Varonis
Varonis is a pioneer in data security and analytics, specializing in software for data security, governance, threat detection and response. The company provides solutions for protecting enterprise data across cloud and on-premises environments including data classification, access governance, behavioral threat detection, and automated remediation.
APIs
Varonis DatAlert API
API for accessing threat detection and incident response capabilities from Varonis DatAlert. Provides endpoints for retrieving alerts, managing alert status, adding notes to ale...
Varonis Data Security Platform API
API for integrating with Varonis Data Security Platform to manage data security policies, access permissions, and threat detection.
Varonis DataPrivilege API
REST and SOAP API for integrating Varonis DataPrivilege with IAM and ITSM solutions. Enables synchronization of managed data, execution and reporting on access requests and acce...
Varonis MCP Server
Model Context Protocol server that interfaces with Varonis APIs, allowing AI clients such as ChatGPT, Claude, and GitHub Copilot to access and orchestrate the Varonis Data Secur...
Collections
Varonis DatAlert API
POSTMANVaronis DatAlert API
OPENArazzo Workflows
Varonis Close Low-Severity Noise
Find the newest low-severity open alert, note it, and close it as legitimate activity.
ARAZZOVaronis Device Malicious IP Response
Pull a device's newest alert, and if it involves a malicious IP, fetch events and investigate.
ARAZZOVaronis High-Severity Model Coverage
List threat models, pull alerts for one model, and annotate its newest alert.
ARAZZOVaronis Investigate and Close Alert
Pull events for a known alert, document findings as a note, then close it.
ARAZZOVaronis Sensitive Data Alert Escalation
Pull the newest open alert and branch on whether it touches classified sensitive data.
ARAZZOVaronis Threat Model Hunt
Resolve a threat model by name, pull its recent alerts, and load the newest alert's events.
ARAZZOVaronis Triage Newest Alert
Pull the newest open alert, load its forensic events, and move it into investigation.
ARAZZOVaronis User High-Severity Investigation
Find a user's high-severity alerts, pull the top alert's events, and annotate it.
ARAZZOPricing Plans
Rate Limits
FinOps
Varonis Finops
FINOPSFeatures
AI-powered detection of abnormal user and data access behavior using DatAlert threat models aligned to MITRE ATT&CK.
Automated sensitive data discovery and classification across cloud and on-premises data stores.
DataPrivilege workflow automation for entitlement reviews, access requests, and permission remediation.
Detailed event-level forensics including file access, permission changes, and login activity for incident investigation.
REST API integration with SIEM platforms (Splunk, QRadar, Sentinel) and SOAR platforms (XSOAR, Phantom) for automated response.
Model Context Protocol server enabling natural language security operations with Claude, ChatGPT, and GitHub Copilot.
Built-in reporting for GDPR, HIPAA, PCI-DSS, SOX, and other compliance frameworks.
Data security posture management for Microsoft 365, AWS, Azure, and Google Cloud environments.
Use Cases
Detect and respond to abnormal access patterns that indicate potential insider threats or compromised accounts.
Identify ransomware activity through mass file access, renaming, and encryption patterns.
Investigate potential data breaches using forensic event trails to determine scope and blast radius.
Automate periodic entitlement reviews to ensure least-privilege access to sensitive data.
Generate audit-ready reports demonstrating data access controls for regulatory frameworks.
Integrate alert triage and remediation into automated playbooks via the DatAlert REST API.
Use the Varonis MCP Server to enable AI assistants to query alerts, investigate events, and execute remediation.
Integrations
Ingest Varonis alerts and events into Microsoft Sentinel for correlation and automated response.
Stream DatAlert events to Splunk via the official Varonis App for Splunk SIEM integration.
Forward Varonis DatAlert events to QRadar using the official integration guide.
Enrich endpoint threat data with Varonis user and data access context.
Create and manage security incident tickets in ServiceNow from Varonis alerts.
Automate alert triage and remediation workflows using the Varonis XSOAR integration.
Monitor and protect SharePoint, OneDrive, Exchange, and Teams data natively.
Data security posture management for S3, RDS, and other AWS data services.