Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

Varonis Launches Third-Party App Risk Management

Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
Nathan Coppinger
3 min read
Published April 25, 2023
Last updated May 10, 2023

Third-party apps add a lot of value to end users and are easy to connect to corporate SaaS platforms (think of an Outlook plug-in for Salesforce, for example). The problem is that end users can grant third-party apps permissions to corporate applications and data without the security team’s oversight or approval.

Third-party apps often create SaaS-to-SaaS connections that sync data from your sanctioned cloud to the third party’s cloud. This creates a supply chain risk, especially if the third-party provider has weak security practices.

Notes.io app requestUsers connect third-party apps to their corporate SaaS accounts.

Security admins have very little visibility or control over these applications without a central control panel to manage and monitor risky integrations.

Varonis finds third-party app connections to your SaaS environment, scores their risk level, and identifies what permissions they have. From there, you can remove users from apps or remove apps altogether to control risk and reduce costs. 

Authorized apps

View all of a single user's connected apps.

With Varonis’ new third-party application risk management capabilities, organizations can gain unprecedented visibility and control over third-party apps connected to Salesforce, Google Drive, Microsoft365 and Azure by:

Identifying third-party app risk

  • Gain a clear view of third-party application risk with intuitive dashboards.
  • View the scope of their permissions in a simple CRUDS model.
  • A bi-directional view of permissions provides insights into each app's connected users.

Monitoring application activity and use

  • Closely monitor application activity.
  • Save money by identifying unused apps or users that can be removed.
  • Detect and alert to risky actions performed by third-party apps.
  • Identify stale apps or stale user access.

Reducing third-party app risk

  • Remove applications from your platforms entirely.
  • Remove individual user permissions from third-party applications.

Gain a clear overview of third-party application risk with Varonis.

Our third-party app risk dashboard provides a complete overview of the apps connected to your environment. You’ll see the total number of apps in your environment, whether active or stale, the level of risk they pose, and if they have been verified by admins — along with other key risk indicators.

Third party app risk dashboardGain a centralized view of third-party app risk across your environment.

From this dashboard, admins can drill down into each application to understand the scope of their access and the risk they may pose.

Analyze the scope of application permissions.

When you potentially have dozens of applications connected to each corporate SaaS product, analyzing permissions is a near-impossible task using native security tools alone.

Varonis gives you a clear picture of the effective permissions of each third-party app. We break third-party app permissions down to a simple to understand CRUDS (Create, Read, Update, Delete, and Share) model — just like we do for end users — making it simple to understand an app’s effective permissions and the risk they pose to sensitive data. 

Application scope

Drill down to view each app's permissions.

With our bi-directional permissions view, you can also see all the users using a single app or click a user and see every application they have connected.

You may have applications that only a single user uses (and we’ll call this out in the dashboard), or there may be a popular app with hundreds of users connected to it. 

This view lets you measure third-party app usage, so you can right-size access and remove stale apps entirely. Reduce risk and your license costs at the same time!

You’ll see which admins and other privileged users have third-party apps connected to their accounts. Since Varonis monitors the activity performed by each app, we can detect suspicious behavior and answer the question: “Did this app abuse its privileges or access sensitive data?” 

Remove third-party app access.

Varonis can revoke an app’s access to your environment entirely if you have deemed it unnecessary or too risky to leave connected.

Selected for RemovalRemove app connections directly from the Varonis interface.

Leaving stale applications in your environment opens you up to the chance that a vulnerability is discovered within it. A malicious actor could use that vulnerability to gain access to your environment and sensitive data.

Reduce costs.

Along with reducing risk, Varonis’ remediation capabilities can help organizations reduce costs and save money. If you have a third-party app that charges per user, you can easily find the users that do not use the app and remove their access to reduce costs. 

Additionally, you may find that you’re paying for an app that almost no one uses, so you can decide if you want to renew your contract with the vendor. 

Monitor application activity and detect risky actions.

Not all applications are created equal. While most major platforms with app marketplaces vet new apps, they can still have vulnerabilities that could one day be exploited to gain access to your environment. 

There is also the chance that a malicious actor hid malware in an otherwise legitimate-looking app, and it could begin accessing and exfiltrating sensitive data right under your nose. A malicious app could even hijack a privileged account and make dangerous configuration changes in your cloud environments.

Just like with human users, Varonis tracks the activity of all your third-party applications and provides a complete and easy-to-read audit trail of cross-cloud events. We’ll detect any unusual or risky activity and alert you in real-time, so you can immediately investigate and remove the offending third-party app.

Rogue app indication-1Detect and investigate risky third-party app activity.

We can also monitor user activity related to third-party apps to detect risky actions, such as when many users connect to a high-risk app, significantly increasing your attack surface. 

Get started managing third-party app risk with Varonis.

It only takes 15 minutes to start discovering and managing third-party app risk with Varonis. Sign up for a free risk assessment today!

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

varonis-brings-data-security-to-nasuni-cloud-nas
Varonis Brings Data Security to Nasuni Cloud NAS
We’re excited to announce that, in an upcoming release, the Varonis Data Security Platform will bring data-centric audit and protection to Nasuni Enterprise File Services. Nasuni is a key Varonis...
varonis-expands-dspm-capabilities-with-deeper-azure-and-aws-support
Varonis Expands DSPM Capabilities with Deeper Azure and AWS Support
Varonis is expanding its IaaS coverage to AWS databases and Azure Blob Storage, strengthening the CSPM and DSPM pillars of our Data Security Platform.
defending-your-cloud-environment-against-lapsus$-style-threats
Defending Your Cloud Environment Against LAPSUS$-style Threats
Varonis breaks down the recent LAPSUS$ hacks and provides best practices for defending your cloud environment against LAPSUS$ style threats
meet-datadvantage-cloud:-data-centric-security-for-saas-&-iaas
Meet DatAdvantage Cloud: Data-Centric Security for SaaS & IaaS
Today we’re happy to announce early access to DatAdvantage Cloud. Our new cloud-hosted solution brings Varonis’ data-centric security approach to AWS, Box, GitHub, Google Drive, Jira, Okta, Salesforce, Slack, and…