
Work Here?
Varonis Systems focuses on protecting sensitive information from cyber threats by offering a data security platform that continuously monitors data, detects threats, and automates responses through advanced analytics and automation. The platform helps large enterprises, government agencies, and educational institutions secure data and meet regulatory requirements via subscription-based access, with a heavy emphasis on data monitoring, threat detection, and automated response. The company differentiates itself through a strong recurring revenue model (95% recurring) and high renewal rates (90%), reflecting steady income and high customer satisfaction, alongside a broad customer base. Its goal is to help customers protect data, prevent breaches, and stay compliant while growing its subscription-based business.
Industries
Data & Analytics
Enterprise Software
Cybersecurity
Company Size
1,001-5,000
Company Stage
IPO
Headquarters
New York City, New York
Founded
2005
People at Varonis who can refer or advise you
Help us improve and share your feedback! Did you find this helpful?
Hybrid Work Options
Varonis' new HQ in Miami opens. Panyc is excited to share the completion of Varonis' new headquarters in Brickell, Miami. This particular success has been years in the making. Panyc has been working with Varonis for twelve years now, across multiple offices, spanning both coasts and an ocean. With each project, Panyc has gotten to know this company better - its culture, its quirks, what it actually needs from the spaces its people show up to every day. Varonis secures data, and that's not just a tagline - it's baked into how they operate, the values they hold, the way they carry themselves. So when Panyc started this project, Panyc wanted the space itself to feel like it belonged to a company doing serious, careful work. That comes through in the materials, the small details, the feeling you get the second you step off the elevator. That kind of mission deserves a space built with the same intention. None of this happens without a lot of trust, built up over a long time. Panyc is grateful for the relationship, and honestly, pretty proud of what it keeps producing - huge congrats to the entire Varonis team! Especially Yael Hershkowitz, its client lead for over a decade, who's pushed every project Panyc has done together to be better, with this new HQ most of all. And to Victoria Muniz, who was on the ground for execution and made a real difference getting this space across the finish line. Project Team Client - Varonis Architecture - Pliskin Architecture / Mor Segal, Emily Nguyen, Hyuein Song, Barak Pliskin Executive Architect - Claro Architecture MEP Engineering - TLC Engineering Solutions AV Design - Cedarcom General Contractor - JRM Construction Management Florida AV Integrator - IT Lead Styling - AI Spaces Photography - Barak Pliskin
Breach at the Beach: the ultimate Entra ID training experience. Discover how Varonis Threat Labs created Breach at the Beach, a unique Entra ID training experience. Enhance your cybersecurity skills through hands-on learning with this CTF. Last updated June 25, 2026 Cybersecurity can feel a lot like the ocean. A sense of calm on the surface, but likely something unknown is lurking underwater. Varonis Threat Labs researchers Doron Kapah and Mark Vaitsman know this reality firsthand. Most of their days involve researching how threats exfiltrate sensitive data in cloud-native environments. And knowing that AI has evolved identity management and how threats attack organizations, the duo wanted to create an Entra ID training experience that gave other security practitioners first-hand knowledge of what data exfiltration in Entra ID looks like on the frontlines. Thus, Breach at the Beach was born. Pixel, Varonis' threat-detecting cat, is on a beach vacation when she learns of a breach in Entra ID and switches to investigator mode. Players trace the threat actor's steps through Pixel to uncover what sensitive data the attacker is after, hopefully stopping them before it is too late. Continue reading to learn more about the real cases that inspired Breach at the Beach, how AI has evolved threat detection and amplified the need for hands-on education, and how you can earn CPE credits by completing Breach at the Beach. Why Entra ID? Entra ID isn't just an identity provider; it's the control plane for the entire enterprise. It connects users, applications, permissions, automation, and increasingly AI-powered workflows. The rise of non-human identities - AI agents, service principals, automated workflows - has changed what a compromise in Entra ID can look like. "In today's AI era, a lot of identities are non-human identities. f there is a compromise in Entra, a threat actor can pivot themselves into a non-human identity, and it can quickly turn into a stealthy and scalable data exfiltration attempt." Mark Vaitsman, Security Research Team Leader at Varonis The techniques woven throughout Breach at the Beach aren't hypothetical. They reflect cases Doron and Mark have encountered firsthand in real customer environments, making each challenge a lesson grounded in what defenders are up against today. "Non-human identities are rapidly outgrowing human identities, expanding the attack surface as a result. Threat actors can gain and scale access while creating major challenges for monitoring and