SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Varonis Systems launches new program through HackerOne
Thu, 1st Dec 2022
FYI, this story is more than a year old

Data security and analytics pioneer Varonis Systems has launched its public vulnerability disclosure program through HackerOne.

The Varonis Vulnerability Disclosure Program (VDP) allows everyone in the HackerOne community to report potential security issues related to Varonis' corporate and cloud environments, including Varonis SaaS products.

"Varonis has had tremendous success with our private bug disclosure program, and the logical next step for us is to partner with HackerOne, the undisputed leader in vulnerability coordination and bug bounty management," says Guy Shamilov, CISO, Varonis.

"Varonis has always remained committed to providing the best security for our platforms.

"With the public launch of our Varonis SaaS offering, we are continuing our tremendous investment in product security.

"Moving forward, our HackerOne VDP will make it possible for threat researchers to report issues easily and safely, which will help keep our products, and in turn, our customers, more secure."

The new program launch comes after Varonis announced the early availability of its flagship Data Security Platform as a SOC 2-compliant SaaS.

The company says its SaaS Data Security Platform is intended to help simplify deployment and deliver quantifiable data security outcomes with less manual effort and a low total cost of ownership (TCO).

The new offering is also said to unlock faster threat models and policy updates, along with proactive threat detection and response and autonomous risk reduction.

Varonis says that because of the comprehensive ranging services included in the offering, overburdened security teams responsible for protecting complex hybrid data environments will be able to quickly access vital data to help stamp out threat actors and possible issues.

Real-time visibility will allow users to continually discover, classify, and prioritise sensitive data risk with an accurate view of data security posture.

Autonomous risk reduction also harnesses intelligent automation, and businesses can enforce Zero Trust without breaking business processes.

Businesses will also have the ability to transparently monitor data access activity and quickly respond to anomalous behaviour.

Varonis has a range of products that they say address additional important use cases, including data protection, data governance, Zero Trust, compliance, data privacy, classification, and threat detection and response.

The Varonis Data Security Platform detects cyber threats from both internal and external actors by analysing data, account activity, and user behaviour; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation.

Speaking to the new program, Amanda Berger, Chief Customer Officer at HackerOne says, "Varonis' choice to launch a VDP is a great proactive step toward hardening attack surfaces and a signal of an increasingly security-mature organisation."

"The diverse hacker community brings an unmatched ability to keep up with the ever-evolving threat landscape and identify the security gaps cybercriminals are most likely to exploit."