Meet DatAdvantage Cloud: Data-Centric Security for SaaS & IaaS

Today we’re happy to announce early access to DatAdvantage Cloud. Our new cloud-hosted solution brings Varonis’ data-centric security approach to AWS, Box, GitHub, Google Drive, Jira, Okta, Salesforce, Slack, and Zoom!

We’re hosting a launch event on Wednesday, May 26, at 12pm ET where you’ll see an in-depth product tour and have a chance to win a $250 Amazon gift card.

The dawning of a new era in cloud security

As the world continues to trend towards a global and decentralized workforce, companies have increased their reliance on cloud services and often require multiple disparate SaaS & IaaS products to meet their needs.

But securing data cross-cloud can be an operational nightmare.

Each service has its own data types, permissions models, and activity log formats. The lack of unified visibility and control over data within SaaS and IaaS services leaves businesses vulnerable to devastating breaches.

DatAdvantage Cloud solves this problem by connecting to your biggest and most important cloud apps and data stores to collect, normalize, and correlate identities, permissions, and activities.

The result? You get a single pane of glass that helps you visualize cross-cloud risk to sensitive data, alert on threats, and reduce your blast radius.

SaaS & IaaS coverage

In our initial release, DatAdvantage Cloud supports some of the most popular cloud apps and data stores:

• Amazon Web Services (AWS)
• Google Drive
• Box
• Salesforce
• Zoom
• Okta
• GitHub
• Slack
• Jira

DatAdvantage Cloud is cloud-native and easy to deploy. Simply point DatAdvantage Cloud at your existing cloud services and identity providers without any complex architecture changes or proxies.

Key features

Reduce your blast radius

DatAdvantage Cloud maps and normalizes permissions into a simple create, read, update, delete, and share model (CRUDS) so you can proactively reduce your blast radius. Answer critical questions in a heartbeat:

• Who has access to our sensitive product roadmap?
• How are they getting access?
• What are they doing with it?

Conduct fast cross-cloud investigations

DatAdvantage Cloud standardizes and enriches cloud events from all your cloud services, giving you simple answers to complex questions:

• Which external users have granted permissions in any SaaS app?
• Are any admins logging in without MFA?
• What config changes have watchlist users made across all our apps?

Alert on suspicious activity and policy violations

Prevent cloud account takeovers, insider threats, and inadvertent policy violations with cross-cloud auditing and alerting.

You can create your own alerts based on your organization-specific SaaS/IaaS rules, or leverage our out-of-the-box policies. DatAdvantage cloud has service-specific policies:

As well as cross-cloud policies that can detect issues no matter where they occur:

Connect cross-cloud identities

We automatically link user accounts, including personal accounts, across all your services into a single identity. Immediately see what a person can and does access enterprise-wide.

Uncover high-risk, over-privileged shadow identities (human and non-human) lurking in your corporate cloud services—from personal accounts to application tokens.

Quickly answer questions like:

• Is this a privileged user?
• A non-human user? App token? External?
• Is the identity stale or active?
• Is MFA enabled?

More reasons you’ll love DatAdvantage Cloud

Sensitive data loss prevention

• Apply enhanced monitoring to external and guest users and track risky sharing of sensitive information.

Shadow identity discovery

• Uncover high-risk, over-privileged shadow identities (human and non-human) lurking in your corporate cloud services—from personal accounts to application tokens.

SaaS permissions remediation

• Get a clear view of permissions across your cloud services with recommendations to eliminate excessive, inappropriate, or unused privileges.

Cross-cloud policy enforcement

• Out-of-the-box and custom policies help you spot risky configuration & data exposure changes, and deviations from service best practices.

Privileged account monitoring

• Track enrollment of new admins, admin account changes, and segregation of duty violations by admins.

Stale identity removal

• Remove unused admin accounts, stale privileged users, and terminated external contractors.

Secure offboarding

• Make sure employees and vendors don’t have access to any of your cloud services after they leave.

Unmanaged, non-SSO user tracking

• Easily track down non-federated personal accounts logging into your corporate cloud services.

Interested in a revolutionary new approach to cloud security? To be among the first to try DatAdvantage Cloud, take three minutes to apply to be part of our early access program!