Blog Varonis Products

Varonis adds SSPM functionality to DatAdvantage Cloud

SaaS misconfigurations can unintentionally expose valuable corporate data. The new Insights Dashboard from Varonis helps you find and fix these security gaps.
Avia Navickas
2 min read
Last updated April 5, 2024
Insights Dashboard

Contents

    Okta’s Business of Work study revealed that large organizations use an average of 175 different SaaS apps. Imagine how many different configuration settings, user- and role-level permissions, and API endpoints that represents. Enough to give any CISO a mild panic attack.

    That’s why Varonis is excited to announce new functionality in DatAdvantage Cloud that pinpoints org-wide configuration risks and provides recommendations for how to resolve them.

    Our new Insights Dashboard adds SaaS Security Posture Management (SSPM) functionality to DatAdvantage Cloud’s unmatched ability to find sensitive data across disparate SaaS apps, reveal who can access it, and monitor data activity for threats.

    If you’re a current DatAdvantage Cloud customer, you already have access to the new Insights Dashboard and can start managing configuration risk today!

    Leverage security expertise to close security gaps

    Varonis Threat Labs has discovered, disclosed, and documented countless SaaS vulnerabilities and misconfigurations to help strengthen the security of our favorite SaaS apps like Box, Zoom, Salesforce, and Jira.

    The Insights Dashboard incorporates the findings from our elite cybersecurity research team, so that any time they find a potential SaaS configuration risk, DatAdvantage Cloud will scan your environment and alert you if we think you’re exposed.

    Insights include dynamic findings, like an app with an abnormally high number of admins, or static risks, like the Einstein’s Wormhole risk in Salesforce or Jira’s No Time to REST misconfiguration.

    This new functionality acts as a force multiplier—extending our security research expertise to your own SaaS environment so that you can eliminate security gaps before attackers find them.

    Insights Dashboard - 1New Varonis Insights Dashboard highlights critical attack paths from SaaS misconfigurations.

    Examples of org-wide settings that the Insights tab would highlight for you include:

    • If single-sign-on (SSO) isn’t enabled for Salesforce
    • If MFA delete feature is not enabled for AWS CloudTrail
    • If domain-only drives in G-Drive can be modified by any user

    As critical SaaS apps release new updates, we monitor how those changes could impact your organization’s security and surface those findings for you to review.

    Understand and fix security gaps

    DatAdvantage Cloud doesn’t just show you security gaps, it also gives easy-to-follow recommendations to fix them.

    Insights dashboard - 2Playbooks explain how to resolve security issues.

    Once an issue is addressed, users can resolve the issue, removing it from their queue. If new findings related to an Insight surface later, the issue will be updated to notify security teams of additional attention that might be needed.

    Insights Dashboard - 3Checkmarks next to the Insight indicate that an issue has been resolved.

    The Insights Dashboard groups Insights from multiple accounts (or tenants) in each SaaS app for easy triaging. For example, issues with Salesforce production, staging, sandbox, and dev environments would all be grouped:

    Insights Dashboard - 4The Insights Dashboard groups Insights from the same app, but different accounts, together.

    Build a robust cloud security program

    Misconfigurations are one way that cloud apps can potentially put your data at risk. When thinking about securing your data in SaaS apps, consider:

    • Cloud misconfigurations—SaaS apps’ frequent releases and configurability can act as a double-edged sword—while they bring new functionality, they also are difficult to keep up with. A small misconfiguration can leave a big security gap that could expose sensitive data.
    • Exposed sensitive data—complex permissions and easy sharing make sensitive data really difficult to protect. Rogue insiders or external attackers can end up with access to data they shouldn’t have, putting data at risk for compromise.
    • App interconnectivity risk—SaaS apps are often more valuable when they’re integrated, but interconnectivity via APIs can make it easy for attackers to move laterally.

    When building a SaaS and IaaS security strategy, it’s important to keep all of these vectors in mind. With the benefits of SaaS come some added risks, but with the right monitoring and attention, the benefits can easily outweigh the risks.

    Free SaaS Risk Assessment

    Curious to see where you may have gaps or exposures in your cloud environment? Schedule a time to discuss a free cloud risk assessment lead by our world-class SaaS security experts.

    DatAdvantage Cloud is free to try and easy to setup. Simply point DatAdvantage Cloud at your existing cloud services and identity providers without any complex architecture changes or proxies.

     

    What should I do now?

    Below are three ways you can continue your journey to reduce data risk at your company:

    1

    Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

    2

    See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

    3

    Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

    Avia Navickas
    Avia Navickas Avia is a product marketing leader with over 10 years of experience at software companies big and small.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    varonis-recognized-as-gartner’s-customers’-choice-in-dspm
    Varonis Recognized as Gartner’s Customers’ Choice in DSPM
    varonis-recognized-as-gartner’s-customers’-choice-in-dspm
    Avia Navickas
    June 5, 2024
    Varonis leads the DSPM market with more reviews than any other vendor, more verified five-star ratings, and the highest overall product score.
    dspm-vs.-cspm-solutions:-bridging-data-and-cloud-security-with-varonis
    DSPM vs. CSPM Solutions: Bridging Data and Cloud Security With Varonis
    dspm-vs.-cspm-solutions:-bridging-data-and-cloud-security-with-varonis
    Nathan Coppinger
    October 27, 2023
    Explore the essential roles of DSPM and CSPM solutions, and see how Varonis uniquely enables you to bridge the gap between cloud and data security. 
    varonis-opens-australia-data-centre-to-support-saas-customers
    Varonis Opens Australia Data Centre to Support SaaS Customers
    varonis-opens-australia-data-centre-to-support-saas-customers
    Rachel Hunt
    April 11, 2023
    Australian expansion allows Varonis customers to achieve automated data security outcomes while following national standards for data privacy.
    varonis-leads-dspm-market-on-gartner-peer-insights
    Varonis Leads DSPM Market on Gartner Peer Insights
    varonis-leads-dspm-market-on-gartner-peer-insights
    Avia Navickas
    November 9, 2023
    As a leader in data security, Varonis is proud to be rated No. 1 in Gartner’s Data Security Posture Management category.