Varonis Systems releases new features in version 7.0 of the Varonis Data Security Platform to help organizations protect their enterprise data from insider threats and cyberattacks.
Version 7.0 of the Varonis Data Security Platform features new cloud and threat detection and response capabilities: new event sources and enrichment; threat intelligence to Varonis security insights; and playbooks that arm customers with incident response plans right in the web UI – making it easier for customers to follow responses to security incidents.
Additional highlights of 7.0 include:
New dashboards highlight cloud, active directory and GDPR risks
Active Directory risk dashboards, GDPR dashboards, and Office 365 dashboards offer visibility into exposures and concerns on Active Directory and key data stores. Widgets within each dashboard provide context and explanations of security risks — from vulnerable user accounts to at-risk cloud data to potential compliance violations.
Support for Box security events
The Varonis Data Security Platform was created to protect enterprise data wherever it’s stored, and that now includes data stored in Box. Customers can filter, search, and sort by event type including impersonation events, sharing events, and more; highlight risky behavior like sharing and impersonation; and see where to remediate security vulnerabilities.
Additional Office 365 and active directory events add intelligence and context for alerting and investigations
Attackers exploit weaknesses or misconfigurations in Azure and on-premises Active Directory to escalate privileges and access data, including email stored in Exchange Online. Varonis 7.0 enhances Exchange Online, Azure AD and Active Directory monitoring with new event and entity information, and additional telemetry from directory services helps customers reduce the time it takes to detect and respond to threats on premises and in the cloud.
Threat intelligence details provide insights
Monitor and track malicious (or suspicious) connections with threat intelligence. Varonis security insights and events are now enriched with information about risky external connections. Customers can now get external IP and URL enrichment in context with suspicious behavior and unusual activity for insight on potential security incidents.
Incident response playbooks map out next steps
Incident response plans from our cybersecurity research lab are now built into the Varonis UI as playbooks: our security experts mapped out practices for responding to different types of cyberattacks – covering incident notification to containment to recovery, along with actionable steps to eradicate threats and improve security postures for future attacks.
Increased speed and scalability with Solr
Version 7 optimizes the use of Solr for faster and intuitive investigations. Solr enables data aggregation, visualization, and horizontal scalability on commodity hardware, even with billions of events. By innovating on top of Solr, Varonis customers can provision little hardware and receive performance improvements. Customers will benefit from faster search auto-completion, improved search response and access to search results — even during their compilation.
Additional features from version 7.0 include more reports (including reports on overexposed regulated and GDPR data); new threat models to detect additional types of cyberattacks; faster updates to the web UI; and saved searches for more collaborative investigations.
“This new release of the Varonis Data Security Platform speaks to the fact that too many modern organizations are combatting a lack of perimeter visibility, in-house expertise, proactive incident response, and the requirement for a cyber-resilient strategy – creating prime targets for attackers,” said Peter Evans, chief marketing officer, Optiv.
“Assessing a company’s business requirements first, and starting with an ‘inside-out’ view on risk, can identify and prioritize gaps in security program execution across tools, processes – such as global access, and data. Technology can automate these processes for detection and remediation, thereby optimizing security while increasing effectiveness.”