Sold by: Varonis
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Varonis automatically discovers sensitive data in SaaS repositories, identifies where data is exposed, helps reduce risk by rightsizing privileges, and monitors data for suspicious activity to prevent cyberattacks from taking hold.
4.5
Overview
Stop Data Breaches Automatically. With AI-powered automation, continuously discover and classify critical data, remove exposures, and stop threats in real-time.
Varonis offers security teams a single control point to monitor and protect their SaaS, IaaS, and on-prem environments, including structured and unstructured sensitive data.
Varonis identifies and surfaces where sensitive data lives across your environments and shows you where it's exposed. Varonis helps you reduce risk by understanding and rightsizing privileges, finding and fixing misconfigurations and security gaps, and monitoring for suspicious or inappropriate behavior across SaaS and IaaS platforms.
Automated DSPM for AWS, Box, M365, Google, Salesforce, GitHub, Okta, Zoom, Jira, and Slack.
More than 7,000 enterprises worldwide trust Varonis to keep their data safe.
Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.
Data classification - Find and classify sensitive data across structured and unstructured data, including PII, PCI, and secrets, across all data stores, including saas, IaaS, and on-prem environments.
Permissions analysis: Easily understand effective permissions to reduce data exposure and compliance gaps, such as ex-contractors and guest users who still have unnecessary access.
Threat detection & response: Monitor data activity and alert on data exfiltration attempts by insiders and malicious actors.
Least privilege automation Safely eliminates data exposure from sharing links, stale permissions, and group memberships.
Automated posture management: Find and fix misconfigurations, org-wide settings problems, and other critical security gaps.
Core use cases:
-Sensitive data discovery and classification -Compliance management -Least privilege automation -Insider risk management -Ransomware prevention -Data security posture management (DSPM) -SaaS security posture management (SSPM) -Cloud security posture management (CSPM) -Proactive incident response
GETTING STARTED
All Varonis products are free to try and come with an engineer-led data risk assessment. The platform can be deployed in minutes and populates insights instantly, giving you a comprehensive look at your data security posture and actionable steps to reduce data exposure.
Request a risk assessment: https://info.varonis.com/en/demo-test-drive . For custom order configuration & volume pricing, please contact aws@varonis.com
Highlights
- Unrivaled visibility into SaaS and IaaS platforms - Varonis applies consistent and highly accurate classification policies across your SaaS and IaaS platforms to identify where sensitive data lives in your environments. Varonis maps and normalizes granular permissions across platforms into a simple CRUDS model - pairing with sensitivity results to show you who has access and where data is exposed org-wide, publicly, and externally.
- Enhanced data security posture management (DSPM) - Surface critical org-wide configuration gaps across your SaaS and IaaS platforms, and fix them with a simple click of a button. Use Varonis' customizable DSPM dashboards to continuously visualize and assess your data security posture and track progress over time. See where there are unnecessary pathways to data and monitor changes to risk over time so you can reduce threats to your sensitive data as your SaaS and IaaS environments evolve.
- Near real-time threat detection - Monitor activity across your SaaS and IaaS platforms to detect suspicious or risky activity to protect your critical data from malicious actors with notifications on abnormal activity, unauthorized access, and risky misconfigurations. Use our highly detailed alerts to jumpstart your investigation and drill down into our granular audit trail of activity to perform cross-cloud forensic investigations.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(2)
ISO27001
PCIDSS
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Varonis for AWS/S3/RDS IaaS | DSPM coverage for AWS, S3, EC2 and RDS | $750.00 |
Varonis for Box | DSPM coverage for Box | $310.00 |
Varonis for Salesforce | DSPM coverage for Salesforce | $310.00 |
Varonis for Slack | DSPM coverage for Slack | $310.00 |
Varonis for Google Drive | DSPM coverage for Google | $310.00 |
Varonis for Okta | DSPM coverage for Okta | $310.00 |
Varonis for Jira | DSPM coverage for Jira | $310.00 |
Varonis for Github | DSPM coverage for Github | $310.00 |
Varonis for Zoom | DSPM coverage for Zoom | $310.00 |
Varonis for M365 | DSPM coverage for M365 | $400.00 |
Vendor refund policy
Please contact aws@varonis.com
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
We offer premium support for customers with business hours support coverage through global phone contacts, email, and our worldwide community forum.
https://www.varonis.com/support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Varonis
By Obsidian Security, Inc.
