Varonis Launches Third-Party App Risk Management

Varonis reduces your SaaS attack surface by discovering and remediating risky third-party app connections.
Nathan Coppinger
3 min read
Last updated May 10, 2023

Third-party apps add a lot of value to end users and are easy to connect to corporate SaaS platforms (think of an Outlook plug-in for Salesforce, for example). The problem is that end users can grant third-party apps permissions to corporate applications and data without the security team’s oversight or approval.

Third-party apps often create SaaS-to-SaaS connections that sync data from your sanctioned cloud to the third party’s cloud. This creates a supply chain risk, especially if the third-party provider has weak security practices.

Notes.io app requestUsers connect third-party apps to their corporate SaaS accounts.

Security admins have very little visibility or control over these applications without a central control panel to manage and monitor risky integrations.

Varonis finds third-party app connections to your SaaS environment, scores their risk level, and identifies what permissions they have. From there, you can remove users from apps or remove apps altogether to control risk and reduce costs. 

Authorized apps

View all of a single user's connected apps.

With Varonis’ new third-party application risk management capabilities, organizations can gain unprecedented visibility and control over third-party apps connected to Salesforce, Google Drive, Microsoft365 and Azure by:

Identifying third-party app risk

  • Gain a clear view of third-party application risk with intuitive dashboards.
  • View the scope of their permissions in a simple CRUDS model.
  • A bi-directional view of permissions provides insights into each app's connected users.

Monitoring application activity and use

  • Closely monitor application activity.
  • Save money by identifying unused apps or users that can be removed.
  • Detect and alert to risky actions performed by third-party apps.
  • Identify stale apps or stale user access.

Reducing third-party app risk

  • Remove applications from your platforms entirely.
  • Remove individual user permissions from third-party applications.

Gain a clear overview of third-party application risk with Varonis.

Our third-party app risk dashboard provides a complete overview of the apps connected to your environment. You’ll see the total number of apps in your environment, whether active or stale, the level of risk they pose, and if they have been verified by admins — along with other key risk indicators.

Third party app risk dashboardGain a centralized view of third-party app risk across your environment.

From this dashboard, admins can drill down into each application to understand the scope of their access and the risk they may pose.

Analyze the scope of application permissions.

When you potentially have dozens of applications connected to each corporate SaaS product, analyzing permissions is a near-impossible task using native security tools alone.

Varonis gives you a clear picture of the effective permissions of each third-party app. We break third-party app permissions down to a simple to understand CRUDS (Create, Read, Update, Delete, and Share) model — just like we do for end users — making it simple to understand an app’s effective permissions and the risk they pose to sensitive data. 

Application scope

Drill down to view each app's permissions.

With our bi-directional permissions view, you can also see all the users using a single app or click a user and see every application they have connected.

You may have applications that only a single user uses (and we’ll call this out in the dashboard), or there may be a popular app with hundreds of users connected to it. 

This view lets you measure third-party app usage, so you can right-size access and remove stale apps entirely. Reduce risk and your license costs at the same time!

You’ll see which admins and other privileged users have third-party apps connected to their accounts. Since Varonis monitors the activity performed by each app, we can detect suspicious behavior and answer the question: “Did this app abuse its privileges or access sensitive data?” 

Remove third-party app access.

Varonis can revoke an app’s access to your environment entirely if you have deemed it unnecessary or too risky to leave connected.

Selected for RemovalRemove app connections directly from the Varonis interface.

Leaving stale applications in your environment opens you up to the chance that a vulnerability is discovered within it. A malicious actor could use that vulnerability to gain access to your environment and sensitive data.

Reduce costs.

Along with reducing risk, Varonis’ remediation capabilities can help organizations reduce costs and save money. If you have a third-party app that charges per user, you can easily find the users that do not use the app and remove their access to reduce costs. 

Additionally, you may find that you’re paying for an app that almost no one uses, so you can decide if you want to renew your contract with the vendor. 

Monitor application activity and detect risky actions.

Not all applications are created equal. While most major platforms with app marketplaces vet new apps, they can still have vulnerabilities that could one day be exploited to gain access to your environment. 

There is also the chance that a malicious actor hid malware in an otherwise legitimate-looking app, and it could begin accessing and exfiltrating sensitive data right under your nose. A malicious app could even hijack a privileged account and make dangerous configuration changes in your cloud environments.

Just like with human users, Varonis tracks the activity of all your third-party applications and provides a complete and easy-to-read audit trail of cross-cloud events. We’ll detect any unusual or risky activity and alert you in real-time, so you can immediately investigate and remove the offending third-party app.

Rogue app indication-1Detect and investigate risky third-party app activity.

We can also monitor user activity related to third-party apps to detect risky actions, such as when many users connect to a high-risk app, significantly increasing your attack surface. 

Get started managing third-party app risk with Varonis.

It only takes 15 minutes to start discovering and managing third-party app risk with Varonis. Sign up for a free risk assessment today!

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

varonis-enhances-salesforce-security-with-high-risk-permissions-remediation
Varonis Enhances Salesforce Security With High-Risk Permissions Remediation
Identify and automatically remediate high-risk Salesforce permissions to reduce risk and improve your SaaS security posture.
how-varonis-saves-salesforce-admins-hours-in-their-day
How Varonis Saves Salesforce Admins Hours in Their Day
Varonis provides industry leading Salesforce management and permission implications capabilities to help save Salesforce admins hours in their day.
protecting-salesforce:-remediating-misconfigured-sites
Protecting Salesforce: Remediating Misconfigured Sites
Varonis enables organizations to identify and remediate misconfigured Salesforce Site guest permissions that expose sensitive data publicly.
protecting-salesforce:-preventing-public-link-creation
Protecting Salesforce: Preventing Public Link Creation
Identify and prevent the creation of Salesforce public links and reduce your blast radius with Varonis.