Varonis for
Exchange & Exchange Online
Harden your Exchange security and alert on abnormal email activity.
Challenge
Exchange servers can hold some of your organization’s most sensitive secrets. That, combined with the difficult task of safely configuring and monitoring Exchange Server and Exchange Online, makes email servers a primary target for attackers and insiders.
Would you know if a hacker escalated privileges, read the CEO’s email, and marked messages as unread, and created an auto-forward rule? Compromised email accounts can be used for everything from social engineering to exfiltrating sensitive data to jeopardizing the security of an entire network.
Solution
With Varonis, you can detect sophisticated threats to Exchange and proactively reduce overexposure. Manage and reduce risk for both Exchange and Exchange Online with intuitive dashboards that highlight misconfigurations and anomalous activity.
Get high-fidelity alerts on permission changes, unusual mailbox access, suspicious changes in send/receive volume compared to the user’s baseline, malicious attachments, and geo-hopping.
Detect unusual email access and configuration changes.
Visualize your Exchange permission structures to ensure only the right people have access to important mailboxes and public folders. Limit access changes to permissions to a small group of admins. Archive and delete inactive users to enforce least privilege.
Visualize data risk from Exchange.
Imagine asking, “How many people have access to our CFO's inbox?” and getting an instant, accurate answer. Dynamic dashboards enable you to easily monitor exchange mailboxes, mailboxes with unusual permissions, public folders, and more. Proactively remove unnecessary access and keep risk low.
Alert on suspicious email behavior.
Varonis’ behavior-based threat models can spot email anomalies out of the box. Alert on activity from blacklisted locations, automatic forwarding, and malicious attachments. Investigate incidents faster with a complete audit trail of mailbox access activity and correlate mailbox events with events in Active Directory, M365, on-prem files.