Learn how a CloudTrail flaw revealed IDs via VPC endpoints and how to protect your cloud.

Discover Varonis' latest features, including AI Identity Protection for Salesforce Agentforce and enhanced support for Google Workspace.

Atroposia is a stealthy RAT with HRDP, credential theft, DNS hijacking & fileless exfiltration — aka cybercrime made easy for low-skill attackers.

Discover how attackers use advanced URL rewriting tricks to bypass traditional blocklists and how organizations can stay ahead of evolving threats.

Learn how India’s Digital Personal Data Protection (DPDP) Act is shifting global data privacy and gain insights on reducing risk and ensuring compliance.

Regulatory compliance alone isn’t enough to ensure true data security. Explore the critical gaps between compliance and proactive protection.

Varonis Threat Labs discovered a loophole allowing attackers to impersonate Microsoft applications by creating malicious apps with deceptive names.

AI-powered phishing is outsmarting email security. Discover a multilayered defense from Gartner and how Varonis Interceptor protects your inbox.

Discover how attackers use SVG files to hide malicious JavaScript in images, and learn how to defend against these evolving phishing threats.

Discover how Varonis AI Identity Protection secures Salesforce data from over-permissioned AI agents, enabling safe deployment and innovation.

A critical component of any organization's security strategy, Database Activity Monitoring tools are used by organizations to fulfill compliance criteria and protect sensitive data.

Discover how Varonis' advanced threat response ensured zero downtime and complete remediation when stopping a ransomware attack.

Varonis Interceptor protects organizations from a new breed of AI-powered email threats with the best phishing detection on the planet.

Discover the pillars of database security and how Varonis Next-Gen database activity monitoring (DAM) protects sensitive data in AI and cloud environments.

ForcedLeak exposes Salesforce Agentforce to silent CRM data theft via prompt injection, agent overreach, and CSP misconfig. Mitigate now.

With breaches on the rise, it’s crucial to make cybersecurity a priority. Follow these preventative cybersecurity tips for stronger security practices.

Secure sensitive data in Databricks with deep visibility, proactive remediation, and active threat detection using Varonis.

Discover how PDF-based malware attacks work and how AI-powered email security can detect and block threats before they reach your inbox.

The FBI is noticing a large uptick in fraudulent websites impersonating the IC3. Learn how users are unsuspectingly reporting cybercrime to cybercriminals.

Discover Varonis' latest features, including AI-native email security, new data protection policies, and new threat detection policies for Azure and Exchange Online.

Discover the key insights from CyberTech Tokyo 2025, the growing risk of generative AI, and steps organizations can take to strengthen their data security.

Accurate, scalable data classification is key to security, compliance, and safe AI. Learn how to avoid common pitfalls and choose the right approach.

Ransomware groups now target AWS control planes using stolen keys and Pacu. Learn how Varonis detects, investigates, and stops these cloud threats.

Varonis studied 98 IT environments to assess AI’s impact on healthcare, biotech, and pharma — and how organizations can better protect critical data.

Learn how to protect AI pipelines by controlling data access, monitoring AI behavior, and preventing data exposure.

Varonis reveals a decade-old Unicode flaw that enables BiDi URL spoofing and poses phishing risks. Learn how attackers exploit RTL/LTR scripts and browser gaps.

Lock down your Salesforce environment and stop OAuth-based threats with the CRM's new API Access Control. Varonis Threat Labs explains how it works and why it's important.

The DoD announced the final rule for the Cybersecurity Maturity Model Certification (CMMC), making compliance a gatekeeper for doing business with the DoD — here's what you need to know.

A massive phishing-led NPM attack compromised popular packages with 2.67B weekly downloads, hijacking crypto wallets via stealthy AI-generated emails.

Tribal Nations are highly targeted subjects of cyberattacks. This will serve as a guide to what DSPM is, why it is so important, and how Varonis can help.

SpamGPT is a new AI-powered email attack tool that is changing the way businesses address email security issues. Learn how this technology makes phishing attacks more effective and how to protect your company's email systems ahead of time.

