Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session


Data Security


Windows 10’s Security Reboot, Part III: FIDO and Beyond

FIDO’s Universal Two Factor (U2F) is intended to make it easy for companies to add a strong second factor to their existing crypto infrastructure. Most of us are probably not...

Read More

Interview With Alexandra Ross, The Privacy Guru

Alexandra Ross is not your ordinary attorney practicing privacy law. Her CV includes a stint as Associate General Counsel for Wal-Mart Stores, where she built this giant retailer’s privacy policies...

Read More

How Varonis Helps with NIST

In 2013 the President directed the National Institute of Standards and Technology (NIST) to develop a framework for reducing cyber risks to critical infrastructure.  And on February 12, 2014, NIST...

Read More

PCI DSS Explained: Our New White Paper Decodes the Complexity

The Payment Card Industry Data Security Standard (PCI DSS) is not just another list of requirements for protecting data. In 2013, the number of credit and debit card transactions worldwide...

Read More

Interview With NYU-Poly’s Professor Justin Cappos: Security Lessons From Retail Breaches

I had the chance to talk with cyber security expert Justin Cappos last month about the recent breaches in the retail sector. Cappos is an Assistant Professor of Computer Science...

Read More

Are You Smarter Than a Hacker? [CONTEST]

They’ve broken into the largest retailers, key government agencies, and major social media companies, stealing tens of millions of credit card numbers, email addresses, and sensitive data. They’re experts at...

Read More

Phishing Attacks Classified: Big Phish vs. Little Phishes

The CMU CERT team I referred to in my last post also has some interesting analysis on the actual mechanics of these phishing attacks. Based on reviewing their incident database, the...

Read More

Authentication Lessons from the Magic Kingdom: A Closer Look at Kerberos, Part I

The flaws in NTLM I’ve been writing about might lead you to believe that highly-secure authentication in a distributed environment is beyond the reach of mankind. Thankfully, resistance against hackers...

Read More

A Closer Look at Pass the Hash, Part III: How NTLM Will Get You Hacked (and What You Should Do About It)

I was about ready to wrap up this series of posts on PtH and make my larger point, which is that you should assume hackers will break into your system...

Read More

What’s the Difference between Hacking and Phishing?

Because I’ve boldly assigned myself the task to explain hacking and phishing, I feel compelled to define both terms concisely because, as Einstein’s been quoted countless times, “If you can’t...

Read More

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.