SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Varonis strengthens security capabilities for AWS and S3
Tue, 21st Jun 2022
FYI, this story is more than a year old

Varonis has strengthened and expanded its cloud and security capabilities, with a critical aim of improving safety and boosting data visibility in Amazon Simple Storage Service (S3).

The company says that the new capabilities will deliver accurate, scalable data classification for S3 buckets to help organisations prevent sensitive data exposure.

The enhancements are part of the company's DatAdvantage Cloud, which gives users a single pane of glass to protect critical data across their IaaS and SaaS ecosystems.

Data breaches stemming from misconfigured and publicly visible S3 buckets are becoming a significant problem, with Amazon Web Services (AWS) permissions also becoming more complex and difficult to manage.

Varonis technology provides a continuous, real-time pulse on sensitive data risk for any sensitive information that may be stored in S3. Varonis for AWS also supports a wide variety of cybersecurity and compliance use cases by delivering effective data visibility and security at scale.

With the new technology, users will be able to automatically discover where sensitive and regulated data exists in AWS S3 buckets and also prevent data exposure from the outset by setting limits. There will also be options to detect organisation-wide settings issues and spot vulnerabilities that put an organisation at risk.

If there is suspicious user behaviour, such as excessive bucket deletions or MFA deactivation, then organisations will be alerted and informed in real-time.

Varonis executive VP of engineering and chief technology officer David Bass says companies need to ensure their data is secure in these times of change, particularly when addressing AWS and Amazon S3.

"Companies turn to AWS and Amazon S3 for scalability and performance, but it's up to every organisation to ensure their data is secure there," he says.

"Varonis for AWS augments native security capabilities by boosting visibility into where data is at risk and helping to reduce exposure proactively."

Varonis is also a member of the Amazon Web Services Independent Software Vendor (ISV) Accelerate Program, which is a co-sell program for organisations that provide software solutions that run on or integrate with AWS.

In addition to Amazon S3 capabilities, Varonis provides visibility into user access and permissions of other critical AWS resources, including AWS Identity and Access Management (IAM) and Amazon Elastic Compute Cloud (Amazon EC2), while monitoring for suspicious activity that could pose a risk to cloud data.

As part of the new development, the company is offering a complimentary Data Risk Assessment with their cloud experts when users sign up to Varonis for AWS.