Detect and stop agentic AI threats with agentic AI: autonomous agents that monitor, investigate, and respond faster than traditional security tools.

Validate your security tools with a real-world attack simulation that reveals detection gaps and boosts your cyber resilience.

Learn how attackers exploited SaaS integrations in the Drift breach — and how to protect your Salesforce organization today.

Strategic acquisition adds the world’s best phishing and social engineering detection to the leading Data Security Platform.

A misconfigured upload path exposed a Linux web server to attack. Varonis Threat Labs reveals how it happened and how to prevent future breaches.

How a bad actor systematically impersonates users to exfiltrate millions of Salesforce records.

Identity is the new perimeter. Learn how Varonis stops cloud breaches by resolving access, detecting threats, and automating least privilege.

Learn how Varonis protects DoD environments by utilizing various approaches to secure sensitive data.

As organizations increasingly rely on MCP servers to bridge AI capabilities with business systems, understanding and defending against threats is critical.

Italy is addressing AI risks in healthcare, recently giving clear data protection decrees from the Garante per la protezione dei dati personali.

AI impersonation and deepfake fraud are rising fast. Learn how Varonis protects identities, secures data, and stops attackers before damage is done.

Varonis uncovers an RCE vulnerability in PostgreSQL via PL/Perl and PL/Rust. Learn how AWS RDS responded and how to secure your Postgres environment.

Learn how Varonis Threat Labs uncovered a critical Microsoft 365 Direct Send exploit, and how organizations leveraged Varonis Incident Response to protect themselves from attack.

Discover Varonis' latest features, including database activity monitoring, CSPM enhancements, Salesforce access graph, and more.

Learn how to prevent data leaks from ChatGPT with AI-specific DLP strategies covering risk, policy, controls, and compliance for secure enterprise AI use. 

Reinventing Database Security: A simple, agentless solution to database security and compliance built for the AI era.

Learn about the vishing and recent attacks from ShinyHunters' targeting Salesforce environments and how your org can stay protected from data breaches and extortion.

Understand what the principle of least privilege (PoLP) is, how avoiding it creates risk for organizations, and how embracing it helps you stay secure in the face of AI innovation.

Varonis enhances its CSPM capabilities to provide centralized risk visibility, expanded misconfiguration detection, and unified workflows.

ToolShell is a critical SharePoint RCE exploit chain. Learn how it works, who’s at risk, and how to protect your environment before it’s too late.

Custom GPTs and AI agents compound productivity, but with that comes added risk. Learn about ChatGPT's custom GPTs and how to build them with data security in mind.

A subtle versioning error in Microsoft’s AppLocker block list exposes a bypass risk — learn how to spot and fix this overlooked security gap.

Discover how cybercriminals use cloaking to hide malicious sites from bots and scanners while deceiving users. Plus, learn how to uncover these hidden threats.

A real-world look at how attackers use OneNote, OneDrive, and AI/no-code tools like Flazio for phishing, and practical steps to defend your organization today.

Complete Operation Frostbyte, an interactive mission created by Varonis Threat Labs to test the cybersecurity community’s Snowflake data security knowledge.

Learn about enhancing multi-cloud security with authentication, access intelligence, automated remediation, unified monitoring, and compliance best practices.

Explore major data breaches, their common thread, and practical solutions for data-centric security.

Learn how the Varonis Incident Response team prevented PII from being compromised, and what this means for data in cloud collaboration platforms like Box.

ChatGPT Enterprise is changing in the way it retrieves data and surfaces information to users in prompt responses. Learn about the new connectors and risks.

Varonis Threat Labs discovered a high severity vulnerability in ServiceNow’s platform that can lead to significant data exposure and exfiltration.

Companies join forces to deliver scalable data security, governance, and compliance for the AI era

Shadow AI is on the rise as employees adopt unsanctioned AI tools. Learn the risks it poses to security and compliance, and how to manage it responsibly.

Unlock the power of cloud data security: discover tips on access, monitoring, compliance, and more to keep your organization safe and thriving.

