How Varonis helps with the Federal Financial Institutions and Examination Council

The Federal Financial Institutions and Examination Council (FFIEC) is a U.S. government interagency that unifies the supervision of financial institutions, prescribes uniform principles, standards, and report forms. Various laws, including principally the Graham-Leach-Blilely Act’s 501(b) data safeguard requirements, give the FFIEC the power to establish a set of data security standards for banking and financial institutions. In setting […]

Continue Reading →

Penetration Testing Explained, Part III: Playing with RATs and Reverse Shells

Last week I broke into a Windows 2008 server and inserted a remote access trojan or RAT. Don’t call security, I did this in a contained environment within virtual machines. To continue on with my pen testing experiment, in this post I’ll explore a few basic steps and techniques used by hackers after they’ve entered […]

Continue Reading →

Top 4 Tips to Secure Active Directory


Active Directory serves as a hub for nearly every organization of any size – storing user identities, authenticating access, enforcing machine configuration policies, and more. Since access to almost all critical data and systems relies on Active Directory, it is one of the most important technologies to protect. However, because of its inherent complexity, we […]

Continue Reading →

Varonis DatAdvantage and DatAlert Are Now Interoperable with FireEye Threat Analytics Platform


Today we’re happy to announce the interoperability of our DatAdvantage and DatAlert solutions with the FireEye® Threat Analytics Platform™ (TAP™). FireEye TAP provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. Hackers are getting better […]

Continue Reading →

Varonis and User Behavior Analytics

If you’re looking to understand the current security environment, and why perimeter defenses no longer can, ahem, hack it, may we direct you to a recent newsletter from Gartner? It’s just a few pages but well worth your time. Our own Yaki Faitelson, Varonis CEO, is featured, and he tells it like it is, security-wise. […]

Continue Reading →

Top 10 PowerShell Tutorials on the Web

“I hate automation” said no sysadmin, ever. PowerShell has become a very popular scripting solution for perpetually overworked sysadmins and other IT pros.  It can be used to automate almost any area of the Windows ecosystem, including Active Directory and Exchange. What’s the best way to learn about this time saving tool? I scoured the […]

Continue Reading →

Penetration Testing Explained, Part II: RATs!


Remote Access Trojans or RATs are vintage backdoor malware. Even though they’ve been superseded by more advanced command-and-control (C2) techniques, this old, reliable malware is still in use. If you want to get a handle on what hackers are doing after they’ve gained access, you’ll need to understand more about RATs. A RAT’s Tale RATs […]

Continue Reading →

Central Connecticut State University Empowers Professors and Staff with Control Over Data Access


Today I’d like to share how Central Connecticut State University (CCSU), a regional, comprehensive liberal arts public university, uses Varonis DatAdvantage for Windows and DataPrivilege to keep its data secure and empower its staff. Prior to implementing our solutions, CCSU was required to report twice a year on who had access to what file shares […]

Continue Reading →

With Varonis, University of Maryland School of Medicine Identifies, Classifies and Secures Sensitive Data


Today we have yet another compelling customer story for you… The University of Maryland School of Medicine (UM SOM), which is the first public and the fifth oldest medical school in the United States, needed better visibility into the different types of sensitive data its employees and students were storing across its file systems. Regulatory […]

Continue Reading →

Yes, the SEC Enforces Data Security Standards


With the EU now very close to having a uniform data security law across the land, it’s a good point to take another look at US data protection and privacy laws. We have lots of ‘em at the federal level. Here’s a quick rundown: HIPAA (Health Insurance Portability and Acconutability Act) for medical FERPA (Federal Education […]

Continue Reading →