Varonis for Salesforce

Salesforce data protection built for security teams

  • Prevent data exfiltration and insider threats.
  • Rapidly right-size Salesforce permissions.
  • Deploy in minutes without agents.

Reign in excessive access.

With complex roles, permission sets, and org-wide configurations, it’s virtually impossible to see which users can do the most damage in Salesforce. Varonis gives you a complete view of effective access for every Salesforce user so that you can easily right-size permissions and get to a least-privilege model.

Illustration_VaronisforSalesforce_ExcessiveAccess Illustration_VaronisforSalesforce_ExcessiveAccess_m

Meet your Salesforce safety net.

Locate sensitive data in hard-to-find places.

Varonis scans every file and attachment across your Salesforce instances, flags the sensitive ones, and shows you where you’re at risk.

Illustration_VaronisforSalesforce_SensitiveData Illustration_VaronisforSalesforce_SensitiveData_m

Stop attackers and rogue insiders.

If your top salesperson exported sensitive contracts and account lists before resigning, would you know? Varonis detects suspicious activity such as accessing an unusual number of records, escalating privileges, or disabling critical updates that could put your Salesforce data at risk.

Illustration_VaronisforSalesforce_InsiderThreat

Strengthen your SaaS posture.

Varonis monitors your Salesforce environment for misconfigurations that could expose data. We surface risks say, an app with too many adminsand incorporate findings from our research team, like the Salesforce misconfiguration we identified in 2021, coined Einstein’s Wormhole.

Illustration_VaronisforSalesforce_Insights Illustration_VaronisforSalesforce_Insights

Agentless data security for all your SaaS apps

okta.xo-1
amazons3.xo
box.xo-1
github.xo
slack.xo-1
jira.xo
amazon-web-services.xo
salesforce.xo
google-drive.xo
zoom.xo
Photo_Testimonial_VaronisforSalesforce
It was a gaping black hole. I’d heard horror stories about Salesforce permissions and how literally hundreds can be applied in a manner of different ways.
Senior Cybersecurity Engineer, Top Real Estate Organization Read the case study

Key features


Sensitive data discovery

Automatically find sensitive or regulated data in Salesforce record attachments.

Data loss prevention

Apply enhanced monitoring to external and guest users and track access to sensitive or regulated information.

Shadow instance discovery

Uncover shadow Salesforce instances that may not be monitored by your security team.

Salesforce entitlements

Get a clear view of effective permissions in Salesforce, including exactly what users can do and how they got that access.

SSPM and compliance

Discover critical misconfigurations and compliance violations that could expose sensitive data.

Forensics audit trail

Easily correlate user activity in Salesforce with other mission-critical SaaS apps, all in a single interface.


Privileged account monitoring

Track enrollment of new admins, admin account changes, and segregation of duty violations by admins.

Stale identity removal

Remove unused admin accounts, stale privileged users, and terminated external contractors.

Secure offboarding

Make sure employees and vendors don’t have access to your Salesforce instance after they leave the company.


Unmanaged, non-SSO user tracking

Easily track down non-federated personal accounts logging into your corporate Salesforce.


Cloud-native API deployment

Point DatAdvantage Cloud at your existing cloud services and identity providers without any complex architecture changes or proxies.