Learn what AI data security really means, why it matters and how to protect sensitive data used by or exposed to AI systems and workflows.

Discover Varonis' latest features, including ChatGPT Enterprise monitoring, a Varonis MCP Server, MPIP labeling in Box, and more.

Varonis Threat Labs uncovered a phishing campaign with M365's Direct Send feature that spoofs internal users without ever needing to compromise an account.

Unlock true Kubernetes security with DSPM to discover, classify, and protect sensitive data where CSPM falls short.

Sometimes the old ones are best... avoided. Explore Kerberoasting and how it remains a relevant attack method.

Explore the growing threat of model poisoning, a cyberattack where machine learning models are manipulated, and how your organization can defend against it.

Discover how Varonis researchers detect stealthy beacon traffic by analyzing jitter patterns, turning evasion tactics into powerful behavioral detection signals.

Varonis' industry-leading Data Security Platform supports OpenAI’s ChatGPT Enterprise, keeping data safe against risks of AI misuse and exposure.

Uncover powerful strategies to protect multi cloud setups. Solve fragmented visibility, inconsistent policies, growing attack surfaces, and compliance woes.

Streamline access requests, automate entitlement reviews, support just-in-time access, enforce least privilege, and reduce IT burden with Varonis.

A critical vulnerability in Microsoft 365 Copilot exposes the risks of unsecured AI agents and why a data-centric approach is crucial for protection.

Our experts share how the road to data loss is usually paved with good intentions, and strategies for federal agencies to combat unintended mistakes.

The Varonis MCP Server simplifies how customers use AI tools and agents to execute complex workflows.

Explore how DSPM evolves in the cloud, offering real-time visibility, automation, and compliance across dynamic, multicloud environments.

ClickFix tricks users into running malware via fake CAPTCHAs. Learn how this phishing tactic works — and how Varonis stops it cold.

Dayton Children's Hospital CIO J.D. Whitlock shares insights on cybersecurity in healthcare, including managing ransomware threats.

Varonis leads the DSPM market with more reviews than any other vendor, more verified five-star ratings, and the highest overall rating.

Discover the most overlooked gaps in data security strategies and how to close them with automation, visibility, and unified protection across platforms.

Varonis fuses Identity Protection into its leading Data Security Platform for accelerated breach prevention.

Learn how UEBA can help defend against identity-based attacks like the recent Coinbase breach.

Get details on a prominent threat group and defensive recommendations to keep your organization's sensitive data secure.

Discover how telemetry enhances cloud security by detecting threats, ensuring integrity, and enabling real-time monitoring across AWS, Azure, and GCP.

The Commvault Metallic breach highlights the importance of securing identities, vetting vendors, and enforcing strict access controls in the cloud.

Discover the data security risks in Snowflake and learn specific tactics to ensure safe practices.

Discover Varonis' latest features, including Azure CIEM enhancements, expanded classification tagging support, and improved reporting.

Varonis uncovered a BEC attack leveraging Microsoft 365 admin tools, revealing advanced attacker methodologies and exploitation of administrative privileges.

Understand the need for UEBA, the gaps it fills in the modern threat detection landscape, and the right ingredients for a strong solution.

We are excited to announce that Varonis has been recognized as a leader in the 2025 GigaOm Radar for Identity Threat Detection and Response (ITDR).

Discover why commanders should expect their leaders to inspect, monitor, and secure every file as rigorously as every rucksack.

Varonis' 2025 State of Data Security Report shares findings from 1,000 real-world IT environments to uncover the dark side of the AI boom and what proactive steps orgs can take to secure critical information.

Varonis is proud to achieve FedRAMP Moderate Authorization, highlighting our commitment to data security for federal agencies.

See how Infrastructure as Code (IaC) enhances security, streamlines operations, and optimizes infrastructure management.

Adoption of AI applications has transformed how data flows in and out of the organization. DLP needs a zero-trust renaissance in a post-AI world.

