Top 10 PowerShell Tutorials on the Web

“I hate automation” said no sysadmin, ever. PowerShell has become a very popular scripting solution for perpetually overworked sysadmins and other IT pros.  It can be used to automate almost any area of the Windows ecosystem, including Active Directory and Exchange. What’s the best way to learn about this time saving tool? I scoured the…

Continue Reading


Penetration Testing Explained, Part II: RATs!

Remote Access Trojans or RATs are vintage backdoor malware. Even though they’ve been superseded by more advanced command-and-control (C2) techniques, this old, reliable malware is still in use. If you want to get a handle on what hackers are doing after they’ve gained access, you’ll need to understand more about RATs. A RAT’s Tale RATs…

Continue Reading


Central Connecticut State University Empowers Professors and Staff with Control Over Data Access

Today I’d like to share how Central Connecticut State University (CCSU), a regional, comprehensive liberal arts public university, uses Varonis DatAdvantage for Windows and DataPrivilege to keep its data secure and empower its staff. Prior to implementing our solutions, CCSU was required to report twice a year on who had access to what file shares…

Continue Reading


With Varonis, University of Maryland School of Medicine Identifies, Classifies and Secures Sensitive Data

Today we have yet another compelling customer story for you… The University of Maryland School of Medicine (UM SOM), which is the first public and the fifth oldest medical school in the United States, needed better visibility into the different types of sensitive data its employees and students were storing across its file systems. Regulatory…

Continue Reading


Yes, the SEC Enforces Data Security Standards

With the EU now very close to having a uniform data security law across the land, it’s a good point to take another look at US data protection and privacy laws. We have lots of ‘em at the federal level. Here’s a quick rundown: HIPAA (Health Insurance Portability and Acconutability Act) for medical FERPA (Federal Education…

Continue Reading


Vote for Varonis – Security Innovation of the Year

We have been shortlisted in the 2015 V3 Technology Awards “Security Innovation of the Year” category! We need your vote because we’re not allowed to vote for ourselves! The V3 Technology Awards 2015 is hosted by, one of the United Kingdom’s most well-read and followed media outlets. It provides tech professionals with 24/7 news…

Continue Reading

PCI -risk assessment

Penetration Testing Explained, Part I: Risky Business

In most of the security standards and regulations that I’ve been following there’s typically a part titled Risk Assessment. You can find this requirement in HIPAA, PCI DSS, EU GDPR, NIST, and SANS, to reel off just a few four- or five-letter abbreviations. What is risk assessment? It’s the process by which you decide where…

Continue Reading


Web Security Fundamentals

It’s hard to remember back to a day when all of us didn’t have the entirety of human knowledge accessible from a device that stores in your pocket, but in those olden days there were two separate spheres of security work: application and web. A very crisp perimeter existed around business networks where applications for…

Continue Reading

9 Ways to a Secure Active Directory

For many companies, Active Directory represents the keys to the kingdom. Understanding how to maintain a secure, optimized, and well-monitored AD can drastically reduce your risks of being attacked. To that end, here are nine ways to a secure Active Directory: 1. Document Your Active Directory –In order to keep a clean and secure AD,…

Continue Reading


The IP Theft Puzzle, Part IV: Ambitious Insiders

In this last post in this series, I’d like to look at another type of insider. I’ve already written about the Entitled Independents. These guys fit our common perception of insiders: a disgruntled employee who doesn’t receive, say, an expected bonus and then erase millions of your business’s CRM records. These insiders are solo acts….

Continue Reading