By Netskope
Top
10
In Data Security and Governance, Legal & Compliance
Top
10
In Data Security and Governance
Top
100
In Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Sensitive Data Discovery and Classification
Automatically identifies and classifies sensitive data including PII, PCI, and secrets across structured and unstructured data stores in SaaS, IaaS, and on-premises environments using AI-powered automation.
Permissions Analysis and Least Privilege Automation
Maps and normalizes granular permissions across platforms into a CRUDS model to identify excessive access, eliminate stale permissions, and automatically reduce data exposure from sharing links and group memberships.
Data Security Posture Management
Continuously discovers and surfaces critical configuration gaps across SaaS and IaaS platforms with customizable dashboards to visualize security posture, track progress over time, and identify unnecessary data access pathways.
Real-Time Threat Detection and Monitoring
Monitors data activity across SaaS and IaaS environments to detect suspicious behavior, unauthorized access attempts, and data exfiltration by insiders and malicious actors with granular audit trail capabilities.
Multi-Platform Coverage
Provides automated data security and posture management across AWS, Box, Microsoft 365, Google, Salesforce, GitHub, Okta, Zoom, Jira, and Slack platforms from a single control point.
Identity Threat Detection
Active threat detection and neutralization for SaaS identities with spearphishing blocking and incident response capabilities
Third-Party Integration Risk Management
Discovery and governance of third-party integrations across SaaS applications with risk assessment and mitigation
Data Movement Governance
Monitoring and control of data movement between SaaS applications with visibility into data flows
Application Posture Management
Automated compliance enforcement, privilege reduction, and configuration drift prevention across SaaS platforms
Unified SaaS Security Platform
Integrated platform combining identity security, data governance, and application posture management in a single modular solution
Cloud Access Security Broker
Unified cloud access security broker (CASB) functionality providing visibility and control over access to managed and unmanaged cloud services with conditional, granular policy enforcement.
Secure Web Gateway
Next generation secure web gateway (SWG) capabilities delivering comprehensive threat protection for cloud and web services with context-aware access control.
Data Loss Prevention
Data-at-rest and data-in-motion inspection with DLP violation detection, malware scanning in cloud storage, and data exfiltration prevention to unmanaged cloud infrastructure.
Cloud Infrastructure Monitoring
Continuous security assessment monitoring of cloud infrastructure for risky misconfigurations including data exposure across AWS and other cloud providers with inventory and configuration visibility.
Compliance and Remediation Automation
Pre-defined compliance profiles aligned with CIS, PCI, and NIST standards, advanced RBAC, scheduled reporting, alert notifications, exception handling, and automated remediation capabilities accessible via REST APIs.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
No security profile
No security profile
Standard contract
No
No
Customer reviews
TarunKumar11
Data governance has strengthened and automation now reduces risk and manual compliance work
Reviewed on Jun 03, 2026
Review from a verified AWS customer
What is our primary use case?
Varonis Platform solves critical questions for many organizations, such as where sensitive data resides, who has access to this data, whether the access is appropriate, and how this data is being used. Many of my clients are in the financial services, healthcare, insurance, and manufacturing domain, and they have been using this for multiple use cases. The number one use case is data governance, identifying secure sensitive information, and other very important use cases include compliance requirements for GDPR, HIPAA, PCI DSS, and Sarbanes-Oxley. Certain other use cases can be around insider threat monitoring and ransomware defense.
My client is using Varonis Platform , which focuses on data permissions, user access, and data movement within their organization. This is how they use this for all practical purposes, and they have been getting returns out of having very strong visibility into their unstructured data. They carry out fairly reasonable permission analysis and can further strengthen their permission-based regime within the organization. They use Microsoft 365, and Varonis Platform has a strong integration with Microsoft 365, which brings in good forensic capabilities as well. Varonis Platform provides great compliance support; it has a great classification engine that helps with insider threat detection and reduces manual effort by automating many processes, which is very important. They have been using this successfully for data discovery, classification, security posture management, access governance, and insider threat protection.
I discussed insider threat detection, ransomware detection, remediation using automation, compliance reporting, and incident investigation in forensics, and these capabilities sum up Varonis Platform.
What is most valuable?
Varonis Platform offers key features including data discovery, data classification, data analysis, governance, user and entity behavior analysis, also known as UEBA , which helps in ransomware detection, insider threat detection, and compliance reporting. It does a lot of automation from a remediation standpoint, as well as investigation and forensics.
The number one feature that makes the biggest difference for my clients is visibility into unstructured data; that is the most difficult for organizations to achieve. They do not have a good understanding of where sensitive data resides, who has access to this data, whether this access is appropriate, and how data is being used. Varonis Platform provides visibility, governance, threat detection, and automated remediation around data.
