‘Varonis Track’ at InfoSecurity Europe

This is getting to be a regular feature. Another conference, and another request from our readers to put together a Varonis Track. The conference this time is InfoSecurity Europe, which will touchdown in London June 2 – June 4. If you’re at InfoSecurity Europe, stop by to chat with the Varonis crew. We’ll be at…

Continue Reading


Announcing DatAdvantage for Microsoft Office 365

We’re excited to announce the beta release of DatAdvantage for Microsoft Office 365 – with permissions visibility for Microsoft Exchange Online, SharePoint Online, OneDrive, and visibility into Active Directory for Azure. Also included in this release is Data Classification Framework support for SharePoint Online and OneDrive, so that you can identify and lock down sensitive…

Continue Reading

malware marquee

Let’s Go to the RSA Videos!

For your viewing pleasure, the RSA folks have generously released the video recordings of most of the presentations from last month’s conference. So I bought popcorn, got an aisle seat, and spent an afternoon at the data security movies. My goal was to find themes in the hacker and malware-oriented talks. Like a Hollywood script,…

Continue Reading

New Venn - insider

The Metadata Era Data Analysis Contest

Courtesy of Dato’s co-founder Danny Bickson, we’ve come into possession of a three tickets for the Data Science Summit & Dato Conference being held in San Francisco July 20 -21. Thanks Danny! Researchers from Microsoft, Google, Cloudera, Carnegie-Mellon, and Stanford will be on hand to talk data. The Summit, by the way, has been organized by O’Reilly Media’s Chief Data Scientist, Dr. Ben Lorica.

Continue Reading

Forrester’s Wake-Up Call to Companies

Hey, we’ve received another shout out from the research community. Forrester, one of the most influential IT research and advisory firms in the world, has mentioned us in “Wake-Up Call: Poorly Managed Employee Access Rights Are a Breach Waiting to Happen (Merritt Maxim, April 28, 2015).” In the report, Forrester has noted a significant trend…

Continue Reading

Verizon DBIR 2015: Data Science Takes on Insiders

The 2015 edition of Verizon’s Data Breach Investigations Report, this blog’s favorite source of hacking stats, was published recently. As always, there’s great information included, and we can’t possibly cover all the interesting nuggets — breach costs, secondary victims — in a single post. Hint: there’ll be more on DBIR 2015 in future posts. This…

Continue Reading

How to Create a Good Security Policy

CIOs have taken note of the nightmarish scenarios data breaches can bring – remember Sony and Target? To combat this ticking time bomb, they’ve beefed up their security budgets. The Computer Emergency Response Team (CERT) at Carnegie-Mellon University also recommends creating a security policy which you can to refer to if your systems are compromised. Why…

Continue Reading


SSL and TLS 1.0 No Longer Acceptable for PCI Compliance

Last month, the PCI Council released version 3.1 of their Data Security Standard (DSS). While most of the changes in this minor release are clarifications, there is at least one significant update involving secure communication protocols. The Council has decided that SSL and TLS 1.0 can no longer be used after June 30, 2016. The…

Continue Reading

More Work to Be Done in Preparation for the New EU Data Protection Regulation [SURVEY]

In March 2015 at CeBIT, Varonis asked show attendees about their general understanding of the upcoming EU Data Protection Regulation. The new rules reform the EU’s existing 1996 Data Protection Directive and are expected to go into effect later this year or next. Here’s a snapshot of some of the more important considerations in the…

Continue Reading


Can We Trust Autopsy Results in Canada (or Anywhere)?

As if we didn’t have enough bad news about evidence used in the court room, now comes a story out of Canada about the security of court records. In testimony given at a trial in Alberta, Dr. Anny Sauvageau, the province’s former chief medical examiner, said that the government’s court IT system had little or…

Continue Reading