Varonis Announces Identity Protection to Unite Identity and Data Security

Today, we are excited to announce Varonis Identity Protection – a fully integrated suite of solutions providing comprehensive identity resolution, identity posture management, and ITDR – seamlessly woven throughout Varonis’ leading Data Security Platform. With Varonis Identity Protection, customers can identify and prevent identity-based threats before they impact data.

Fusing identity with data security is paramount. Most breaches – 88% according to leading sources -begin with compromised identities. And like data risk, identity risk is growing faster than ever due to expanding cloud footprints and widespread adoption of AI applications.

To overcome this growing risk, Varonis has integrated identity protection capabilities into its end-to-end approach to data security. Read on to learn more about how Varonis Identity Protection works and what sets us apart from other data security and identity solutions.

Protecting identity to secure your data

Most identity security tools operate in a vacuum — with no understanding of the critical data each identity can access or how they’re accessing it. 

Varonis connects the dots between identities and data, helping organizations automatically reduce access to their most sensitive data, fix identity posture issues, and stop identity-based threats — including those originating from insiders, stolen credentials, and AI tools and agents.

Often, threat actors circumvent standard MFA and conditional access policies to gain unfettered access to an organization's most valuable asset: data. Standalone DLP and DSPM solutions fail to detect a compromised user once they have successfully authenticated.

Varonis Identity Protection covers this blind spot without needing a separate identity tool or XDR add-on. Varonis’ integrated approach provides a unified experience for security admins, along with automated alerting and remediation. Security teams stop breaches rather than creating a task list.

Key Capabilities of Varonis Identity Protection:

Identity Resolution

Organizations benefit from direct integration with identity providers like Entra ID, Okta, and local Active Directory to provide security teams with a complete view of a user’s identity fabric. Varonis seamlessly maps accounts across an organization’s entire ecosystem to a single person and further correlates roles, memberships, and entitlements.

Visibility is then enhanced using proven machine learning techniques to classify which accounts associated with that user are privileged, executive, service, external, or non-human and machine.

The AWS and Azure Access Graphs are two recent examples of our innovation in identity resolution, allowing a full-spectrum awareness into what accounts have access to critical resources and why.

The Businesses at Work 2025 report shows companies with 2,000 or more employees deploy an average of 247 apps. Only through connecting related accounts can admins see risks and identity sprawl across the multitude of cloud apps and workloads. Security teams also can take swift action to decommission multiple accounts in the event of an insider threat by understanding the web of identities.

Companies have complex supply chains with as many vendors as they do cloud apps. The Varonis platform helps organizations understand where external and third-party accounts exist and diagnose their risky permissions and weak authentication controls.

Identity Posture Management

With change comes risk. Users can change titles and departments, join or leave the company, require access to new applications, and request temporary privileges to execute various projects throughout the year. Each of these changes, and any number of others, can create posture drift.

Varonis Identity Protection enables least privilege by right-sizing permissions and surfacing identities with excessive entitlements. Other solutions in the market focus primarily on Microsoft 365 data access or a single platform, whereas Varonis provides extensive cloud identity and entitlement management (CIEM) functionality for Azure, AWS, Google, and more.

Varonis also continuously flags stale or ‘ghost’ identities and unused entitlements susceptible to misuse, and remediates these identity-related risks with automation, rather than generating tickets. Customers can effortlessly revoke Entra ID group memberships based on organization-defined risk and offboard stale or disabled users. Data security teams and leaders reduce risk without burdening identity administrators.

Identity Threat Detection and Response

Varonis automatically alerts on and responds to leading identity threats. Varonis is the first Data Security Platform to fully integrate ITDR and was recently recognized by GigaOm as a leader in the space.

Organizations rely on Varonis’ ITDR capabilities to detect failed login attempts, password resets, changes to MFA policies, and multiple forms of lateral movement. Varonis Identity Protection also offers touchless alerting on brute force, password-spray, and other threats aligned to the MITRE ATT&CK framework.

These threat signals are correlated with AI-powered UEBA to identify additional changes in behavior for each account in the organization, human and non-human. The result is a complete threat picture – before, during, and after logging in.

End-to-end data security

Identity-based attacks are the No.1 threat to your data. Varonis Identity Protection supports end-to-end data security with the full identity context to prevent catastrophic breaches of sensitive information. The announced capabilities and our continued investment in advancing data security ultimately help reduce incident response times for customers, bring attacker dwell time closer to zero, and ensure that your data is secure.