The best features in Varonis 7.4

The new big update to Varonis (7.4) was released about an month ago. Now after I have been upgrading and using it for a while I’m starting to get a feeling for the new features and it feels like a great time to talk a bit about the great features that were released.

The first big thing I want to show you are the new dashboards that will help you get a good overview of the status of your environment.You can use the predefined dashboards or create your own.

Active directory dashboard:

GDPR dashboard where you can see if you are compliant to the regulations and if you have control over your sensitive data.

The next thing I really like is that it now is possible to search through the logs via the web interface. It is more responsive and the user interface looks great.The reason why it’s more responsive now is because from this version SOLR software is being used. Varonis promises significant performance improvements and that investigations will go lightning-fast with SOLR and I can definitely agree on that. Searching and investigating alerts in the web interface works perfectly.

Another interesting feature that have been added to the web interface is the integrated incident response playbooks that can be used when handling incidents from DatAlert. As you can see in the picture below you will get detailed information about what happened and which next steps to take.

Varonis Edge have got multiple new threat models added to DatAlert so you can now among other things find out if data have been exfiltrated via DNS tunneling, if DNS cache poisoning have occurred or if data have been uploaded to external websites.

Varonis Edge is a product that is used to analyze metadata from perimeter systems like DNS, VPN and web proxies. These kinds of devices often write the logs in very different ways and it can be very hard to obtain interesting and useful data from them. Edge is used to filter out only the interesting metadata from the perimeter devices and present the events more readable for the user. With help from Varonis Edge you can for example find out whether a user was accessing the network from their usual location, if sensitive data was accessed, and if the event occurred during a user’s normal time window and more.

If you want to know more about the features in the latest version or are interested in Varonis products don’t hesitate to send me an email at rickard.carlsson@xenit.se

Disclaimer: All information on this blog is offered "as is" with no warranty. It is strongly recommended that you verify all information and validate all scripts in isolated test environments before using them in production environments.