Varonis adds secret discovery to data classification


Varonis Systems, a company providing data security and analytics, has announced powerful new data discovery capabilities that uncover exposed secrets that unlock access to critical resources. It is part of the company’s Data Classification Cloud solution.

Exposed secrets are increasingly responsible for devastating data breaches. With growing cloud adoption and rapid application development, secrets can end up almost anywhere, exposing intellectual property, source code, and critical infrastructure.

Varonis can now accurately and automatically discover secrets in unexpected places, correct exposure, and detect abnormal access behavior.

It works by continuously scanning source code files and other places where an organization’s secrets can spread, including Windows, Microsoft 365, Box, AWS, Google Drive, Salesforce, and other premier apps and services. plan. It scans secrets in on-premises and cloud data stores supported by Varonis. It finds secrets stored in plain text documents, source code files, scripts and configuration files.

Varonis uncovers secrets that are overexposed in plain text files, such as Word documents, Excel spreadsheets, and Google Docs, and locates many other places where a secret might be incorrectly stored in plain text. And by analyzing code files such as those stored in AWS S3 buckets, Varonis can detect security issues such as private keys or hard-coded credentials or secrets stored incorrectly, such as in a file. log.

Varonis can help protect exposed secrets by categorizing secrets with high accuracy. To generate high-fidelity results, it goes beyond RegEx with proximity matching, negative keywords, and algorithmic verification. Its precise scanning classifies and highlights a wide range of secret types and correlates secret with access to give a complete picture of your exposure.

Varonis reduces the risk of data exposure or data attacks by constantly looking for overexposed secrets within the organization. It can detect a wide range of popular secrets with rules identifying secrets for hundreds of common applications/databases/services.

With new sets of classification rules, Varonis can help scan environments for malicious secrets. These rules analyze secrets exposed in files and code stored on-premises and in the cloud.

Varonis scans files for sensitive information that matches over 400 classification patterns and shows what’s exposed to the internet or all employees.

Varonis generates highly accurate classification results by going beyond regular expressions. Instead, it uses proximity matching, negative keywords, and algorithmic verification to reduce false positives.

Varonis data classification modules can discover hundreds of unique secret patterns in a code base. It uses patterns and proximity matching to scan the environment for hundreds of popular secret types, for applications and services such as Google OAuth2, Twitter, Atlassian, LinkedIn, elliptic curve cryptographic keys or cloud database credentials.

Some of the categories of secrets detected by Varonis include passwords, database credentials, connection strings, private keys, encryption certificates, API keys, authentication tokens, and encryption keys.


About Author

Comments are closed.