detection," says Doron. Doron also points out that organizations are caught between the pressure to adopt AI quickly and security infrastructure that hasn't kept pace with AI, creating complexity that fundamentally changes the defensive approach. Sharing knowledge through the lens of a CTF Knowing that today's defenders needed awareness of modern attacks in Entra ID, Doron and Mark wanted to give defenders a hands-on experience to show what modern attacks look like. With Breach at the Beach, they ensured it taught players the following: * How threats abuse features, not misconfigurations: Players aren't hunting for something that's broken. They're learning to recognize when a legitimate functionality is being weaponized. * How to detect threats without AI: Doron and Mark deliberately designed the CTF to avoid an LLM's ability to solve challenges, something researchers weren't thinking about a year or two ago. The elimination of AI assistance helps players absorb the lessons embedded in the experience rather than quickly learning them to compete. * How to eliminate noise: Working through raw Entra logs is a reality for most defenders. By creating a complex environment where the data keeps evolving, players are tested to create their own clarity. Beyond the specific lessons, Mark also knows firsthand how hands-on learning gives defenders real-world practice. "You understand nothing if you are not hands-on the keyboard, clicking around, and seeing how it works. Reading is not enough." Mark Vaitsman, Security Research Team Lead Mark also shared how CTF experiences help players feel the impact, not just understanding it conceptually. "You kind of feel that this is actually really your company with a CTF. If you don't understand the attack flow or the techniques inside, you lose more than just the challenge," says Mark. Built for all cybersecurity professionals Baking in new knowledge on Entra ID and AI was a given for Mark and Doron, and so was ensuring that completing the experience was useful across all security roles, including red teamers, blue teamers, CISOs, threat intelligence roles, and more. "There is no way you can be a good or perfect red teamer if you're not familiar with the blue team side, and you probably will not be able to be a good CISO if you're not familiar with the attacker side," says Mark. Doron also highlighted that when it comes to AI and auditing visibility gaps, this isn't something every security practitioner gets exposed to in their daily jobs. Including that in the CTF helps identify any gaps they may be missing. "Not every security professional is exposed to audit logs from systems like Dataverse, Copilot, or to the underlying mechanics of how these AI systems operate. This CTF gives them a chance to see how challenging it is to build a defensive approach when working with AI agents. " Doron Kapah, Security Researcher at Varonis "It also helps them understand what good identity hygiene looks like and how to implement least privilege in their own environments," adds Doron. Early in the development of Breach at the Beach, the team took it to the Cloud Village at RSAC 2026. Feedback shared from players highlighted how it didn't feel like a task, but a creative challenge that kept them entertained and inspired. "We got feedback that the challenge was tough, but also very educational. Even seasoned CTF staff at the booth told us they learned something new," says Doron. Play Breach at the Beach today Whether you're on a red team, a blue team, or needing to gain CPE credits, this is your chance to learn by doing. Breach at the Beach is free and available to play online: https://breachatthebeach.com Completing each stage of the CTF awards players with 1 CPE credit and a themed badge. Once all four stages are complete, players receive a certificate of completion to share on LinkedIn. If you intend to earn CPE credits, please use an active email address. Doron and Mark are also heading to Las Vegas for Black Hat USA and DEF CON 34, where they will elaborate on how the CTF was built and help players through the exercise in person. Find the details for those events below. Play at Black Hat USA 2026: * August 3-6, 2026 * Located in the Varonis booth (#2948) * Online players and Black Hat attendees who complete the CTF by August 6 will be entered into a drawing for a $2,000 USD gift card to Marriott Hotels * More details on Varonis at Black Hat Play at DEF CON 34 in the Cloud Village * August 6-9, 2026 * Las Vegas Convention Center * More details on the Cloud Village * Attendees will have the chance to compete with others in the Cloud Village's Capture the Flag challenges, with top players being eligible for an array of prizes * Registration to play at DEF CON will open prior to the event What should I do now? Below are three ways you can continue your journey to reduce data risk at your company: Schedule a demo with Varonis Systems, Inc. to see Varonis in action. Varonis Systems, Inc.'ll personalize the session to your org's data security needs and answer any questions. See a sample of its Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation. Follow Varonis Systems, Inc. on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more. Lexi Croisdale Lexi Croisdale is a global content marketing expert. She enjoys writing about the latest cybersecurity trends and insights to help companies protect their data.
