6.2.51 (including DLX) is now GA


We’re excited to announce the GA release of 6.2.51: this release includes a range of enhancements focusing on data security, new integrations, and a more intuitive user interface. Some of the highlights that are now generally available include: New DatAlert Threat Models: Get inside-out security with sophisticated threat models built on advanced analytics, user behavior, […]

Continue Reading →

[Infographic] Varonis Behind the Scenes


With 32 patents issued and 108 patent applications worldwide, we’ve been working hard to help you protect your organization’s data from insider threats and cyberattacks. To get a better idea of what’s happening behind the scenes, we thought it might help to see a few stats. The People Behind the Software We currently have 989 […]

Continue Reading →

After-the-Breach Advice: A Legal Eagle View

pexels-photo (7)

One surprising fact about breach responses at large companies is that IT may not be leading the charge. A few months ago, I was at a legal technology conference in which panelists said the chief legal officers or chief privacy officers manage cyber-incident responses. IT is involved, they noted, but usually in a supporting role. […]

Continue Reading →

EU GDPR Spotlight: Pseudonymization as an Alternative to Encryption


Have I mentioned lately that the EU General Data Protection Regulation (GDPR) is a complicated law? Sure, there are some underlying principles, such as Privacy by Design (PbD) and other ideas, that once you understand, the whole thing makes more sense. But there are plenty of surprises when you delve into the legalese. For example, […]

Continue Reading →

A Guide to PCI DSS 3.2 Compliance: A Dos and Don’ts Checklist


Before you begin, download the PCI Compliance Checklist PDF and follow along! Table of Contents Overview 3.2 updates – What You Need to Know New Compliance Deadlines Multi-factor Authentication PAN Masking and Visibility Stricter Reporting for Service Providers PCI’s 12 Step Program Made Simple Defend Your Cardholder Data Defend Against External Threats Defend Against Internal […]

Continue Reading →

Everything You Need To Know About Passwords – IOSS 11


The latest string of mega breaches that compromised approximately 642 million passwords has shown us how vulnerable we still are. Yes, passwords are obsolete, and we should at least use two-factor authentication. But the fact remains, unless we find a password solution to really shake up how to think, use, and manage passwords on apps […]

Continue Reading →

The Cyber Kill Chain or: how I learned to stop worrying and love data breaches


Pulling off a heist is no easy feat – and in order to prevent theft, you best understand the plan of attack. Like any good ol’ traditional heist, there are multiple stages to consider in a cyber-attack. To help prevent and detect cyber-attacks and security breaches, we look to the cyber kill chain. Lockheed Martin […]

Continue Reading →

Cyber Espionage: Could Russian and Korean Hackers Have Been Stopped (With UBA)?


Once upon a time, breaking into the Democratic National Committee required non-virtual thieves picking real door locks and going through file cabinets. And stealing the design secrets of a fighter jet was considered a “black bag” job that utilized the talents of a spy who knew how to work a tiny spy camera. Then, that […]

Continue Reading →

The Differences Between DLP, IAM, SIEM, and Varonis Solutions


You can’t always do it all alone and sometimes you need help from your friends. It’s good life advice, and as it turns out, good advice for a security solution. A multi-pronged security program that uses a mix of technologies and approaches is the best way to reduce risk and to protect you organization’s most […]

Continue Reading →

Recent Cybersecurity Warnings from the FBI – IOSS 10


Rob Sobers, Mike Buckbee and Kilian Englert joined me for an interesting conversation as we discussed recent cybersecurity warnings from the FBI. Here’s the best of what you might have missed: Keystroke loggers disguised as USB phone chargers Cindy: Let first define keystroke logging Mike: A keystroke logger is anything that’s recording the keystrokes and often […]

Continue Reading →

EU GDPR Spotlight: Protection by Design and Default


Privacy by Design (PbD) is a well-intentioned set of principles – see our cheat sheet – to get the C-suite to take consumer data privacy and security more seriously. Overall, PbD is a good idea and you should try to abide by it. But with the General Data Protection Regulation (GDPR), it’s more than that: […]

Continue Reading →