Latest articles
Threat Update 67 - Jira Permission Leaks
Dec 03, 2021
Jira can be an interesting attack target for recon, lateral movement, and exfiltration - but it is made all the more dangerous by a simple permissions misconfiguration at the heart of hundreds of exposed Jira instances discovered by the Varonis Threat Research Team.
Threat Update 66 - Not The "Cloud Solution" You Are Expecting
Nov 22, 2021
To celebrate Thanksgiving in the U.S., Kilian and Ryan discuss a solution that contains the closest thing they can find to actual tiny clouds, as well as additional elements necessary...
Threat Update 65 - What is Cloud Security Posture Management (CSPM)?
Nov 19, 2021
Kilian and Ryan O'Boyle from the Varonis Cloud Architecture team cover what a Cloud Security Posture Management (CSPM) is designed to protect, key features and capabilities, as well where it fits into the overall cloud security stack.
Threat Update 64 - Escaping Einstein's Wormhole
Nov 12, 2021
If your organization created a Salesforce Community prior to Summer 2021 you could accidentally leak sensitive information publicly unless you take steps now to remediate.
Threat Update 63 - Moving To The Cloud Doesn't Mean You Don't Own The Data Risk
Nov 05, 2021
Leveraging cloud solutions can alleviate some legacy infrastructure risks but can bring data protection challenges to the forefront. Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team discuss...
Threat Update 61 - When Work and Home SaaS Use Blurs, Expect the Unexpected
Oct 22, 2021
Businesses can face unexpected risk as the lines between corporate and personal SaaS apps begin to blur - especially as users introduce sensitive or regulated content into a corporate SaaS app.
ReConnect - Tackling SaaS Security
Oct 19, 2021
Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team answer audience questions from the Virtual Connect event about how the CISO of a global communications firm approaches cloud security and minimizes risk across a wide variety of cloud platforms.
Threat Update 56 – SSO Imposter: Targeting Box
Sep 20, 2021
In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker…
Threat Update 55 – SSO Imposter: Targeting Google
Sep 15, 2021
In part two of this three-part series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team investigate how an attacker who compromised a single sign-on admin account can…
Threat Update 54 – SSO Imposter: Intrusion
Sep 07, 2021
Virtually every organization leveraging more than a few cloud offerings has a single sign-on solution to simplify the management of their various cloud apps. With a little careful planning, attackers…
Threat Update 53 – ProxyShell and PetitPotam and Ransomware… Oh My!
Aug 31, 2021
Technology grows, evolves, and changes over time, but most organizations often need to support legacy systems. In the Microsoft world, this typically means keeping legacy authentication protocols like NTLM authentication…
Threat Update 52 – 2021 SaaS Risk Report
Aug 23, 2021
Cloud solutions have changed the way we do business, allowing organizations to leverage the scale and flexibility of SaaS, and IaaS platforms, and support an increasingly mobile “work from anywhere...
Try Varonis free.
Deploys in minutes.