Varonis reportedly weighs sale as Blackstone and PE giants circle. Tl;dr. * Varonis drew preliminary PE interest from Blackstone, Thoma Bravo, and Vista Equity; no formal sale process has been announced. * Q1 2026 revenue rose 26.9% year-over-year to $173.1 million, with SaaS now 93% of total revenue. * Varonis's market cap was roughly $4.11 billion while rival Cyera's private valuation reached $12 billion in June 2026. Varonis Systems, the Miami-based data security firm, is reportedly weighing a sale after receiving preliminary takeover interest from Blackstone, Thoma Bravo, and Vista Equity Partners, Bloomberg reported on June 23. The company has been working with advisers as it fields that interest, though no formal sale process has been announced and Varonis declined to comment on the report. The attraction for buyers is visible in the operating numbers. Varonis posted Q1 2026 revenue of $173.1 million, up 26.9% year-over-year, and has converted 93% of its revenue to SaaS (up from 64.9%), meaning the disruptive part of a cloud transition is largely behind it. That is the profile PE firms specializing in software buyouts have historically sought: a company that has absorbed the revenue-model shift and is positioned for cleaner growth. The stock has not reflected that story; shares fell 43.7% from October 28, 2025 through the pre-announcement period, following a drop in on-premises subscription renewals and a workforce reduction of 120 employees (5% of staff) in October 2025. The private-market comparison sharpens the case for a buyer. Rival Cyera's valuation climbed from $6 billion in June 2025 to $12 billion by June 2026, as reported by BankInfoSecurity. Varonis's market cap as of the report was roughly $4.11 billion, a fraction of what a comparable private competitor commands. Two recent acquisitions add to the strategic picture: AllTrue.ai for $114.5 million in February 2026 for AI agent security, and SlashNext for $105.1 million in August 2025 for email security. What the reporting does not give you is any price at which Varonis's board would actually agree to a deal, or whether founders would back a sale over a standalone recovery plan. The situation is described as preliminary, sourced to unnamed people familiar with the matter, which is standard language for real interest that may well not advance. The rise in VRNS shares reflects the market pricing in optionality, not a completed transaction. If a deal does materialize, the clearest beneficiaries are shareholders who have endured a prolonged drawdown. A PE buyer executing at this stage gets a data security platform with the SaaS conversion near-complete and two AI-adjacent acquisitions already on the books, at a price that looks modest against where private competitors are trading. Originally reported by bloomberg.com Original headline: Varonis Explores Potential Sale After PE Interest From Blackstone, Thoma Bravo, and Vista Equity - VRNS Surges 14%
How Enverus secures Salesforce Data and prevents data breaches with Varonis. Discover how Enverus partnered with Varonis to enhance Salesforce data security, improve threat detection, and prevent a major data breach. Last updated May 22, 2026 As Enverus expanded, its security team needed visibility into the entire data estate, the controls in place, and whether those controls were being enforced, especially within Salesforce, one of its most business-critical platforms. Enverus partnered with Varonis to gain deep visibility into sensitive data, access, permissions, and activity. Its partnership strengthened security, accelerated investigations, improved threat detection, and helped prevent a major data breach tied to a large-scale SaaS supply chain attack. Who is Enverus? Enverus is a decision-support platform serving organizations across the energy and energy infrastructure space, from small independent operators to the world's largest supermajors. The company manages large volumes of data spanning geophysical, petrophysical, operational, and infrastructure workloads, combining proprietary intellectual property with large public and third-party datasets. Visibility across a distributed data estate With data spread across cloud platforms, SaaS applications, and on-premises data centers and databases, each with its own permissions model, configurations, and operational team, Enverus needed consistent data security across its entire environment. The security team