Discover powerful strategies to secure SaaS apps, Microsoft 365, and AI tools like Copilot. Uncover how to safeguard your data and elevate cloud security.

Discover how a critical bug in AZNFS-mount could let attackers escalate privileges — and why updating to version 2.0.11 is vital for securing Azure Storage.

Corey Reed, the Senior Director of Information Security for HD Supply, discusses the importance of governance, risk, and compliance.

Cyber attackers are targeting IT admins using clever SEO tricks to disguise malicious payloads to push these threats to the top of search results.

AI doesn't just consume data — it reshapes how it's accessed, shared, and exposed. Understanding what data security risks AI brings to your org is paramount.

Varonis announces the introduction of agentic AI to enhance the efforts of our world-class experts to provide customers with 24x7 data defense.

A shared responsibility for securing sensitive data amongst teams is crucial for organizational success.

AI Security is part of a growing set of AI-powered features in Varonis’ Data Security Platform that make data security effortless

Uncover the secrets of ransomware attacks on AWS S3 with SSE-C encryption. Learn how to safeguard your cloud data from emerging threats.

Discover Varonis' latest features, including Azure CIEM enhancements, expanded classification tagging support, and improved reporting.

Discover how phishing kits like SessionShark threaten MFA security and learn how Varonis AI-driven solutions proactively defend against advanced phishing attacks.

Silent and undetectable initial access is the cornerstone of a cyberattack. MFA is there to stop unauthorized access, but attackers are constantly evolving.

Together, Varonis and Pure Storage enable customers to proactively secure sensitive data, detect threats, and comply with evolving data and AI privacy rules.

Varonis and Concentrix aim to help large enterprises implement and harness AI safely and effectively while protecting what matters most — data.

Exploiting a security gap in firewall rule-naming can suddenly delete entire servers and targeted assets when combined with admin actions.

Misconstruing the nuances of Azure Networking and Firewalls can result in security gaps and data exposure.

RansomHub, the notorious ransomware group, has affected over 200 victims in industries such as IT, healthcare, finance, and more.

Data discovery and classification are the foundations for DSPM and data security, but how your data is scanned is more important than you may think.

Xanthorox AI is a modular, self-hosted Black-Hat AI tool for cybercrime. Varonis counters it with real-time detection of AI-driven email threats.

Full spectrum visibility into Azure data access, entitlements, and identities beyond CIEM and data discovery tools

Hal Wing, Centuri's Cybersecurity Manager, debunks cybersecurity's nickname and shares the importance of embracing emerging technologies.

Our latest report shows a significant rise in healthcare data breaches, posing severe risks to patient privacy and organizational integrity.

Discover Varonis' latest features, including new data governance, labeling, and AI security capabilities.

As 2025 unfolds, the world of cloud security and Kubernetes is rapidly transforming, presenting exciting new challenges and opportunities for growth.

With the passing of time, admins and users lose sight of inherited sharing from SharePoint sites and folders, and this lack of visibility creates data risk. This article discusses one such scenario known as the 'folder fallacy'.

Unlock the secrets to robust cloud security. Learn how to tackle common challenges and protect your organization from data breaches and cyber threats.

Rippling, a leader in workforce management software, filed a lawsuit against its competitor, Deel, accusing it of planting a spy and exfiltrating customer and competitive information. This blog unpacks how it happened and how it could have been prevented.

Automatically enforce data governance, lifecycle, and compliance policies without writing any code. Seamlessly copy and move data—cross-domain or cross-platform—without the risk of breaking permissions or interrupting business. 

Strategic DAM acquisition accelerates our mission to deliver AI-powered data security for all data, everywhere.

Insights from Varonis' Craig Mueller's on the rise in AI and the need for data security in the public sector.

Instead of using advanced tools or complex scripts, skilled threat actors infiltrate systems and steal data using the most effective weapon of all — words.

Varonis Threat Labs profiles Salt Typhoon, an APT group that is responsible for a series of breaches targeting U.S. infrastructure and government agencies.

