kilian Englert

Kilian Englert

Salesforce entitlements go beyond object and record access — they can give users the ability to perform actions within Salesforce as well. Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss how the combination of Salesforce profiles, permission sets, and permission set groups can grant users far greater rights than were intended.

What Is Data Governance? Framework and Best Practices

David Harrington

David Harrington

Data Governance helps organize, secure, and standardize data for all types of organizations. Learn more about data governance frameworks here.

A dark blue globe with a white checkmark floats above a gradient blue background.

ISO 27001 Compliance Guide: Essential Tips and Insights

Robert Grimmick

Robert Grimmick

Looking to earn ISO 27001 compliance? Learn about this widely known information security standard, what’s in it, and how to become certified in this post!

A dark blue checklist titled NIST 800-53 COMPLIANT floats over a blue gradient background.

NIST 800-53: Definition and Tips for Compliance

Josue Ledesma

Josue Ledesma

Learn best practices for adopting and implementing the NIST 800-53 framework, a compliance standard for federal agencies and partners.

A dark blue text volume labeled

NIST 800-171 Compliance Checklist and Terminology Reference

David Harrington

David Harrington

Government contractors who handle Controlled Unclassified Information (CUI) must be NIST 800-171 compliant. Use this checklist as a complete reference.

How to Prepare for a Salesforce Permissions Audit

Mike Mason

Mike Mason

In this post, I'll walk you through what a Salesforce audit is, how permissions work, and provide tips on how you can prepare.

Spoofing, and SaaS Vanity URLs, and Social Engineering... Oh My!

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle discuss the recent discovery by Varonis researchers of risks in vanity URL validation, and share what to do to prepare your organization for if (or more likely when) a user accidentally discloses credentials.

84 Must-Know Data Breach Statistics [2023]

Rob Sobers

Rob Sobers

These 2022 data breach statistics cover risk, cost, prevention and more — assess and analyze these stats to help prevent a data security incident.

SecurityRWD – Getting Started With Salesforce Entitlements

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from Varonis dive into the Salesforce interface, cover the basics of navigation, and share what to look for when performing a manual Salesforce entitlement review.

Why Every Cybersecurity Leader Should ‘Assume Breach’

Yaki Faitelson

Yaki Faitelson

Any system, account or person at any time can be a potential attack vector. With such a vast attack surface, you need to assume attackers will breach at least one vector.

Spoofing SaaS Vanity URLs for Social Engineering Attacks

Tal Peleg

Tal Peleg

SaaS vanity URLs can be spoofed and used for phishing campaigns and other attacks. In this article, we’ll showcase two Box link types, two Zoom link types, and two Google Docs link type that we were able to spoof.

Bad Rabbit Ransomware

Michael Raymond

Michael Raymond

Bad Rabbit is a ransomware strain that spread via hacked websites, infected systems via a fake Adobe installer and held encrypted files for Bitcoin.

SecurityRWD - Salesforce as a file server? You bet.

Kilian Englert

Kilian Englert

Did you know Salesforce isn't limited to just, well, sales? This leading CRM platform can function as a data repository for critical industries ranging from healthcare to finance. Listen in as Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team share their reasoning for thinking about Salesforce as a data store, and tell you what you should consider if tasked with securing it.

Hive Ransomware Analysis

Nadav Ovadia

Nadav Ovadia

Learn how Hive ransomware exploits public servers, spreads through your network, encrypts sensitive files, and exports victims for cryptocurrency.

SecurityRWD - Introduction to AWS Lambda

Kilian Englert

Kilian Englert

Join Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team as they discuss AWS's serverless computing platform, Lambda. Find out what the Lambda functions allow for, see an everyday example of how it all comes together, and learn why it's so important for organizations to monitor Lambda's behavior within the entire Amazon Web Service ecosystem.

How to Use Volatility for Memory Forensics and Analysis

Neil Fox

Neil Fox

This article will cover what Volatility is, how to install Volatility, and most importantly how to use Volatility.

Two certifications shown on an aquamarine gradient background: One for CCSP and one for CISSP.

CCSP vs. CISSP: Which One Should You Take?

Josue Ledesma

Josue Ledesma

Get an overview of the CCSP and CISSP exams and learn which certification is best for you and your career.

SecurityRWD – GitHub Secret-Scanning Could Create False Sense of Security

Kilian Englert

Kilian Englert

Microsoft recently announced they would be adding another layer of security to their popular code repository, GitHub, by scanning for "secrets" (API tokens, access keys, etc. inadvertently saved in the platform). However, as Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss, this positive first step shouldn't lull developers into a false sense of security. Listen in to hear why it's so important not to let your guard down when securing critical cloud apps and data.