needed to answer fundamental questions: * What sensitive data exists across the enterprise? * Where does it live? * Who can access it? * Are controls consistently enforced across environments? A unified platform and security partner Varonis provided Enverus with unified data security across multiple platforms, including AWS, Azure, Salesforce, and Microsoft 365. Varonis gives the security team a comprehensive view of what sensitive data exists, where it lives, who can access it, and whether controls are consistently enforced. Varonis mapped identities across platforms and greatly reduced the blast radius. What had previously been difficult to operationalize became straightforward: identify the highest-risk access, right-size permissions, and report progress against enterprise policy. Enverus was able to move beyond static reviews and spreadsheet-driven analysis. "What surprised us most was Varonis' insight into the data plane from an identity and access perspective. That wasn't what we initially came for, but it's proven to be critical." Alex Acosta, Vice President of Security, Enverus At Enverus, the security and GRC teams define enterprise-wide security and data policies, while application teams own day-to-day platform operations. Varonis helps bridge these teams, providing dashboards and reporting, aligning platform controls to enterprise policy, and delivering consistent controls and visibility. The result is a unified approach that supports both security requirements and business objectives. Simplifying Salesforce data security Salesforce sits at the center of Enverus' operations, with numerous integrations, workflows, and data flows moving in and out of the platform. Salesforce combines business-critical data with complex identity controls and numerous integration points, making data security challenging. Over time, overlapping profiles, permission sets, roles, sharing rules, and connected apps can accumulate, making it difficult to understand a user's effective permissions or identify excess access. The challenge is compounded by the multitude of apps, agents, APIs, and sandboxes that can move data in and out of production and often retain long-lived tokens or create backdoors. Enverus needed: * Complete insight into identity-based permissions within Salesforce * Clear visibility into data flows and workflows * Confidence that access controls were aligned with enterprise security and compliance policies Without a centralized view, answering these questions required manual analysis and spreadsheet-driven reviews that were difficult to operationalize. Get started with its Salesforce Data Risk Assessment. Get your assessment Applying identity security to Salesforce With Varonis, Enverus began applying identity threat detection and response (ITDR) principles directly to Salesforce and other SaaS platforms. What had once been complex, static spreadsheet reviews became: * Clear prioritization of high-risk access * Actionable insights into who and what needed remediation * Simple, repeatable reporting aligned to enterprise policy This transformation empowered both the security team and Salesforce operators to focus on what mattered most. "We now have a far more complete picture of Salesforce than we ever had before." Alex Acosta, Vice President of Security, Enverus Improved Salesforce threat detection In 2025, Enverus' security operations team processed hundreds of alerts per day across its environment. Salesforce emerged as a particularly important attack surface due to its scale, connectivity, and data sensitivity. While most observed activity aligned with legitimate business workflows, a small subset required deeper investigation. Varonis helped to improve threat detection and reduce the deluge of alerts: * Salesforce-specific detections and monitoring * Guidance from a dedicated threat research team * New detection strategies that had not previously been on Enverus' radar This partnership enabled Enverus to investigate novel activity more effectively, validate behavior, and proactively design new detections to reduce future risk. "It felt like Salesforce-specific MDR. We gained a trusted partner with deep Salesforce security expertise that we could lean on as an advisor." - Alex Acosta, Vice President of Security, Enverus Spotlight: Protecting against a large-scale SaaS supply chain attacks In early 2025, by compromising Salesloft's GitHub repos, a threat actor known