Varonis Announces Proactive Incident Response for SaaS Customers

Varonis offers the brightest minds in offensive and defensive security, watching your data for threats.
Yumna Moazzam
3 min read
Last updated April 17, 2023

Security teams are stretched thin — inundated by endless alerts and plagued by false positives. To help ease the burden, Varonis began offering incident response assistance to customers who reached out for help. 

Over the past few years, we investigated thousands of incidents and compiled countless stories from happy customers who have tapped our team to help stop a breach.

Today, we're taking our mission of providing effortless outcomes to a whole new level.

Announcing Proactive Incident Response for Varonis SaaS customers. With this new offering, Varonis SaaS customers will be assigned a dedicated incident response analyst who will watch their alerts, investigate suspicious activity, and call them if we see a problem.

Varonis SaaS customers can rest assured that even if they're not looking at their alert dashboard every day, our world-class team will be keeping a watchful eye on their data. Another monumental step in our quest for truly effortless outcomes.

A platform, a team, and a plan

Our incident response capabilities are built atop Varonis’ best-in-class data detection and response product, decades of cybersecurity experience, and a battle-tested playbook.

Varonis' user and entity behavior analytics (UEBA) is unique because we start with data. We watch how users and devices interact with data, learn their normal behavior, and alert on meaningful deviations. When we see an alert, we can dive into the Varonis audit log, see what data was touched, collect forensics artifacts, and take action. 

"The investment we've made in Varonis has been immeasurable in finding and stopping cyberattacks. The Varonis team proactively reaches out to me with true incidents, rather than just surfacing more alerts for my team to manage," says Scott Mercer, Director, Cybersecurity and Technical Services, KU Endowment.

I sleep better at night knowing that we have an extra set of eyes watching our environment.

Forensics and threat research expertise

Cybersecurity support doesn’t stop with the incident response team. For advanced threats, we have a forensics team that is trained to think like attackers. They reverse-engineer malware, assist with APT investigations, and perform threat hunting.

They also perform Cyber Resiliency Assessments for customers — a four-week red team/blue team exercise to stress-test a customer's security stack against the latest adversary tradecraft. The exercise ends with a full report of strengths and weaknesses, along with areas of opportunity to strengthen detections.

Beyond forensics, Varonis employs a talented team of threat researchers called Varonis Threat Labs. With decades of military, intelligence, and enterprise experience, this team is responsible for evolving Varonis’ threat detection and response capabilities. They search for vulnerabilities in commonly used applications and work with those app companies to fix security gaps before they can be exploited by a hacker. As the team makes new discoveries, we build their findings into Varonis’ platform.

Tailored detection and response

In addition to tactical assistance with incident response, threat hunting, and alert prioritization, Varonis security operations experts provide strategic guidance and take preventative action to continuously improve customers' data security resilience.

As our incident response team watches customer alerts, they proactively optimize the platform’s alerting so that it's tailored to the organization. They can make recommendations for and help configure automated responses to certain alerts to stop active threats like ransomware before they do damage. They can also build custom threat models to suit an organization’s specific detection needs. All of this is possible because of Varonis’ flexible, agile platform that allows for rapid response.

Regular risk reviews  

Our team will escalate major incidents to your organization and reserve minor findings for our regular check-ins. Varonis engineers will meet with your team to review these issues and explain each result, providing you with personalized recommendations for where you can improve your security posture. As we monitor your environment, we look for data exposure risks, such as sensitive data shared externally or admin accounts without MFA, and help you prioritize what to fix and how.

Meet some of your new security analysts

Our Proactive Incident Response team is made up of some of the brightest minds in offensive and defensive security. They’re based all over the world, ready and available to help protect your data.

Varonis Security Experts

Get effortless security outcomes with Varonis

Proactive Incident Response is our latest announcement of offerings focused on delivering effortless outcomes with automation.

Earlier this month, we announced least privilege automation for Microsoft 365, Google Drive, and Box and a new customizable data security posture management (DSPM) dashboard. Last week, we also launched automated posture management to automatically fix security risks and non-compliant configurations across customers’ cloud environments.

Proactive Incident Response is available now for Varonis SaaS customers. Varonis takes just minutes to install and provides data security insights instantly. Sign up for a complimentary Data Risk Assessment to evaluate your security posture and get expert help on how to tackle your biggest data exposure risks.

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

varonis-maps-cloud-security-alerts-to-mitre-att&ck
Varonis Maps Cloud Security Alerts to MITRE ATT&CK
In Varonis’ latest update of DatAdvantage Cloud, we’re layering MITRE ATT&CK tactics and techniques over cloud alerts to aid in faster incident response.
reconnect---ways-attackers-sidestep-your-endpoints
ReConnect - Ways Attackers Sidestep Your Endpoints
One of the age-old questions in cybersecurity is, “Are my endpoint controls enough?” Spoiler alert, unfortunately not! Kilian and Brian discuss scenarios we’ve seen where sophisticated attack groups deliberately leverage...
reconnect---tackling-saas-security
ReConnect - Tackling SaaS Security
Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team answer audience questions from the Virtual Connect event about how the CISO of a global communications firm approaches cloud security and minimizes risk across a wide variety of cloud platforms.
defending-your-cloud-environment-against-lapsus$-style-threats
Defending Your Cloud Environment Against LAPSUS$-style Threats
Varonis breaks down the recent LAPSUS$ hacks and provides best practices for defending your cloud environment against LAPSUS$ style threats