Today, we’re excited to introduce the Varonis Model Context Protocol (MCP) Server — a powerful new way to access and orchestrate the Varonis Data Security Platform through AI clients like ChatGPT, Claude, and GitHub Copilot.
With the Varonis MCP Server, customers can use their AI tools and agents of choice to execute complex workflows that previously required multiple tools, API calls, and technical expertise.
Imagine being able to prompt your favorite AI tool to:
- "Get the last three high severity alerts from Varonis, sorted by MITRE ATT&CK technique, and update any related ServiceNow tickets with the details.”
- "Run a remediation to remove all stale guest accounts in Entra ID that haven't accessed data in over 180 days."
- “Build a compliance report that lists all databases and tables throughout AWS and Azure that contain employee PII.”
That's the power of the Varonis MCP.
Revolutionizing data security with MCP
MCP transforms how we interact with AI models. Generative AI tools, like copilots, provide answers. AI agents take actions. An MCP server orchestrates, using APIs, AI agents, and models in tandem to get things done.
The Varonis MCP Server isn’t just a chat layer on top of our Platform. Instead, it’s a command center for orchestrating real outcomes using AI.
Use it to:
- Turn any AI client into a data security analyst. Ask ChatGPT, Claude, or GitHub Copilot to investigate anomalies, summarize posture issues, or assess a specific user's blast radius.
- Chain complex workflows across tools. Remediate risky access, update tickets, notify teams, and document actions — all from a single prompt.
- Automate investigations and remediations. Get enriched context around alerts, map them to threat actors and IoCs published on the web, and trigger response playbooks instantly.
- Work in natural language and execute with precision. There is no need to know which API to call. No Python scripts. Just ask, and the MCP Server figures out the rest.
How the Varonis MCP Server works
Using the Varonis MCP Server is simple:
- Open your AI tool of choice (e.g., GitHub Copilot in VS Code).
- Ask a natural language question: "List the files from the last scheduled search and download them to this folder."
- The MCP Server gets to work, calling the right Varonis APIs and completing the task in seconds.
Here's a quick demo video showing how to investigate and respond to Varonis alerts right from GitHub Copilot. We respond to an attack, including cross-referencing the artifacts found by Varonis with VirusTotal, creating a ticket in ServiceNow, and initiating a SOC response.
From Athena AI to the agentic AI enhancements in our Managed Data Detection & Response (MDDR) service, Varonis continues to lead in AI-powered data security. The Varonis MCP Server builds on this foundation, offering a new way to harness our Platform's full potential.
The Varonis MCP Server is currently in private preview. Customers can access it via the Varonis Developer Hub. Stay tuned as we expand its API coverage and supported use cases
What should I do now?
Below are three ways you can continue your journey to reduce data risk at your company:
Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.
See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.
Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.
-1.png)