UNC6395 stole the OAuth tokens that allowed Drift, a widely used chatbot owned by Salesloft, to connect to customers' Azure, Salesforce, Google Workspace, and other integrated platforms. Between August 8 and 18, UNC6395 used those tokens to impersonate the trusted Drift application, bypass MFA, and systematically exfiltrate data from more than 700 organizations including Cloudflare, Zscaler, Palo Alto Networks, and Proofpoint. For most victims, the attack went unnoticed because OAuth abuse appears as normal API traffic, and attackers deleted query jobs to cover their tracks. The majority of affected organizations only learned of the breach when Salesforce and Salesloft notified them more than two weeks after the attack. Enverus was the exception. With Varonis deployed across the environment, Enverus detected, contained, and neutralized the attack before it fully materialized: Step 1: Cross-platform detection. Varonis initially flagged Drift activity in Azure as abnormal since its OAuth token refreshes originated from unusual IP addresses and its API call volumes exceeded Drift's baseline for Enverus. As a result, Varonis issued an alert and started checking Drift activity in other systems. Step 2: Salesforce telemetry confirms the threat. Salesforce Shield Event Monitoring provided detailed logs that allowed Varonis to identify abnormal activity in Salesforce by the Drift connected app, like logins from suspicious IPs and unusual API queries. Step 3: Varonis MDDR responds. Varonis correlated the Azure and Salesforce signals, and its Managed Data Detection and Response (MDDR) team engaged alongside Enverus' security operations to immediately take a series of actions to prevent a breach: * Suspended the compromised identity and revoked OAuth tokens * Classified sensitive fields and attachments to assess potential exposure * Removed excess high-risk permissions, including Export Reports and Create Public Links * Remediated overly permissive sharing rules and misconfigured Salesforce Sites Within two hours, Enverus had full containment and forensic proof that no sensitive data had been exfiltrated. Looking ahead Following the success across Enverus' environment, the team continues to expand its partnership with Varonis. They plan to further build on Salesforce-specific detections, monitoring, and threat prevention strategies while extending visibility and governance across additional platforms. "Varonis has been highly impactful for us, and it's something we're continuing to build on moving forward," Alex shared. What should I do now? Below are three ways you can continue your journey to reduce data risk at your company: Schedule a demo with Varonis Systems, Inc. to see Varonis in action. Varonis Systems, Inc.'ll personalize the session to your org's data security needs and answer any questions. See a sample of its Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation. Follow Varonis Systems, Inc. on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more. Nolan Necoechea Nolan Necoechea is a product marketing strategist at Varonis. He has spent more than a decade working with data and AI innovators.
Varonis: the platform advantage for security. Explore how Varonis' unified approach enhances data, AI, and email security, reduces costs, and prevents breaches through automated solutions and comprehensive visibility. Last updated May 20, 2026 What should I do now? Below are three ways you can continue your journey to reduce data risk at your company: Schedule a demo with Varonis Systems, Inc. to see Varonis in action. Varonis Systems, Inc.'ll personalize the session to your org's data security needs and answer any questions. See a sample of its Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation. Follow Varonis Systems, Inc. on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more. Eugene Feldman Eugene Feldman is a Product Marketer at Varonis, specializing in helping customers secure their data in SaaS applications such as Salesforce, Snowflake, and other enterprise platforms. Before joining Varonis, Eugene worked as a product marketer at Salesforce and several smaller enterprise software and security companies.
Find jobs on Simplify and start your career today
Industries
Data & Analytics
Enterprise Software
Cybersecurity
Company Size
1,001-5,000
Company Stage
IPO
Headquarters
New York City, New York
Founded
2005
Find jobs on Simplify and start your career today