Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Read the report

Varonis for AWS

AWS data security and compliance

  • Prevent data exposure.
  • Fix misconfigurations.
  • Deploy in minutes without agents.
Gain clear visibility into your AWS environments.
Auto-classify sensitive AWS data.
Varonis scans every file stored in your Amazon Web Service S3 buckets, flags sensitive content, and shows you exactly where data is at risk with an easy-to-read file tree. We match results to more than 400 classification policies and use proximity-matching, negative keywords, and algorithmic verification to reduce false positives.
Illustration_AWS_AutoClassify_FNLIllustration_AWS_AutoClassify_FNL_Mobile

Prevent data exposure in AWS.

Varonis simplifies permissions in AWS, showing you exactly who can access your critical data. Quickly spot excessive permissions, find publicly exposed S3 buckets and EC2 instances, and pinpoint org-wide settings or misconfigurations that could put your data at risk.
Illustration_AWS_Bidirectional_Permissions_FNL

Detect and respond to abnormal AWS activity.

Varonis closely monitors activity on your S3, EC2, and IAM resources to detect suspicious or malicious behavior that puts your critical data at risk. We connect identities across cloud platforms to provide a holistic view of a user’s activity across the ecosystem.
Illustration_AWS_AbnormalAWSActivity_FNL
We protect your cloud data and SaaS apps.
okta.xo
amazons3.xo
box.xo
github.xo
slack.xo-1
jira.xo
amazon-web-services.xo
salesforce.xo
google-drive.xo
zoom.xo
Photo_Testimonial_DAC
“Being able to discover risky identities, right-size access, and detect their misuse on the same platform not only makes the security process easy to manage but also provides additional protection when incidents occur.”
CISO, Appsflyer Read the case study

Key features


Sensitive data discovery

Automatically find sensitive or regulated data in AWS S3 buckets.

Data loss prevention

Apply enhanced monitoring to external and guest users and track access to sensitive or regulated information.

AWS entitlements

Get a clear view of effective permissions in AWS with recommendations to eliminate excessive, inappropriate, or unused privileges.

SSPM and compliance

Discover critical misconfigurations and compliance violations that could expose sensitive data.

Forensics audit trail

Easily correlate user activity in AWS and S3 with other mission-critical SaaS apps, all in a single interface.


Privileged account monitoring

Track enrollment of new admins, admin account changes, and segregation of duty violations by admins.

Stale identity removal

Remove unused admin accounts, stale privileged users, and terminated external contractors.

Secure offboarding

Make sure employees and vendors don’t have access to any of your cloud services after they leave.

Unmanaged, non-SSO user tracking

Easily track down non-federated personal accounts logging into your corporate cloud services.

Cloud-native API deployment

Simply point Varonis DatAdvantage Cloud at your existing cloud services and identity providers without any complex architecture changes or proxies.