SecurityRWD - Introduction to AWS Elastic Compute Cloud (EC2)

Kilian Englert

Kilian Englert

Concerning headlines about threat groups targeting major security and technology vendors are keeping more than a few security and IT professionals up at night. Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss why advanced attackers target technology like SSO and why organizations must "assume" breach. Watch now for helpful tips to harden your environment and protect your data.

What is the NIST Cybersecurity Framework?

Josue Ledesma

Josue Ledesma

Learn how you can implement the NIST cybersecurity framework within your own organization.

12 Group Policy Best Practices: Settings and Tips for Admins

Jeff Brown

Jeff Brown

Group Policy configures settings, behavior, and privileges for user and computers. In this article, you’ll learn best practices when working with Group Policy.

Your Guide to Simulated Cyberattacks: What is Penetration Testing?

David Harrington

David Harrington

Penetration testing simulates a real-world cyber-attack on your critical data and systems. Here’s what penetration testing is, the processes and tools behind it, and how pen testing helps spot vulnerabilities before hackers do.

What is Terraform: Everything You Need to Know

David Harrington

David Harrington

Terraform is an infrastructure-as-code (IaC) solution that helps DevOps teams manage multi-cloud deployments. Learn about what is Terraform, the benefits of IaC, and how to get started.

Defending Your Cloud Environment Against LAPSUS$-style Threats

Nathan Coppinger

Nathan Coppinger

Varonis breaks down the recent LAPSUS$ hacks and provides best practices for defending your cloud environment against LAPSUS$ style threats

How to Use Ghidra to Reverse Engineer Malware

Neil Fox

Neil Fox

An overview of the malware analysis tool Ghidra. This article covers how to install and navigate the Ghidra interface.

What Is a Botnet? Definition and Prevention

Josue Ledesma

Josue Ledesma

Learn why botnets can be so dangerous and what your organization can do to protect your IoT devices and network.

SecurityRWD - Introduction to AWS Simple Storage Service (S3)

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team compare and contrast Amazon Web Services S3 to traditional on-prem storage systems. Listen in as the team discusses how AWS S3 goes beyond basic data storage, and enables programmatic access to apps and services inside and outside the AWS environment.

SID injection attack

Is this SID taken? Varonis Threat Labs Discovers Synthetic SID Injection Attack

Eric Saraga

Eric Saraga

A technique where threat actors with existing high privileges can inject synthetic SIDs into an ACL creating backdoors and hidden permission grants.

ContiLeaks: Ransomware Gang Suffers Data Breach

Jason Hill

Jason Hill

Conti, a prolific ransomware group, has suffered a leak of both internal chat transcripts and source code being shared by a reported Ukrainian member

SecurityRWD - Introduction to AWS Identity and Access Management (IAM)

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team compare and contrast Amazon Web Services Identity and Access Management against a traditional on-prem setup with Active Directory. Listen in as the team discusses how AWS IAM goes beyond simple user and group management to creating an entire network and defining access to network resources and infrastructure.

SecurityRWD - Introduction to AWS Services

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team kick off a new series diving into the various services found under the AWS umbrella. In this video, they introduce and provide an overview of some of the core services including IAM, S3, and EC2.

Ransomware-as-a-Service Explained: What is RaaS?

David Harrington

David Harrington

Ransomware as a service (RaaS) is an emerging and potent cybersecurity threat to all organizations. If you’re unaware of how RaaS works, your system is potentially at risk. What RaaS is and how to guard against it.

Common Types of Malware

Neil Fox

Neil Fox

This piece covers the various types of malware that are available and their characteristics.

Insights Dashboard

Varonis adds SSPM functionality to DatAdvantage Cloud

Avia Navickas

Avia Navickas

SaaS misconfigurations can unintentionally expose valuable corporate data. The new Insights Dashboard from Varonis helps you find and fix these security gaps.

SecurityRWD - Abusing Power Automate to Exfiltrate Data from Microsoft 365

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from Varonis explore how a powerful, built-in tool called Power Automate can be configured to automatically exfiltrate data out of Microsoft 365 environments and what organizations can do to detect it..

SecurityRWD - Microsoft 365 Makes Collaboration Easy – Almost Too Easy

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team examine different types of sharing in Microsoft 365, and what really happens behind the scenes.

Identify and Investigate Business Email Compromise (BEC) Scams

Ed Lin

Ed Lin

In this post, we'll review how to spot Business Email Compromise Scams and walk you through an investigation with Varonis.

SecurityRWD - What Happens When You Create A Microsoft Team?

Kilian Englert

Kilian Englert

Microsoft Teams seems like a straightforward collaboration platform, but the deceptive simplicity hides the true complexity lurking just under the surface.