With massive amounts of healthcare data and life-or-death scenarios depending on accurate information, a solid data governance policy is critical.

Varonis eliminates risks, finds and remediates exposure, and detects anomalous behavior with the most complete Salesforce security product on the planet.

Varonis is recognized in The Forrester Wave™ for its strongest Current Offering and Strategy, receiving more 5/5 scores than any vendor evaluated.

AI-related questions and answers for business leaders. If you're trying to build more productive and secure AI strategies, these are the FAQS for you.

Moving to the cloud brings several benefits, but it also means dealing with new security issues.

Discover Varonis' latest features, including automated Google Workspace labeling, Azure Blob exposure remediation, Entra ID group remediation, and more.

Varonis' newest international data centers in India help customers comply with local regulatory frameworks and data privacy sovereignty rules.

In the rapidly evolving digital landscape, cloud governance has emerged as a crucial framework for organizations using cloud technologies.

The risks associated with cloud environments are only growing. This blog highlights the basics of cloud security to secure data in the cloud.

Discover how Astaroth phishing kits bypass security, offer bulletproof hosting, and how Varonis protects businesses from advanced cyber threats.

Discover the risks of enabling Agentforce without proper data security and learn specific tactics to ensure a safe deployment.

Understand the security implications of employees using DeepSeek, such as shadow AI, and how your organization can immediately mitigate risks.

Discover Varonis' latest features, including recommendations for right-sizing access in AWS, new M365 remediation policies, and enhanced search management.

Discover how the Devil-Traff bulk SMS platform fuels phishing attacks with spoofing and automation.

A new ransomware threat is targeting users of AWS S3 Buckets, which could be a lose-lose scenario for unprotected organizations.

Learn about recommended changes to the HIPAA Security Rule in the latest Notice of Proposed Rulemaking (NPRM) and discover how health organizations will be impacted.

Craig Mueller, VP of Federal at Varonis, compares how cybersecurity trends have evolved over time and why data should remain at the top of the list.

The AWS leader discusses generative AI's future and his role in stopping the first cybercriminal.

GigaOm, a leading analyst firm, recognizes Varonis for behavioral analytics, access security, service integration, & continued innovation in AI & automation.

Take these immediate actions to enhance your security posture significantly when creating a new AWS account.

Learn how a lightning-fast phishing attack mimicking Black Basta tactics was quickly stopped by Varonis Interceptor.

Aaron Ansari, virtual CISO of Exela Pharma Sciences, shares his insights on proactive planning, organizational control, and what it takes to be an Ironman.

Discover how PhishWP, a malicious WordPress plugin, turns trusted sites into phishing traps and how to protect yourself with Varonis.

This blog examines AWS S3 bucket namesquatting, methods to address the issue, and how Varonis can prevent this and other data security problems in AWS.

Discover the power of Varonis' automated labeling and how it can be an important element in securing your sensitive data.

Discover Varonis' latest features, including support for Databricks and ServiceNow, automated threat responses, and more.

Learn what data masking is, why it matters, and how to automatically protect sensitive data in cloud databases using dynamic, policy-based masking techniques.

Modern Data Security Platforms (DSP) must integrate identity risk and context for effective posture management, threat detection, and response.

AWS' new Resource Control Policies (RCPs) aim to improve control over resource access. However, organizations should approach implementation with caution.

This AWS vs Azure vs Google comparison evaluates these public cloud providers including pricing, computing, storage and other features.

Our latest research report examines cyberattacks reported in 2024, deep-diving into how they occurred, the consequences, and how you can protect your org.

Varonis now supports ServiceNow, enabling ServiceNow customers to secure their sensitive data, prevent breaches, and comply with regulations.

Learn why threats to the cybersecurity space might not be as advanced as they seem and gain strategic advice on developing your security plan.

Learn new, advanced phishing tactics being used by attackers and how your organization can combat them.

Discover Varonis' latest features, including Google Cloud support, Database masking, AWS access graph, and more.

Varonis’ support for Google Cloud brings a unified and automated data security approach to major cloud providers.

