Last Updated on September 10, 2024 by Deepanshu Sharma
A few questions we get asked on a regular basis are “how do we compare with Varonis?” and “is Lepide a Varonis alternative?”
To answer these questions I’ve created this blog. Whilst I’ve tried to remain unbiased, clearly, I have a favorite. It’s also important to know this blog is in many places anecdotal, created from information obtained either from direct customer feedback or publicly available sources.
With that being said, this blog aims to help prospects and customers ask the right questions about Varonis before making a decision.
Is Lepide a Varonis Alternative?
Up until around 2015, Varonis had a monopoly on the data security platform market. Whilst they have still seen significant revenue growth, there have been several data-centric security vendors, such as Lepide, that have risen to prominence in the years since.
As to whether we’re a competitor or not depends on what you’re looking at Varonis for. If you’re considering Varonis as a means of classifying sensitive data, tracking user behavior, uncovering current/excessive permissions, or even keeping track of states and changes around Active Directory, Group Policy, etc. – then without a doubt we should also be on your list of vendors to look at.
It is, however, fair to say that a lot of the prospects that choose our data security platform will have used or reviewed Varonis at some point in the discovery process. There is a lot of crossover in both our functionality and messaging.
Both Lepide and Varonis aim to help organizations improve their data security posture management (DSPM) through a combination of identity and data security solutions. Whilst Varonis delivers this through lots of separate, integrated solutions, Lepide delivers this functionality in a single, comprehensive Platform.
Varonis Alternative for Auditing of Changes and States on Critical Systems
Quite a lot of prospects that look at Varonis and Varonis alternatives are seeking a platform to audit, alert, and monitor the systems that govern access to the data. Specifically looking to audit Active Directory, Group Policy, SQL Server, SharePoint, and other key pieces of infrastructure.
Both Varonis and Lepide believe that tracking changes and reporting on states across these systems is critical to keeping the data secure.
In terms of functionality, I’ve not heard of any negative feedback around the Varonis offering apart from a few niggles around the latency of the alerts when changes are made. Like for like, the functionality of Lepide Vs Varonis across these areas is frankly pretty similar.
If you’re looking for a means of auditing changes made to these platforms or want to keep track of the states of these platforms, I’d argue that our reports offer more detail, are faster to run, and are easier to manipulate and configure. Or at least this is the feedback we’ve heard from some of our larger customers. I’ve specifically heard this around the quality of our Group Policy reporting.
Aside from functionality we also win vs Varonis in this area because of our pricing model. Whilst I believe we win based on functionality, it would be naive of me to claim that price isn’t relevant.
Varonis Alternative for Threat Detection/Response
A common reason many prospects look at our solution and the Varonis solution is to determine what their users are doing with their sensitive data. More accurately, to determine whether users are acting ‘abnormally’ or inappropriately with their sensitive data, which might indicate a compromised account or other type of security threat.
Our approach to this is quite different from Varonis. We fully integrate the ‘sensitive data type’ into our core reports and make it simple to include sensitive data types when creating alerts. Our anomaly spotting offers the ability to spot anomalies in user behavior or a specific system (though is perhaps not as integrated as the Varonis platform). I believe in this area our solution is easier to use and understand which ultimately makes it easier to get value from.
One major thing we’ve heard quite a few times is the latency on alerts with the Varonis solution. We’ve had some users claiming alerts are not what you’d call “real-time.” The other key thing we’ve heard is that Varonis cannot alert when files are copied. It’s an issue that many of our competitors struggle with. We believe it’s imperative you know this information as files being copied represents one of the biggest security risks. We’re able to do this as we use a lightweight agent that captures this detail in real time.
Our threat response capabilities are also closely aligned with what Varonis has. We can automatically take actions based on real-time alerts as they come through to contain threats as quickly as possible. This is where speed plays a part, and why a lot of Varonis customers are seeing the value in Lepide. We’re quicker.
They do however offer a much broader range of platforms than we do. We cover platforms they don’t and vice versa. So, it’s a good idea to check that the platforms you require are covered. If you’re unsure, just ask us (there’s every chance that if we don’t cover it currently, it’s on our immediate roadmap).
