Varonis is one of University Advancement’s core business partners in our effort to comply with the recent PCI and data security …
Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Varonis Data Security Platform, and make your voice heard!
Entry-level set up fee?
- No setup fee
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Would you like us to let the vendor know that you want pricing?
- Tech Details
With it, the vendor states users will gain visibility into critical data and infrastructure, combine multiple data streams to discover security risks, and solve board-level data security problems at scale with automation.
- Supported: Data Protection
- Supported: Threat Detection & Response
- Supported: Privacy & Compliance
- Supported: VPN, DNS & Proxy Intelligence
- Supported: File Analysis
- Supported: GDPR & CCPA Classification
- Supported: DSAR Portal
- Supported: User Behavior Analytics
- Supported: Email Security
- Supported: Active Directory & Azure AD Clean-up & Monitoring
- Supported: Compliance Reporting
- Splunk Enterprise
- IBM QRadar Security Intelligence Platform
- Webroot Threat Intelligence
- Cyberark Application Identity Manager
- FireEye TAP
- Boldon James
- Regular confidential data analysis to detect any anomalies.
- Ability to detect such anomalies and take necessary action without any human involvement.
- Keeping separate event logs for each file to keep track of its changes.
- The Initial setting up process could be more simplified.
- It requires a noticeable amount of processing power to run the system smoothly.
- You're gonna need full-time staff members just for the maintenance.
- Varonis logging is very robust and captures all audit events being sent from the file servers.
- The ability to report and alert on Active Directory account events works very well with file activity monitoring. It can show the complete picture of what an account did while being used.
- Have a customizable dashboard is great for being able to show upper management information that only pertains to them.
- Some of the reporting interfaces are difficult to navigate and appear somewhat dated.
- This software does require a lot of servers to be built for various purposes.
- Varonis is on the pricey side and now requires subscription based licensing. This can present problems is your company tries to use very little OpX spending vs CapX.
- This tool allows us to protect sensitive data.
- It also improves our ability to maintain compliance with many different requirements.
- The tool also permits auditing capabilities that we did not have prior to its implementation.
- The tools also proactively alerts us to potential ransomware related events.
- The tool is vast and it takes a significant amount of time to tune it for your evironment.
- The report formatting is rudimentary and takes a while to get use to for staff.
- The integration to our SIEM could be better.
- Native integration to Netapp storage (and to others, but we use a Netapp).
- Files/folders access logs (read/write/move/modify, etc.).
- Due to the large amount of logs it keeps, it can be really slow to search.
- It's console could be more user-friendly and intuitive. Maybe web-based. Why not?
- Monitors and reports file and folder access and usage.
- Provides for assigned folder owners who can receive reports and manage access themselves.
- The reports can take some time to get used to creating and running. It can take some trial and error to determine the correct rule sets to get the information you need. The information is there. It may just take some time to set it up correctly. Once you find the right settings, you can save it for use later.
- It does have a lot of different tie-in to other products, which can take some time to set up correctly. It would be good if that could be simplified.
- Searching for account permissions is much easier and granular with Varonis over normal AD users and computers
- Having alerting when group policies are changed has been a big security group win
- Identifying sensitive data such as PII and SOX data has also been a major win for our Organization
- Implementation could have been a little smoother with more help from the Varonis sales team, but we managed
- Tying it into some 3rd party systems could be more intuitive
- Navigating the built in rules and patterns was a little clunky, but we worked through them
With minimal Identity and Access Management staff, this tool has been a blessing for quick responses to questions like:
'Who has access?' 'What are the permissions on a specific shared drive folder?' 'When was the last time a folder was modified and by who?' 'Where are all the locations that contain sensitive data such as SOX systems?'
Ease of use after implementation
Built in security policies
Ability to customize policies
Identifying Sensative data repositories
- Varonis accurately detects critical data on our file servers and classify them based on the type of data.
- Encrypt all data as configured to secure the data from unauthorized access.
- Alerting and reports gave us information that we did not have before.
- The web interface is somewhat limited in terms of functionality
- More licenses are required for additional features. This increases the cost to implement.
- Customized reporting is lacking.
- Varonis 7 offers real time alerting which benefits the swift action of analysts.
- Multiple file servers can be monitored by Varonis without a heavy performance interaction.
- Varonis is capable of meeting several industry compliance standards.
- The Web UI could have more in-depth analysis on alerts.
- Amount of services installed is high.
- Additional licenses have to be purchased for additional features.
- Administrative interface to manage the product
- Reports are easily generated and very detailed
- Classification of data works great with a low false positive/classification rate
- Technical support from the company is exceptional
- Sales and sales engineering from the company is exceptional
- Product can be costly
- Different licenses needed to add in some modules to the product
- Data storage needed can be high depending on amount of modules and data being collected
Varonis is one of University Advancement’s core business partners in our effort to comply with the recent PCI and data security initiatives the University is undertaking. We needed to get control of our data but it became evident there was a great deal of data that was not identified due to the amount and length of data being stored.
Some of the key questions answered by Varonis:
- The amount of stale and sensitive data.
- Where was this data stored?
- Who owned and had access to the data?
- What were people doing with the data?
Some of the controls provided by Varonis:
1. Alerts and reports on data access and file types.
2. Notifications on high priority AD alerts, Exchange alerts, and behavioral analytics.
Varonis has given us much needed insight into our data, which has become essential in our ability to secure our environment.
- It will scan severs for Data Classifications (Credit Cards, Social Security, HIPPA, Ferpa, etc.)
- Detailed logging of all the writes, modified, delete, open, etc. of a file, folder, AD object, Exchange object, and sensitive data
- Provides alerting for AD, Exchange, and Ransomeware
- I can identify data owners of a particular share and email them quarterly entitlement reviews for permissions.
- Speed up with website within the DatAlert site.
- We use Varonis on a daily basis to provide access reports to high profile data. One example is the business office report that we send to our SBO and also we use it to monitor critical Card Holder servers to match up with our Change Control documents to see which files were changes, modified, deleted, or created.
- We also use it to get some great informational reports like stale data reports, big data reports, exe, mp3, mov files, broken SIDs, etc.
- We use it for DCF (Data Classification Framework) to scan our servers for sensitive data and to stay compliant with our audits.
- We also use it to identify Data Owners. Varonis makes it super simple to identify these owners and then we can email them entitlement reports confirming access and they can request to change it or you can even automate it with a product like Data privilege. One important thing that most people miss is when people transfer to different departments, sometimes these people have more permissions than they need and these type of reports being sent quarterly are to help remove unneeded access.
- DatAlert - We use it for instant alerting (DatAlert for high priority AD alerts, exchange alerts and now Analytic alerts).
- The new analytics and behavior alerts are a big addition to the product. You can now see:
- Mass files being encrypted (Ransomware) & Behavior Patterns of Ransomware
- AD Permissions, OU Changes, locked accounts, etc.
- Detects deletion of multiple directory service objects
- Detects exploitation software created or modified
- Detects if a brute force attack is happening locking out multiple AD accounts
- Detects if the host file was changed
- Detects if system binaries are found in unusual locations
- Detects if Crypto tools are installed and being used
- Detects if Group Policy Objects have been modified and by whom
- This is just a few of what their product does now!
- The new analytics and behavior alerts are a big addition to the product. You can now see:
- Ability to structure unstructured data
- Help with data classification projects
- Put access controls around data
- Find out what is happening with your data
- Implementation can be challenging in some areas and can only be executed by the vendor
- Implementation can only be executed by the vendor and additional work can be chargeable
- Licensing can be improved upon
- Agent based so implementation can be longer than expected