Varonis EOL’d On‑Prem. We’re doubling down.

The market’s loud right now. Recent Varonis headlines have made plenty of noise, and it’s easy to lose sight of the bigger issue: a steady push to “move everything to our cloud.” If you’re feeling it, you’re not imagining it.

Varonis has been narrowing the lanes: migrate to their SaaS, follow their roadmap, rework your environment on their timeline. That may be convenient for them, but here’s the thing: building great security software isn’t about vendor convenience; it’s about doing right by customers.

“Choice is not a feature toggle. We’re committed to on‑prem for the long haul and to meeting customers where they need us: in their cloud, hybrid, or our private SaaS.”

— Himanshu Shukla, Founder & CEO, Lightbeam

In their Q3 2025 earnings call, Varonis announced the end‑of‑life of their self‑hosted product as of December 31, 2026. Management linked the decision to weaker on‑prem renewals and a push to focus on a unified SaaS platform, including integrating recent acquisitions and deepening Microsoft alignment. That choice accelerates their roadmap. The trade‑off is customer choice. And when a vendor signals for several quarters that SaaS is the only destination, through roadmap focus and pricing, lower on‑prem renewals are a predictable outcome, not proof that customers don’t need on‑prem.

The effect is clear: one path… theirs. We’re choosing a different one: deployment flexibility and customer control.

What does deployment flexibility look like?

Your data already lives across file shares, SaaS apps, object stores, and data warehouses. A DSPM platform should run beside that data, not haul it elsewhere. With Lightbeam, you can deploy where your data already lives: on‑prem, in your own cloud tenant (AWS, Azure, GCP, or OCI), hybrid, or in our private SaaS.

Running next to the data matters: it keeps sensitive data and metadata inside your perimeter, delivers faster scans and classifications, and avoids egress and bandwidth costs, especially at petabyte scale. You can run scanning and classification next to the data (in multiple datacenters on‑prem or in your clouds) while managing centrally, either in our SaaS or in your own environment.

We don’t take custody of your data or metadata. Our platform governs without requiring it.

We built Lightbeam differently, on purpose.

Data security isn’t one problem; it’s a pile of them: discovery, classification, access, privacy, and day‑two operations. Those problems are compounded by scale and human toil. Our founding story started there: sensitive data scattered across reports, lakes, and apps, and no reliable way to say what was where, who it belonged to, or how to keep it safe without grinding teams down. Automation wasn’t a nice‑to‑have; it was the only way out.

So we designed Lightbeam around a few principles:

• Proximity to data. Run beside the data to see it completely, classify it quickly, and keep content and metadata under your control.
• Identity at the center. Connect every file, record, and attribute to the people it represents so security protects people, not just storage locations.
• Automation over toil. Automation applies policies and executes changes to meet regulatory and business data security requirements. AI adds context, understanding complex documents and data, so discoveries, reviews, and remediation are extremely accurate.
• Privacy and governance as one motion. Security, privacy, and access decisions share context and evidence, so compliance is the output of good governance, not a separate project.

The result is a platform that reduces breach risk and automates compliance while respecting the human behind the data. That’s the bar we hold ourselves to.

A note on SaaS

SaaS is a good option, when you choose it. You get less operational overhead and a clear line of responsibility. We offer it for those reasons. It’s not the only responsible option, and not every industry or regulation permits it. Most of our customers run Lightbeam on‑prem or in your tenant in GCP, Azure, AWS, or OCI; SaaS is there when it aligns with policy and preference. Your environment, your rules.

If you choose our SaaS, you get isolated tenancy, separate deployments per customer. Your data does not fund our roadmap, and your metadata does not train a vendor AI model.

How this plays in the real world

A bank with data‑residency rules. A healthcare system balancing HIPAA and state law. A manufacturer with strict intellectual property rules. None of them can accept a forced move to a vendor’s SaaS platform.

That’s who we build for: teams that need options most vendors have removed or never had to begin with. 

One of our customers, Veridian Credit Union, selected Lightbeam over Varonis and runs it on‑prem to meet PCI 4.0 and data‑residency requirements. Snap Finance reports that Lightbeam replaced about 90% of processes previously spread across four tools and helped cut 40% of spend across teams.

What you can hold us to

• No forced migrations. No ultimatums.
• No data or metadata collection.
• Support for on-prem, any major cloud, hybrid, or our isolated SaaS.
• Identity‑centric security.

If you’re getting ultimatums disguised as roadmaps, reach out. We’ll show you a different path that returns the choice to you.