1. Varonis Overview

2. About Varonis Started operations in 2005 Over 4,000 + Customers
(as of January 2016)
Software Solutions for Human Generated Data

4. There are many questions IT and the business can’t answer:
Why?
There are many questions IT and the business can’t answer:
How do I detect insider threats (Ransomware, abuse, stolen credentials)?
Who has access to files, folders, mailboxes?
Who is accessing, modifying, moving, deleting files and ?
Which files contain critical information?
Which data is exposed to too many people?
Who owns data and how do I get them involved?
What data isn’t being used?
The reasons our customers use Varonis products is because there are relatively straightforward questions about all this data that they can’t answer:
If an insider, malicious or otherwise, is accessing data that they shouldn’t, would we know about it?
How can we detect ransomeware like Cryptoocker?
Who even has access to what data, and how are they getting that access?
Where is the most sensitive data overexposed?
What’s being used, what’s not, who does it belong to, and how can we make sure that only the right people have access?
You can’t manage what you don’t monitor, and for the vast majority of this type of data we’re not monitoring it. If this sounds familiar, that’s ok—every organization struggles with these problems with even small amounts of data, let alone the many terabytes of unstructured data most organiztions have, let alone the petabytes that some of the world’s largest companies deal with. W’re increasingly faced with the specter of insider threats, and because we oftne have no idea what users are accessing or how they’re getting that access, it’s impossible to prevent them, let alone to identify them when they happen.

5. A revolution in danger? The Insider Threat
This was the premise for the founding of Varonis. In 2005 Yaki Faitelson and Ohad Korkus started Varonis to help organizations protect their critical information from the inside out.
A revolution in danger? The Insider Threat

6. Dangers Realized
Fast-forward to today. High profile security breaches are in the news constantly. 77% of businesses reported a data breach in the last 12 months, and the average time to detect a breach is 200 days

7. What does Gartner say?
“The security perimeter no longer exists, it’s time to look inside.” “Use UBA to Rapidly Detect Bad Actors and Behavior, Prioritize Security Alerts, Reduce Alert Volume, and Streamline Alert Investigations”
Gartner says we need to start looking inside, and turning to technologies that analyze users and data.

8. What do many breaches have in common?
Unstructured data – Dark data
Insiders
File Systems
Privileged Accounts
Many breaches start with either an insider, or when an attacker gets inside, usually by hijacking the credentials of an insider. These insiders target critical files and s, or what is often referred to as unstructured data.

9. Intelligence: Human-Generated Big Data
INPUTS: METADATA
FILE SYSTEM & PERMISSIONS
DIRECTORY SERVICE OBJECTS
ACTIVITY
CONTENT
BUSINESS & IT INSIGHTS
VISUALIZE DATA AND ACCESS
RESIGNATION,
HACKER, VIRUS
ACTIVITY TRENDS & DATA GROWTH
IDENTIFY STALE DATA
UNNEEDED ACCESS
DATA OWNER IDENTIFICATION
EXPOSED,
SENSITIVE DATA
If we combine these 4 kinds of metadata, we can provide insights to both business and IT users. We can visualize who has access to what data, we can analyze their activity to see who has access to data they don't need anymore, we can baseline normal activity and alert when we see unusual activity. We can trend activity to analyze data growth and identify still data. We can determine who data belongs to, and find data that is sensitive and exposed to too many people. 
Lots of people can make use of this kind of intelligence -- from business executives and data owners , to IT security,  compliance,  storage, and  IT operations. 
CONSUMERS
010011
BUSINESS
EXECUTIVES
BUSINESS
DATA OWNERS
IT SECURITY
COMPLIANCE
IT STORAGE
IT OPERATIONS

10. INCREASE PRODUCTIVITY
How our process works
INSTRUMENT & ALERT
LOCK DOWN & PREVENT
SIMPLIFY
OPTIMIZE
Enable Audit Trail & Alerting
Inventory Permissions
Classify and Tag Sensitive, High Profile Data
Remove Excess Access
Remove Stale Data
Standardize Permissions and Structures
Self-service data management
Automate retention & disposition
Automate Entitlement
Secure search
Mobile access and file synchronization
Make sure that only the right people have access to the right data at all times, monitor use, alert on abuse.
Discover where sensitive information is vulnerable and overexposed, and lock it down without interrupting business.
Automatically detect suspicious and unwanted activity across disparate platforms with user behavior analytics and machine learning, helping you spot issues and prevent data breaches.
Give data owners the power to review and manage permissions without IT assistance and automatically enforce business rules.
Migrate, archive, quarantine, or delete files automatically based on access activity, content, and more.
REDUCE RISK
REDUCE COST
INCREASE PRODUCTIVITY

11. Free - Risk Assessment

12. Thank You
Louis de Kock

13. Diverse Base of Approximately 4,000 Customers
Public Sector
Energy and Utilities
Industrial
Media & Entertainment
Technology
Consumer & Retail
Education
Healthcare
Financial Services
Any company with more than 20 users and a file server is a potential customer, and we’ve barely scratched the surface.
It starts with metadata and the intelligence that our framework provides. Many people in the enterprise benefit from it, it has many use cases, and our customers discover more of them every day.
We translate the intelligence into action, making the enterprise more productive, with less risk, and less cost. 13