Product Overview of Varonis
Varonis is a comprehensive data security platform designed to protect and manage sensitive data across various environments, including on-premises, cloud, and SaaS applications. Here’s a detailed look at what the product does and its key features:
Data Protection and Management
Varonis focuses on safeguarding enterprise data by connecting to and monitoring the systems where critical data resides. This includes on-prem data resources, cloud data resources, applications, directory services, and network devices. The platform collects, enriches, and normalizes metadata from these sources without the need for endpoint agents.
Key Features and Functionality
Data Discovery and Classification
Varonis automatically discovers and classifies sensitive data across the entire environment, creating a detailed record down to the file level. It identifies concentrations of sensitive data types such as PII, PCI, and PHI, and prioritizes them based on exposure, activity, density, metadata, size, and staleness. The platform uses incremental scanning to ensure scans are always current, even at petabyte scale.
Security Analytics and Threat Modeling
Varonis employs machine learning to build user behavior profiles and baselines for every user and device, enabling the detection of abnormal activities such as unusual file access, permissions changes, and geo-hopping. The platform includes hundreds of threat models based on real-world attack techniques, which become smarter over time as they learn the organization’s environment.
Activity Monitoring and Access Control
The platform aggregates, normalizes, and enriches data access events, access control changes, authentication events, and network events from various systems. This produces a unified, human-readable audit trail that serves as a system of record for all data security questions. Varonis also enforces least privilege access controls and recommends adjustments based on user activity patterns.
Automation and Remediation
Varonis performs automatic preventative and detective actions to secure data. Features include self-healing permissions, auto-repair of broken access controls, and auto-quarantine of rogue sensitive files. The platform can trigger customized automated responses to threat models to stop attacks in progress.
Perimeter Threat Detection
Varonis Edge provides real-time awareness of risky configurations and early indicators of compromise by correlating data access with edge telemetry. It detects suspicious VPN, DNS, and web activity and stops brute-force, C2, and data exfiltration attempts. Edge offers clean, human-readable events enriched with valuable context, enabling quick incident tracing back to the data.
Managed Data Detection and Response (MDDR)
Unlike traditional MDR services, Varonis MDDR focuses on threats to data. A global team of cybersecurity experts, threat hunters, forensics analysts, and incident responders investigate and respond to alerts 24x7x365, saving the organization’s team time and strengthening security.
Integrations
Varonis integrates with SIEM and SOAR systems, enhancing the organization’s existing security infrastructure. It also offers no-cost incident response and forensics support.
Additional Capabilities
- Efficient E-Discovery: Varonis enables efficient location of files with personal information across cloud and on-prem data stores, facilitating compliance and legal requirements.
- Data Loss Prevention (DLP): The platform enforces DLP policies to prevent sensitive data from leaving the organization’s network through various channels like email, web, and portable devices.
- Risk Management: Varonis helps organizations apply sensitivity labels to data, ensuring critical information is accessible only to authorized users, and provides risk assessment tools to identify and prioritize potential data security risks.
In summary, Varonis is a robust data security platform that offers comprehensive data discovery, classification, security analytics, automated remediation, and threat detection capabilities, making it a critical solution for safeguarding sensitive data across diverse environments.