Varonis

Version: Varonis 6.3.190 and above

Varonis is a Data Security Platform that detects insider threats and cyberattacks by analyzing data, account activity and user behavior. It prevents and limits disaster by locking sensitive, and stale data and efficiently sustains a secure state with automation.

Varonis integrates with Netsurion's Open XDR platform to provide security analytics with deep data context, so that organizations can be confident in their data security strategy. Benefits include scheduled reports, integrated Varonis dashboards and alerts for streamlined investigation.

Reports contain a detailed summary of events associated with exchange server activity, CIFS and NFS activity, share-point activity, and active directory activity.

Alerts are triggered as soon as critical events are received by Netsurion's Open XDR platform for Varonis, such as user lockout.

Dashboard is a graphical representation of all the activities happening in Varonis. These include event categories with cumulative log counts or percentage or by timeline.

These attributes or configurations of Netsurion's Open XDR platform allows administrators to quickly take appropriate actions against any threat/adversaries trying to jeopardize an organizations normal operation.

Once Varonis is configured to deliver events to Netsurion's Open XDR platform; alerts, dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security    
Security Varonis - A user has been locked out This alert is triggered as soon as EventTracker receives an event when any user is locked out.
Operations Varonis - AD domain service and user status activities This report outlines a detailed overview of events related to active directory activities, such as creation and deletion of all objects, lock/unlock accounts, etc. This will include event datetime, action taken, affected object name, etc.
Operations Varonis - File permissions activities This report outlines a detailed overview of events related to file system events, such as, file set permissions, file modify, file create, etc. This will include event datetime, action taken, file permission change, file/server domain, etc.
Operations Varonis - Exchange mailbox and folder activities This report will outline the detailed summary of events related to exchange server activities, such as, change folder permissions, create message, message received, etc. This will include event datetime, action taken, affected object name, rule name, etc.

Documentation

The configuration details are consistent with Netsurion version 9.2 or later, and Varonis 6.3.190 and above.

Download Integration Guide and How-to Guide for more information and to configuration instructions.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept