Let’s travel together.

Snowflake offers cyber data platform with security app integrations

Credit: Dreamstime

In conjunction with third-party security vendors, Snowflake has launched what it calls a “cyber security workload” to enhance the capabilities of its data cloud for organisations looking to more efficiently detect and respond to cyber threats.

The Snowflake Cybersecurity workload is designed to let enterprises use the company’s namesake data cloud to unify security data from diverse security applications, combining it with contextual data from HR systems or IT asset inventories, according to the company.

The idea, according to Snowflake, is that cyber security personnel can then run fast queries against the unified data sets, which can be used to enhance threat detection and investigation, generating higher fidelity alerts.

Snowflake’s new security workload capabilities are aimed at helping security teams break down data silos to enable consistent visibility, eliminate manual processes and improve analytics, according to Omer Singer, head of cyber security strategy at Snowflake.

Cyber security workload processes data with SQL, Python

Snowflake’s pitch to cyber security professionals is that traditional security architectures with legacy SIEM (security information and event management) products are buckling under the strain of handling the volume and variety of data necessary to combat modern cyber threats. Traditional SIEMs have high ingest costs, limited retention windows and proprietary query languages, all complicating security team’s efforts at visibility and protection.

Snowflake’s cyber security workload offers cloud-native capabilities to handle structured, semistructured, and unstructured logs, enabling users to efficiently store years of high-volume data. The platform also boasts a scalable, on-demand compute resource that will allow for searching and gaining insights using languages likeSQL and Python. This capability is currently in private preview.

Comments are closed.