Varonis Alternative for Privileges and Permissions
A key feature that both Varonis and Lepide share is the ability to help enterprises easily understand who has access to what and help determine whether permissions and privileges are appropriate.
We’re both able to offer reports on excessive permissions and show who has access to which files and folders. Or, in reverse, which files and folders (with which permissions) a user can access.
From what we’ve seen, Varonis offers more functionality for the identification of data owners than we currently do, and they also offer the ability to handle the automation of / granting of permissions straight from within their console. Though I’m not sure how widely used this feature is.
One feature that we have that I’ve not seen Varonis offer is historic permissions. Being able to see who HAD which levels of access at a previous point in time so that you can compare permissions and revert permissions to historic states. This is a report that our customers find very useful.
Varonis Alternative for Data Discovery and Classification
Make no bones about it – the Varonis data security platform is comprehensive and mature. It delivers extensive data discovery functionality, although from what I’ve heard this is an OEM of a third-party Oracle SDK plug-in.
I have heard a few prospects claiming that it only classifies files under a certain file size, I’ve heard this is around 25MB per file.
All of that being said, by all accounts, it’s pretty good. Despite the discovery aspect of the Varonis solution that seems to work smoothly, I have heard mixed feedback on the classification side of things. The main complaint we’ve heard seems to have to do with false positives, which I know is a common problem for many vendors offering such solutions.
The other main gripe we’ve heard often about the Varonis offering is the cost, both in terms of the product itself and in the services they will attempt to ‘make’ you buy for the deployment.
While our approach as a Varonis alternative is 100% homegrown it does not have the same level of functionality in the range of supported platforms (yet). Our approach is much more simplistic than Varonis’s. We enable the discovery and classification of files (of any size) based on a range of PII types specified by pre-defined regular expressions. We then populate our reports and alerts section making it easy to work out what’s happening to these files. Where we tend to win is the ease of deployment, ease of use, and cost. Often, we’re well under a third of the cost of Varonis in this area.
Frankly though, if data discovery and classification is your primary driver and a siloed project then it’s likely that neither Lepide nor Varonis would suit your needs. In fact, in those cases, we recommend a solution like Spirion. The value of Lepide comes through when classified data is used to add context to permissions reporting, user behavior analytics, and threat detection.
Differences in Commercial Engagement
Another, perhaps incidental, point is that we’re not about the heavy, hard sell. No one wants it. I have even heard some people walking away from Varonis altogether as they felt the engagement was a little overzealous.
I’ve heard it’s hard to get a demo of their solution or you want to try it yourself, it’s not that easy. They would rather draw you in on a risk assessment. They’re also keen to wrap the process in professional services. Perhaps they don’t like showing people the GUI until later in the engagement. Whilst it’s a matter of preference, I don’t think it’s unreasonable to say that the GUI within the Varonis solution is in places inconsistent. As is often the natural evolution with these things. In some places, it looks a little Windows 3.1-esq.
Where Lepide Wins
I truly believe we win because people prefer how easy our solution is to install, deploy, and use. They prefer the speed and flexibility of the reports and alerts Lepide delivers. It would also be foolish to ignore the fact that Varonis quite often price themselves out of reach.
Budget of course plays a role in decision making and I’m sure has been the deciding factor in prospects choosing Lepide over Varonis. Varonis has hundreds of line items and often hidden costs (such as charging separately for alerts) that tend to escalate their price. I firmly believe that Lepide offers a far superior return on investment.
As to which solution you should choose, it’s clearly (obviously) dependent on your needs. There is no right answer. What we know for certain; 90% of those prospects that compare Lepide vs Varonis, choose Lepide.
Varonis offers a lot more bells and whistles than we do, and the company has been around longer. However, for most prospects, our offering delivers exactly what they need without complexity or unnecessary add-ons. We also have a significant roadmap in place so even if there’s something you need that we don’t currently provide, I can pretty much guarantee it’s in the pipeline.
For anyone comparing us to Varonis, or any other vendor for that matter, I highly recommend talking to one of our experts for an informal, unbiased conversation about the problems you’re trying to fix.
If you’d like to see how the Lepide Data Security Platform can give you an edge over Varonis to improve your data security, privacy, and compliance strategy, schedule a demo with one of our engineers.