Varonis Adds Incident Response Playbooks to Data Security Platform

Varonis is updating its Data Security Platform to version 7.0, integrating new dashboards that provide organizations with improved visibility into potential threats.


Varonis Systems announced version 7.0 of its Data Security Platform on Jan. 22, providing organizations with new capabilities to detect and respond to threats in the cloud and on-premises.

The Varonis Data Security Platform 7.0 update adds new risk dashboards that can help highlight potential issues with Active Directory and Office 365, as well as compliance with the EU's GDPR (General Data Protection Regulation). Improved threat intelligence integration is also part of the 7.0 milestone, helping organizations identify areas of concern. Additionally, Varonis is including incident response playbooks to the platform, enabling organizations to more rapidly respond to attacks.

"Customers have been using Varonis to simplify security investigations with enriched, behavior-based threat models and conclusive forensics capabilities through an intuitive web UI," David Gibson, CMO of Varonis, told eWEEK. "With 7.0, they’re now able to leverage incident response playbooks built right into DatAlert." 

DatAlert is a core element of the Varonis Data Security Platform, providing intelligence and data analytics that can be used to help organizations identify malicious behavior. The ability to provide remediation and incident response is often part of what are known as SOAR (Security Orchestration, Automation and Response) technologies. Gibson said that Varonis is not, however, positioning its platform as being SOAR.

"Though DatAlert offers programmable automated responses to detected threats, the Varonis Data Security Platform should be considered complementary to SOAR solutions," Gibson said.

New Dashboards on Board

A core area of improvement in the Varonis 7.0 update is with a series of new dashboards. Gibson said that the new dashboards widen the scope of what administrators can see and investigate at a glance. For example, he noted that the new Office 365 dashboards highlight external or publicly shared data that may be overexposed and at risk and what access level external users have on each share. 

The new GDPR dashboard in Varonis 7.0 is all about helping organizations maintain compliance with GDPR. With GDPR, a European Union (EU) directive that came into effect in May 2018, organizations need to protect personally identifiable information from loss. Gibson said that the GDPR dashboard in the Varonis Data Security Platform provides an at-a-glance look at where an organization's GDPR data exists and where it might be vulnerable with overexposed files and folders that may leave the organization open to compliance violations.

Another enhanced dashboard that Varonis has in its platform update is for directory services. Gibson said that the Directory Services dashboard provides visibility into an organization's Active Directory deployment. The visibility can help identify accounts with weak encryption as well as accounts that may be vulnerable to impersonation.

"Time and time again, we find companies are overexposed and under-protected, and they often don’t realize that they’re at risk," Gibson said.

Gibson noted that it can take hours or even days for some organizations to manually remediate vulnerable Active Directory accounts and at-risk files containing sensitive regulated data. 

"We're putting actionable information in the hands of IT and security staff so they can better ensure their environment is secured," he said.


Varonis is now also providing visibility into cloud storage from Box. With the capability, Varonis' customers can see who’s sharing what and highlight risky behavior. 

"Customers are also able to leverage out-of-the-box cloud sharing and collaboration searches, covering both Box events and activity on Office 365," Gibson said. "We don’t currently have support for Dropbox or Amazon S3."


Another key highlight of the Varonis updates is an overall performance boost that benefits from innovations coming from the Solr search technology. Apache Solr is an open-source enterprise search platform that is part of the Varonis Data Platform's infrastructure.

"In recent releases, we have been leveraging Solr for event storage and retrieval, which yields significant performance improvements," Gibson said. "Version 7 showcases several optimizations on top of Solr, yielding dramatically faster security investigations and more responsive search results."

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.