Varonis Atlas Launches to Tame the Wild West of Enterprise AI Security

MIAMI – March 17, 2026 – Data and AI security firm Varonis Systems today announced the launch of Varonis Atlas, a comprehensive platform designed to give enterprises visibility and control over the burgeoning landscape of artificial intelligence tools being deployed within their networks. The launch comes as organizations grapple with the immense security risks posed by unmanaged AI, from sensitive data leakage to regulatory non-compliance.

Varonis aims to address a critical security gap that has widened with the explosive adoption of AI agents, copilots, and large language models (LLMs). While these technologies promise unprecedented productivity, they also operate at machine speed, accessing, processing, and even creating data in ways that legacy security models were not built to handle.

The Escalating Risk of Shadow AI

The problem Varonis seeks to solve is not theoretical. A recent study found that 41% of employees use generative AI tools for work without their IT department's knowledge or approval—a phenomenon known as "shadow AI." This creates massive blind spots for security teams, who cannot protect what they cannot see. The number of employees using these tools has tripled in the last year alone, leading to a sixfold increase in corporate data being fed into unsanctioned applications.

This uncontrolled proliferation has led to tangible security incidents. The average organization now experiences over 200 AI-related data security events per month. High-profile vulnerabilities like 'EchoLeak' (CVE-2025-32711) have demonstrated how attackers can exploit AI assistants like Microsoft 365 Copilot to exfiltrate enterprise data without any user interaction. These risks are compounded by a surge in AI-facilitated attacks, with deepfake-driven phishing campaigns and AI-enhanced ransomware becoming increasingly common.

“AI completely disrupts the enterprise security model. Instead of humans clicking through UIs, agents are accessing data directly — and this places data and AI security front and center,” said Yaki Faitelson, CEO and co-founder of Varonis, in the announcement. “If you can’t continuously discover, assess, and secure agents and LLMs, you can’t use AI at scale.”

A Blueprint for AI Governance

Varonis Atlas is positioned as an end-to-end solution for the entire AI security lifecycle, structured around a "Find, Fix, and Alert" methodology. The platform connects to a wide array of AI systems, from custom-built LLMs to commercially embedded copilots, providing a single pane of glass for security and compliance teams.

The platform's capabilities are designed to systematically reduce AI-related risks:

• Find: Atlas begins by creating an AI Inventory, continuously discovering all AI assets, projects, and systems across the environment, including the elusive "shadow AI." Its AI Security Posture Management (AI-SPM) scans these assets for vulnerabilities and misconfigurations, while AI Pen Testing capabilities allow organizations to proactively stress-test their systems against attacks like prompt injection and jailbreaks.

• Fix: To prevent incidents in real-time, AI Runtime Guardrails enforce policies to block sensitive data leakage and stop malicious or non-compliant AI usage. For governance, the platform offers out-of-the-box reporting to help organizations validate their adherence to evolving regulations like the EU AI Act and frameworks such as the NIST AI Risk Management Framework.

• Alert: Through AI Activity Monitoring and AI Detection and Response (AIDR), Atlas provides a complete audit trail of AI interactions—from LLM calls to data access—and generates real-time alerts on suspicious behavior, which can be integrated into existing security operations centers.

The Data-Centric Differentiator

While the AI security market is becoming increasingly crowded, Varonis is betting that its deep roots in data security will be its key advantage. The Atlas platform integrates directly with the Varonis Data Security Platform, a mature solution trusted by thousands of organizations for discovering, classifying, and protecting sensitive data wherever it lives.

This integration provides crucial data context that many standalone AI security tools lack. As one industry expert noted at the recent RSA Conference, the primary risk of AI often isn't the model itself, but how corporate data moves and is duplicated throughout the AI lifecycle.

“Most AI security tools are fragmented and data-blind,” said Ron Bennatan, VP of AI and Data Security Strategy at Varonis. “They can inventory your AI systems or monitor prompts, but they can’t govern the entire AI lifecycle or control what it does with your critical data. That’s the real risk, and is exactly what Atlas solves.”

By understanding not just what an AI agent is doing, but also the sensitivity of the data it is accessing, Atlas can provide far more intelligent and actionable alerts. For example, it can differentiate between an AI summarizing public marketing documents versus one attempting to access and process confidential intellectual property or employee PII, allowing for a more nuanced and effective security response.

Navigating a High-Stakes Market

Varonis enters a dynamic and competitive market projected to be worth over $93 billion by 2030. It will compete with a diverse range of players, including cybersecurity giants like Palo Alto Networks and CrowdStrike, which are extending their platforms into AI security, as well as specialized startups like Cyera and Wiz, which are building out AI-SPM capabilities.

However, the company's strategy of leveraging its core data-centric expertise could carve out a unique and defensible position. For its large existing customer base, Atlas offers a natural extension of their current data protection investments, providing a unified approach to securing both data-at-rest and data-in-use by AI.

The launch of Varonis Atlas reflects a broader industry shift from viewing AI as merely a tool for security to recognizing it as a new, critical domain that requires its own dedicated governance and protection. As organizations move beyond experimentation to full-scale AI deployment, platforms that can provide comprehensive visibility, enforce security policies, and ensure compliance will become indispensable for transforming AI's potential into a secure and strategic advantage.