Varonis launches unified identity protection platform

Varonis has announced the introduction of Varonis Identity Protection, an enhancement to its Data Security Platform that aims to provide organisations with unified visibility and control of data and identities.

The company stated that most existing identity security tools operate independently, lacking knowledge of the specific data each identity is authorised to access and the methods by which data is accessed. The new Varonis offering seeks to connect these aspects, enabling organisations to reduce unnecessary access to sensitive data, address identity posture issues, and counter identity-based threats including those from insiders, stolen credentials, and artificial intelligence tools and agents.

Varonis Identity Protection sets itself apart from traditional identity products through its capability to calculate the potential data exposure, known as the blast radius, for every identity should it be compromised. The system distinguishes between human and non-human identities, classifies them as internal, guest, external, or privileged, and monitors their interactions with company data in order to detect anomalous behaviour.

"Identity and data are deeply intertwined — securing one without the other leaves dangerous gaps." He continued, "By unifying identity and data security, Varonis gives customers the context they need to better ensure identity threats don't become data breaches," Yaki Faitelson, Varonis Chief Executive Officer, President, and Co-Founder, said.

Key features of Varonis Identity Protection highlighted by the company include machine learning-based identity classification, continuous user behaviour analysis, identity threat detection and response (ITDR), and identity posture management with automated remediation.

The solution integrates with identity providers such as Entra ID, Okta, and Active Directory to map user accounts across environments. By employing machine learning, Varonis automatically classifies identities by tagging executive roles, privileged users, service accounts, and non-human identities, among others.

Through peer analysis and continuous user behaviour monitoring, Varonis detects anomalies in how identities are used, flagging deviations from typical patterns to identify potentially risky activity at an earlier stage.

The platform's identity threat detection and response capabilities enable the monitoring of identity providers for indicators of compromise. This includes alerting on suspicious login attempts, unexpected password resets, changes in multi-factor authentication, and policy adjustments, all contextualised with each account's data access history.

Varonis Identity Protection's posture management features allow it to identify issues such as stale contractor accounts, excessive permissions, and missing multi-factor authentication. The platform then automatically mitigates these risks by revoking access, removing entitlements, and eliminating unused accounts.

The capability enhancements to identity protection also extend to Varonis Managed Data Detection and Response (MDDR). With these improvements, Varonis analysts are able to detect and address a wider array of threats more rapidly and effectively across customer environments.

Varonis was recently named a Leader in Identity Threat Detection and Response by research and analysis firm GigaOm, with specific recognition for the platform's detection and automated response capabilities.