BACKGROUND

Snowflake’s mission is to mobilize the world’s data. For that, they deliver the Data Cloud, a global network where thousands of organizations mobilize data with near-unlimited scale, concurrency, and performance. Snowflake is a publicly traded company, with customers spanning across all industry verticals and sizes all around the globe.

Snowflake, like most organizations, uses multiple solutions from various vendors like Azure, Google Cloud, and several SaaS applications, as well as security products for endpoint, cloud, network, etc. While this allows them to select best-of-breed security products, making sense out of the data used to be a challenging process due to the lack of thorough analytics and cross-surface correlation that traditional monitoring and reporting tools provide, and there is only that much that an overflooded 10 people SOC team can look at on a daily basis. As a result, detection and response was a slow, siloed and complex process, leading to breaches left undetected and attacks manifesting themselves in production.



SNOWFLAKE'S GOALS

  • Speeding up time to detect threats.
  • Reducing triage time so it would take minutes instead of hours or days.
  • Upscaling analysts’ daily tasks from their 10 person team so they could focus only on real attacks.

 

KEY CHALLENGES

  • Lack of business agility due to the long detection and triage time resulting from siloed detection and monitoring tools
  • Analysts suffering from false-positive burnout due to the level of noise in the SOC without context or explanation
  • Wasting human resources on manual investigations that could be automated
  • Difficulty to hire and retain security people with vast experience and knowledge


"I recommend Hunters to every CISO because they’re probably experiencing the same things as I am: they’re probably using the same tools as we are, and I recognize the challenges behind that. I know that Hunters can unify all the data generated from those tools and make sense out of it to help us in our fight with the intruders."

Mario Duarte
VP Security

01

Increased business agility

Faster and more effective detection of threats across existing systems

02

Improved security analytics

Hunters' correlation engine improves Snowflake's ability to connect the dots across surfaces before breaches manifest themselves in production

03

Better visibility

Gained a 360 degrees view and analysis of the entire environment: endpoint, SaaS applications, GCP, Azure, etc.

04

Additional managed services

Having a trusted partner who has the knowledge to find and analyze all of the security issues that exist in the environment

05

Reduced noise

Allowed SOC to focus only on high-fidelity Attack Stories which are real and actionable.

06

Smooth deployment

Easily onboarded the solution into existing workflows without the need to add or drop anything.