Snowflake’s new Cybersecurity workload provides a unified, secure, and scalable data platform for helping security teams eliminate blind spots and respond to threats at cloud-scale
Customers like CSAA Insurance Group, DoorDash, Dropbox, Figma, and TripActions are leveraging Snowflake’s Cybersecurity workload to unify data, gain near-unlimited visibility, and combat threats faster with powerful analytics
Cybersecurity partners like Hunters, Panther Labs, and Securonix provide security capabilities on top of customers’ Snowflake accounts with connected applications
June 7, 2022 – Snowflake (NYSE: SNOW), the Data Cloud company, today announced the launch of a new Cybersecurity workload that enables cybersecurity teams to better protect their enterprises with the Data Cloud. Using Snowflake’s platform and an extensive ecosystem of partners delivering security capabilities with connected applications, cybersecurity teams can quickly gain visibility and automation at cloud-scale.
Organisations today are faced with a continuously evolving threat landscape, with 55% of security pros reporting that their organisation experienced an incident or breach involving supply chains or third-party providers in the past 12 months, according to Forrester*. Current security architectures built around legacy security and information management systems (SIEMs) are not designed to handle the volume and variety of data necessary to stay ahead of cyberthreats. With legacy SIEMs imposing restrictive ingest costs, limited retention windows, and proprietary query languages, security teams struggle to gain the visibility they need to protect their organisations.
With Snowflake’s Cybersecurity workload, customers gain access to the power and elasticity of Snowflake’s platform to natively handle structured, semi-structured, and unstructured logs. Customers are able to efficiently store years of high-volume data, search with scalable on-demand compute resources, and gain insights using universal languages like SQL and Python, currently in private preview. With Snowflake, organisations can also unify their security data with enterprise data in a single source of truth, enabling contextual data from HR systems or IT asset inventories to inform detections and investigations for higher fidelity alerts, and running fast queries on massive amounts of data. Teams gain unified visibility across their security posture, eliminating data silos without prohibitive data ingest or retention costs. Beyond threat detection and response, the Cybersecurity workload supports a broad range of use cases including security compliance, cloud security, identity and access, vulnerability management, and more.
TripActions, the leading all-in-one travel, corporate card, and expense management solution, is investing in its long-term cybersecurity data strategy with the Data Cloud.
“With Snowflake as our security data lake, we are able to simplify our security program architecture and remove data management overhead,” said Prabhath Karanth, Sr. Director of Security, Compliance & Trust, TripActions. “Snowflake has been vital in helping us gain a complete picture of our security posture, eliminating blind spots and reducing noise so we can continue to provide user trust where it matters most. Deploying a modern technology stack from Snowflake is a pivotal piece of our cybersecurity strategy.”
Snowflake’s Rich Ecosystem of Partners Enables Best-of-Breed Security
Snowflake is heavily investing in its extensive ecosystem of partners to transform the security industry and enable customers to choose best-of-breed applications that fit their needs. Snowflake integrates with partners including Hunters, Panther Labs, and Securonix to deliver industry-leading cybersecurity capabilities to customers with the Data Cloud using connected applications.
Snowflake’s modern security architecture allows customers to gain control of their data, leverage pre-built content and security capabilities on top of their existing Snowflake environments, and utilise a single copy of data across cybersecurity use cases. With Snowflake’s Data Cloud, tightly integrated connected applications, and data from providers on Snowflake Data Marketplace, Snowflake is pioneering a new standard architecture for security teams looking to achieve their security goals.
Snowflake Ventures, which focuses on investing in companies that help accelerate and augment the growth and adoption of the Snowflake Data Cloud, has already invested in Hunters.ai, Lacework, Panther, and Securonix. These investments have helped drive product alignment to further eliminate security data silos and enable data-driven strategies for joint customers.
“Snowflake is leading the security data lake movement, helping defenders bring their data and analytics together in a unified, secure, and scalable data platform,” said Omer Singer, Head of Cybersecurity Strategy, Snowflake. “With Snowflake’s Cybersecurity workload, we further empower security teams in the Data Cloud so that they can collaborate with diverse stakeholders and succeed in their vital mission to protect the enterprise.”
A variety of Snowflake customers and partners will be presenting at Snowflake Summit 2022, live in Las Vegas, Nevada from June 13-16, 2022, to share how they use Snowflake for Cybersecurity. Check out the Cybersecurity track agenda, and register for the conference here.
Additional Support Quotes:
“Snowflake’s Cybersecurity workload is a natural fit for Securonix’s open approach to security analytics, enabling joint customers to respond to cyberthreats faster, at cloud-scale,” said Sachin Nayyar, CEO, Securonix. “Supporting Snowflake as a connected application and partner allows us to give customers the control and cost-efficiency they want, coupled with the advanced threat detection and response capabilities they need.”
“With access to all of the data sources in Snowflake as our security data lake, we have better correlations across multiple attack surfaces and analytics are automatically actionable,” said Pallavi Damle, Vice President of Enterprise Cybersecurity, Netgear. “And as a result, it has led to faster incident response from our side.”