Varonis Platform is a great data discovery platform that provides visibility into sensitive data estimates and how it is being used. Clients have been able to reduce excessive permissions, strengthen their compliance posture, detect insider threats, and ransomware activity, which would otherwise be difficult and manual.
Varonis Platform is deployed in my clients' organizations in a combination of all types. Many clients use Varonis Platform in a largely SaaS-based model since it is a data security platform consumed in this way, and many organizations still operate hybrid environments. As far as Varonis Platform is in a position to get the data source and identify systems, it can discover and classify more secure data. Deployment in most of our clients is cloud-based, connecting to Microsoft 365, AWS , or other SaaS applications such as Salesforce . In other environments, it is a hybrid deployment with SaaS and on-premises, including file servers, NAS devices, and AD servers.
What needs improvement?
I think about a few things regarding how Varonis Platform can be improved. The licensing pricing model and module licensing can be complex for customers to understand. Faster deployment could be beneficial, and there could be more flexibility regarding dashboard customization. AI-powered prioritization to reduce analyst workload could also be looked at. While I think it is a mature and capable platform, there are opportunities around simplifying licensing, accelerating deployment, improving risk management, and further reducing operational complexity.
There is no other relationship. I receive a twenty-dollar gift card.
For how long have I used the solution?
I have advised many clients who have been using Varonis Platform for more than five years, and the first time I recommended this platform to a number of my clients was about three to four years back.
What do I think about the stability of the solution?
Varonis Platform is stable and mature. None of our clients have found any issues with it. In my experience, Varonis Platform is a stable and mature platform. It has been in the market for many years, widely deployed across large enterprises, and our clients are capable of handling large environments with significant volumes. It is a mature product with a long track record, widely adopted, and very reliable. Varonis Platform has been consistent and dependable in my experience.
What do I think about the scalability of the solution?
Varonis Platform is highly scalable and designed to support large enterprise environments, which could have millions of files, thousands of users, and multiple data types. Scalability is generally considered one of its strengths.
How are customer service and support?
Customer support is quite strong, and it could be a differentiator as well.
Which solution did I use previously and why did I switch?
Varonis Platform was not being used before; this was the platform we started using because a need was identified at many client places. There were no piecemeal solutions or comprehensive solutions available, and many clients were either not using anything specific or had some competitors at version 2.0 level, but otherwise, no definite solution.
How was the initial setup?
If it is a multiyear contract, then a good discount is available. The typical market perception is that Varonis Platform is more premium priced compared to other governance tools, but in large deployments, it is extremely handy, and you can justify the cost through various factors, including return on investment.
What was our ROI?
Varonis Platform has definitely reduced the risk of data breaches at many client sites and has definitely lowered manual effort; manual effort has decreased by seventy percent due to automating data classification and permission reviews. It has reduced audit preparation time and compliance efforts in evidence selection for GDPR, HIPAA, PCI DSS, and others. I have also seen a strong improvement in security operations with a focus on the introduction of mean time to detect and mean time to respond.
From the perspective of metrics, I can talk about some security metrics where insider threats have been detected. The percentage of detection of insider threat incidents has really gone up; at least the visibility has improved. It has reduced manual access reviews by anywhere between fifty percent to seventy percent. The time for audit preparation has reduced, and the number of compliance findings that have been remediated has decreased. This has reduced the regulatory and compliance risk as well.
Which other solutions did I evaluate?
I was considering a few options; however, there were a few clients who were using alternatives, but mainly I focused on Varonis Platform.
What other advice do I have?
Varonis Platform's AI capabilities play a very important role in governance and security as it helps organizations understand what sensitive data is, who has access, whether the data is overexposed, and it does continuous monitoring of data while enforcing least privileged access. It definitely provides for sensitive data discovery, access governance, data exposure analysis, helps in compliance support, and provides aid in producing and maintaining audit trails, forensics, and automated remediation. While it is not an AI platform per se, it uses an AI engine to strengthen its data management capabilities, forming a strong foundation for enterprises.
I would advise organizations to treat using Varonis Platform not just as a security tool being deployed but as a data protection program, where the greatest value comes from visibility, excessive permissions, sensitive data exposure, and governance gaps. Everyone should start with high-risk data, establishing clear ownership and leveraging its automation capability as far as possible, cleaning up your permissions early, using automation, setting up alerts and policies, integrating with other workflow systems in your organization, and measuring success through risk reduction metrics. Focus on data exposure reduction and permission governance first, and look at outcomes through ROI eventually. This review has received a rating of nine out of ten.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Tacio Veiga
Improved visibility has strengthened data governance but performance still needs improvement
Reviewed on May 26, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Varonis Platform is to monitor access to sensitive data across file shares, Microsoft 365, and SharePoint . The main objective is to identify overexposed data, reduce access risk, and detect abnormal user behavior that may indicate insider threats or compromised accounts.
