With Varonis, University of Maryland School of Medicine Identifies, Classifies and Secures Sensitive Data


Today we have yet another compelling customer story for you… The University of Maryland School of Medicine (UM SOM), which is the first public and the fifth oldest medical school in the United States, needed better visibility into the different types of sensitive data its employees and students were storing across its file systems. Regulatory […]

Continue Reading →

Yes, the SEC Enforces Data Security Standards


With the EU now very close to having a uniform data security law across the land, it’s a good point to take another look at US data protection and privacy laws. We have lots of ‘em at the federal level. Here’s a quick rundown: HIPAA (Health Insurance Portability and Accountability Act) for medical FERPA (Federal Education […]

Continue Reading →

Vote for Varonis – Security Innovation of the Year


We have been shortlisted in the 2015 V3 Technology Awards “Security Innovation of the Year” category! We need your vote because we’re not allowed to vote for ourselves! The V3 Technology Awards 2015 is hosted by V3.co.uk, one of the United Kingdom’s most well-read and followed media outlets. It provides tech professionals with 24/7 news […]

Continue Reading →

Penetration Testing Explained, Part I: Risky Business

PCI -risk assessment

In most of the security standards and regulations that I’ve been following there’s typically a part titled Risk Assessment. You can find this requirement in HIPAA, PCI DSS, EU GDPR, NIST, and SANS, to reel off just a few four- or five-letter abbreviations. What is risk assessment? It’s the process by which you decide where […]

Continue Reading →

Web Security Fundamentals


It’s hard to remember back to a day when all of us didn’t have the entirety of human knowledge accessible from a device that stores in your pocket, but in those olden days there were two separate spheres of security work: application and web. A very crisp perimeter existed around business networks where applications for […]

Continue Reading →

9 Ways to a Secure Active Directory

For many companies, Active Directory represents the keys to the kingdom. Understanding how to maintain a secure, optimized, and well-monitored AD can drastically reduce your risks of being attacked. To that end, here are nine ways to a secure Active Directory: 1. Document Your Active Directory –In order to keep a clean and secure AD, […]

Continue Reading →

The IP Theft Puzzle, Part IV: Ambitious Insiders


In this last post in this series, I’d like to look at another type of insider. I’ve already written about the Entitled Independents. These guys fit our common perception of insiders: a disgruntled employee who doesn’t receive, say, an expected bonus and then erase millions of your business’s CRM records. These insiders are solo acts. […]

Continue Reading →

Five Things You Need to Know About the Proposed EU General Data Protection Regulation


European regulators are serious about data protection reform. They’re inches away from finalizing the General Data Protection Regulation (GDPR), which is a rewrite of the existing rules of the road for data protection and privacy spelled out in their legacy Data Protection Directive (DPD). A new EU data world is coming! We’ve been writing about […]

Continue Reading →

‘Varonis Track’ for National Cyber Security Awareness Month


Our ‘Varonis Tracks’ have been such a huge hit, we decided to do one for National Cyber Security Awareness Month (NCSAM). NCSAM is five weeks’ worth of ideas and programs with the goal to educate the public and private sectors about  data security and privacy. The key message is that we’re all in it together—security-wise, […]

Continue Reading →

Inside Out Security


Data breaches are making headlines more frequently than ever.  Who’s going to be next? It’s time to protect your data from the inside out.  Find out how in our latest video.

Continue Reading →