Ransomware Year in Review 2021

Varonis Threat Labs

Varonis Threat Labs

In this post, we dive into six ransomware trends that shaped 2021.

Using Power Automate for Covert Data Exfiltration in Microsoft 365

Eric Saraga

Eric Saraga

How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.

SecurityRWD – Understanding Salesforce Entitlements

Kilian Englert

Kilian Englert

Kilian and Ryan O'Boyle from the Varonis Cloud Architecture team cover what Secure Access Service Edge (SASE) is all about, and dive into other security considerations organizations should keep in mind when looking to "decentralize" their network architecture.

BlackCat Ransomware (ALPHV)

Jason Hill

Jason Hill

Varonis has observed the ALPHV (BlackCat) ransomware, actively recruiting new affiliates and targeting organizations across multiple sectors worldwide.

Varonis 8.6: Control Collaboration Chaos in Microsoft 365

Nathan Coppinger

Nathan Coppinger

Varonis is excited to announce Varonis Data Security Platform 8.6, with enhanced data security for Microsoft 365 to help find and fix collaboration risks.

What Every CEO Should Know About Modern Ransomware Attacks

Yaki Faitelson

Yaki Faitelson

How To Make Yourself A Tougher Cybersecurity Target

Mixed Messages: Busting Box’s MFA Methods

Tal Peleg

Tal Peleg

Varonis Threat Labs discovered a way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification.

Threat Update 73 - What is a Cloud Access Security Broker (CASB)?

Kilian Englert

Kilian Englert

Kilian and Ryan O'Boyle from the Varonis Cloud Architecture team cover what Secure Access Service Edge (SASE) is all about, and dive into other security considerations organizations should keep in mind when looking to "decentralize" their network architecture.

Threat Update 72 - What is SaaS Security Posture Management (SSPM)?

Kilian Englert

Kilian Englert

Kilian and Ryan O'Boyle from the Varonis Cloud Architecture team cover what Secure Access Service Edge (SASE) is all about, and dive into other security considerations organizations should keep in mind when looking to "decentralize" their network architecture.

Threat Update 71 – Security Predictions for 2022

Kilian Englert

Kilian Englert

Cybersecurity Predictions for 2022

Threat Update 69 - What is Secure Access Service Edge (SASE)?

Kilian Englert

Kilian Englert

Kilian and Ryan O'Boyle from the Varonis Cloud Architecture team cover what Secure Access Service Edge (SASE) is all about, and dive into other security considerations organizations should keep in mind when looking to "decentralize" their network architecture.

Threat Update 68 - Box MFA Bypass and the Need for Defense in Depth

Kilian Englert

Kilian Englert

Multi-Factor Authentication (MFA) is a critical security control in the increasingly cloud-first world, but like all software, there can be vulnerabilities.

What is an APT?: Advanced Persistent Threat Overview

Josue Ledesma

Josue Ledesma

Learn how APT threats are targeting more organizations and how to defend against this sophisticated attack.

What is a Brute Force Attack? Definition

Michael Buckbee

Michael Buckbee

A brute force attack (also known as brute force cracking) is the cyberattack equivalent of trying every key on your key ring, and eventually finding the right one.

Threat Update 67 - Jira Permission Leaks

Kilian Englert

Kilian Englert

Jira can be an interesting attack target for recon, lateral movement, and exfiltration - but it is made all the more dangerous by a simple permissions misconfiguration at the heart of hundreds of exposed Jira instances discovered by the Varonis Threat Research Team.

Bypassing Box's Time-based One-Time Password MFA

Tal Peleg

Tal Peleg

The Varonis research team discovered a way to bypass Box's Time-based One-Time Password MFA for Box accounts that use authenticator applications.

Defend Against Ransomware with the NIST Ransomware Profile

Yumna Moazzam

Yumna Moazzam

Learn about the NIST ransomware profile and how it can help defend against ransomware with Varonis.

Threat Update 66 - Not The "Cloud Solution" You Are Expecting

Kilian Englert

Kilian Englert

To celebrate Thanksgiving in the U.S., Kilian and Ryan discuss a solution that contains the closest thing they can find to actual tiny clouds, as well as additional elements necessary...

Threat Update 65 - What is Cloud Security Posture Management (CSPM)?

Kilian Englert

Kilian Englert

Kilian and Ryan O'Boyle from the Varonis Cloud Architecture team cover what a Cloud Security Posture Management (CSPM) is designed to protect, key features and capabilities, as well where it fits into the overall cloud security stack.

How to Monitor Network Traffic: Effective Steps & Tips

David Harrington

David Harrington

In this article, you will learn how to monitor network traffic using different tools and methods.