Discover and classify sensitive data stored in MongoDB with pinpoint accuracy to properly identify and secure critical information.

Cybersecurity in the healthcare sector is crucial. Learn strategies to strengthen your security posture with these insights.

Varonis discovered a vulnerability (CVE-2024-10979) in the Postgres trusted language extension PL/Perl that allows setting arbitrary environment variables in PostgreSQL session processes.

Discover and protect critical data stored in Azure databases with Varonis' industry-leading cloud data security.

Discover how GoIssue targets GitHub users, posing significant risks to developers and organizations.

The new organizational messages feature for Microsoft 365 enhances how IT and security teams communicate with users at scale, but also generates risks.

Tighten your cloud security posture with the ability to automatically visualize the AWS blast radius and cut off access paths to data.

Discover Varonis' latest features, including new automated remediation policies, Box Zones support, autonomous database classification, and more.

The Salesforce pro discusses how security has evolved and the surprising characteristic unique to the cybersecurity field

Discover how to apply the new NIST CSF 2.0 to Microsoft 365 Copilot and how Varonis can help.

Explore novel anti-bot services advertised on the dark web, how they bypass Google's Red Page, and the issues security teams have in defending against them.

Discover how Tampa General Hospital safely deployed Microsoft 365 Copilot to tackle administrative tasks with Varonis.

The Salesforce leader emphasizes the importance of securing sensitive healthcare data

We’ve compiled the most important cybersecurity stats and trends regarding cybersecurity, so institutions can keep their sensitive data safe and secure.

The Microsoft CTO discusses emerging threats and the challenges of cloud migration.

Understand the risk of Large Language Models (LLMs) to your cloud security and why it's important to be cautious when adopting new technologies.

A series of vulnerabilities in OpenPrinting CUPS Software indicates an attack vector for RCE, one of the worst possible consequences for a vulnerability.

Discover Varonis' latest features, including Salesforce high-risk permissions remediation, SIEM and ticketing integrations, and expanded database coverage.

Understand a threat actor's mindset to strengthen your security posture with mitigation tips from Varonis' forensic experts.

The Salesforce leader shares insights on DLP, supporting security teams, and essential cybersecurity principles

Identify and automatically remediate high-risk Salesforce permissions to reduce risk and improve your SaaS security posture.

Varonis Threat Labs uncovered a vulnerability in Salesforce's public link feature that threat actors could exploit to retrieve sensitive data.

Mike Taylor, the Hospital Ship Joint Task Director at the U.S. Department of Defense, shares his responsibilities in securing the USNS Mercy and USNS Comfort and challenges the conventional views of military ships.

Yohan Kim, Distinguished Security Technical Architect for Salesforce, gives insight into AI functionality and customer sentiments on Varonis' Speed Data show.

Discover the key use cases for data security posture management (DSPM) and why this framework is only one part of a holistic data security approach.

Varonis enables organizations to identify and remediate misconfigured Salesforce Site guest permissions that expose sensitive data publicly.

Discover the challenges the new SEC cybersecurity guidelines present for your CISO and learn tips on how to handle them at your organization.

Learn more about Varonis’ new AI data classification, EDR integrations, MDDR executive dashboard, Azure permissions analysis, and more.

Discover how a recent data extortion campaign exposed sensitive files in thousands of AWS environments and what you can do to prevent it from happening to you.

Aflac CISO Tim Callahan shares his favorite aspects of cybersecurity and what challenges him the most.

An overview of the world’s first comprehensive AI regulation, its compliance requirements, and how to prevent penalties of up to €35 million ($38 million).

Varonis now integrates with leading EDR providers Microsoft Defender for Endpoint and SentinelOne, expanding our MDDR visibility to customers’ endpoints.

Varonis' new LLM-driven data scanning gives customers a deeper business context with unmatched precision and scale.

Learn more about Varonis’ New NoSQL database support and expanded Salesforce exposure remediations.

The VP and Distinguished Engineer at Query explains what most organizations get wrong about cloud security.