A specific example of how I used Varonis Platform to monitor and detect abnormal user behavior involved a file share on our network that contained terabytes of data. We did not have enough visibility to know if someone was stealing important information or if incorrect permissions were set on some information, which meant we had to protect the data available for the entire company.
What is most valuable?
The best features Varonis Platform offers include its visibility. Before using Varonis Platform, we had limited insight into who accessed sensitive files on this file share, whether permissions were excessive, and Varonis Platform helped us quickly identify stale data, permissioned folders, and unusual access patterns, significantly improving our data governance and security posture.
Varonis Platform's visibility feature helped us improve our data governance as we created a process that involved data classification and discovery over sensitive content. After that, we started contacting the owners to verify if the files and permissions were correct. If they were not, we moved the information to another folder or asked the owner to do that.
Varonis Platform positively impacted our organization by helping us identify sensitive data that was accessible to more users than necessary, thereby reducing unnecessary permissions.
What needs improvement?
Varonis Platform could be improved because when I used it, we had a significant issue related to the large volume of data on that file share. Although Varonis Platform helped us gain more visibility, it became really slow when handling a lot of information, which created some issues.
For how long have I used the solution?
I have been using Varonis Platform for two years.
What was our ROI?
I noticed measurable outcomes from this, mainly the reduction of people reporting that certain information was available for everyone, which led to fewer tickets being raised about this information.
What other advice do I have?
Varonis Platform receives a rating of seven out of ten. I chose seven out of ten because the user experience was easy, we could apply it and gain more visibility, but the performance of the solution needs more improvement.
I did not use much of the artificial intelligence capabilities on Varonis Platform regarding governance and security. I did not have experience with the accuracy and reliability of output regarding the artificial intelligence capabilities on Varonis Platform.
My advice for others looking into using Varonis Platform is that if you want to use it in a very large environment, you should think twice and conduct some proofs of concept first to check if it is a good fit. Otherwise, I would not recommend it.
Manufacturing
Easy Reporting and Automations That Keep Teams Focused
Reviewed on May 15, 2026
Review provided by G2
What do you like best about the product?
Reporting and automations are easy to setup and filter so you can focus on specific areas that are important to your business or send info to other teams that is relevant to them.
What do you dislike about the product?
Not all configuration items have moved to the cloud portal so there is still some switching between the on-prem collector and cloud portal.
What problems is the product solving and how is that benefiting you?
Finding sensitive files that can be accessed by more users than they should be
Retail
Powerful platform with a learning curve worth climbing
Reviewed on May 13, 2026
Review provided by G2
What do you like best about the product?
What stands out most is the visibility Varonis gives us into where sensitive data actually lives and who has access to it. It automatically discovers and classifies PII/PHI across our file shares and cloud storage, and surfaces overexposed data and excessive permissions that we'd never catch manually. It's turned a reactive process into a proactive one for us.
What do you dislike about the product?
Initial deployment and tuning are resource-intensive, especially in a larger or more complex environment. Getting the platform fully integrated, baselined, and producing high-signal alerts isn't a quick exercise — it took us several weeks of focused work plus support from professional services to really hit our stride. Worth it in the end, but be prepared to invest the time upfront.
What problems is the product solving and how is that benefiting you?
Before Varonis, we had limited visibility into where sensitive data lived and who could access it across our file shares and cloud storage. We knew we had overexposed data and stale permissions, but cleaning it up manually wasn't realistic. Varonis gave us a clear picture of our exposure and helped us systematically remediate it — locking down global access groups, removing unnecessary permissions, and moving toward a true least-privilege model. The benefit is a measurably smaller blast radius if an account is ever compromised.
Computer Software
Strong Integrations That Simplify Review and Remediation
Reviewed on May 13, 2026
Review provided by G2
What do you like best about the product?
There are a strong number of integrations available for both on-premises and cloud-based assets, which makes it easier to handle review and remediation.
What do you dislike about the product?
The interface can feel slow at times, and the email customization options are limited and lacking in features.
What problems is the product solving and how is that benefiting you?
They’re helping us move away from bad practices from the past, while also informing our user community about potentially better methods for doing their work and sharing their results.