Varonis for

Forcepoint Web Security

Combine Forcepoint ‘s web proxy events with Varonis’ file, email, and Active Directory metadata to detect threats faster with less noise. 

Request a demo
Forcepoint Logo

Challenge

Attackers hope to evade detection by blending into your noisy network. As the perimeter becomes less defined and adversaries become sophisticated, it’s critical to expand your detection window and take a defense-in-depth approach. Could you trace an incident from your perimeter to the data that was touched or stolen? Many organizations are data-blind. 

Solution

Forcepoint Web Security is a flexible web protection solution that provides fine-tuned control over users' web access while providing protection against web threats. By sending Forcepoint web proxy events to Varonis Edge, you’ll enhance your infiltration and exfiltration detections.

 

Edge events are aggregated, normalized, and enriched with valuable context such as geolocation, URL reputation, and account type. Events from Forcepoint are stored in a unified audit trail for forensics investigations, threat hunting, and reporting. 

Behavior-based, real-time detection 

Boost your kill chain coverage for intrusion, C2, and data exfiltration. Turn billions of events into a handful of meaningful alerts with hundreds of out-of-the-box machine learning detections developed by Varonis’ elite researchers and data scientists.

Quick & conclusive investigations 

Get a normalized, human-readable audit log that makes it easy to correlate web proxy events from Forcepoint with activity from Windows, Active Directory, Exchange, and Microsoft 365. Pivot from suspicious network activity to sensitive data access in seconds with end-to-end forensics.  

Flexible deployment 

Send web proxy events from Forcepoint to Varonis using syslog. If Forcepoint data is already collected in Splunk, you can forward those events directly to Varonis Edge.