No Time to REST: Check Your Jira Permissions for Leaks

Omri Marom

Omri Marom

Varonis researchers enumerated a list of 812 subdomains and found 689 accessible Jira instances. We found 3,774 public dashboards, 244 projects, and 75,629 issues containing email addresses, URLs, and IP...

What is Role-Based Access Control (RBAC)?

Neeraj Kumar

Neeraj Kumar

Role-Based Access Control (RBAC) is a security paradigm where users are granted access depending on their role in your organization. In this guide, we'll explain what RBAC is, and how to implement it.

What is a Security Operations Center (SOC)?

David Harrington

David Harrington

What is SOC security? In this article we'll dive into the functions of an SOC and why it's critical for the safety of your company's security and response to cybersecurity incidents.

INVEST in America Act: Billion-Dollar Funding for Cybersecurity

Nathan Coppinger

Nathan Coppinger

The INVEST in America Act provides nearly two billion dollars in funding to enhance the nation's cybersecurity. Who should care? State, local, and tribal governments. $1 billion in funding over...

Threat Update 64 - Escaping Einstein's Wormhole

Kilian Englert

Kilian Englert

If your organization created a Salesforce Community prior to Summer 2021 you could accidentally leak sensitive information publicly unless you take steps now to remediate.

Threat Update 63 - Moving To The Cloud Doesn't Mean You Don't Own The Data Risk

Kilian Englert

Kilian Englert

Leveraging cloud solutions can alleviate some legacy infrastructure risks but can bring data protection challenges to the forefront. Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss...

Cloud Applications Put Your Data At Risk - Here's How To Regain Control

Yaki Faitelson

Yaki Faitelson

Cloud applications boost productivity and ease collaboration. But when it comes to keeping your organization safe from cyberattacks, they're also a big, growing risk. Your data is in more places...

How to Install and Import Active Directory PowerShell Module

Jeff Brown

Jeff Brown

The Active Directory PowerShell module is a powerful tool for managing Active Directory. Learn how to install and import the module in this detailed tutorial!

Einstein's Wormhole: Capturing Outlook & Google Calendars via Salesforce Guest User Bug

Nitay Bachrach

Nitay Bachrach

If your organization uses Salesforce Communities and Einstein Activity Capture, you might have unknowingly exposed your administrator's Outlook or Google calendar events to the internet due to a bug called...

BlackMatter Ransomware: In-Depth Analysis & Recommendations

Dvir Sason

Dvir Sason

CISA has issued a security bulletin regarding the BlackMatter 'big game hunter' ransomware group following a sharp increase in cases targeting U.S. businesses. To mitigate these attacks, it is recommended...

Salesforce Security: 5 Ways Your Data Could be Exposed

Avia Navickas

Avia Navickas

Salesforce is the lifeblood of many organizations - Here are five things you should know about your Salesforce security and how to effectively reduce risk

Update 62 - SaaS Authentication Monitoring Evasion

Kilian Englert

Kilian Englert

Businesses know they need to monitor their SaaS apps, but it's easy to get lulled into a false sense of security if you're relying on authentication monitoring as your only line of defense.

The MITRE ATT&CK Framework: A Comprehensive Guide

David Harrington

David Harrington

The MITRE ATT&CK framework helps businesses discover which hacker techniques, tactics, and behaviors they're most vulnerable to. Read about how to use ATT&CK for penetration testing within your organization today.

Threat Update 61 - When Work and Home SaaS Use Blurs, Expect the Unexpected

Kilian Englert

Kilian Englert

Businesses can face unexpected risk as the lines between corporate and personal SaaS apps begin to blur - especially as users introduce sensitive or regulated content into a corporate SaaS app.

Abusing Misconfigured Salesforce Communities for Recon and Data Theft

Nitay Bachrach

Nitay Bachrach

Our research team has discovered numerous publicly accessible Salesforce Communities that are misconfigured and expose sensitive information.

Illinois Privacy Law Compliance: What You Need to Know

David Harrington

David Harrington

The Illinois Personal Information Protection Act (PIPA) is designed to safeguard the personal data of Illinois residents. Learn what PIPA is, who it affects, and how to maintain compliance.

Good for Evil: DeepBlueMagic Ransomware Group Abuses Legit Encryption Tools

Jason Hill

Jason Hill

A group known as "DeepBlueMagic" is suspected of launching a ransomware attack against Hillel Yaffe Medical Center in Israel, violating a loose "code of conduct" that many ransomware groups operate...

ReConnect - Tackling SaaS Security

Kilian Englert

Kilian Englert

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team answer audience questions from the Virtual Connect event about how the CISO of a global communications firm approaches cloud security and minimizes risk across a wide variety of cloud platforms.

We're Varonis.
Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.