Security is fundamentally a data problem. At Hunters, we collect vast amounts of data from a wide array of security integrations. Our mission is to allow companies to use a comprehensive security data lake to unlock insights from security data and alerts, creating a context-rich experience for SOC analysts and security engineers. This approach helps them get their job done faster by reducing noise and providing the necessary context to make decisions more efficiently. Snowflake’s robust, scalable data platform is a critical part of this process and is why they’re an important Hunters partner.
To share the Hunters and Snowflake story with security and data professionals (especially those looking for a modern SIEM that uses a security data lake), we’re sponsoring the upcoming Snowflake Summit, which I’ll also be attending. I’m incredibly excited to go to this event for several reasons.
Discussing the progress around Snowpipe Streaming
First, I’m thrilled to discuss the progress around Snowpipe Streaming, which will be the focus of my talk on June 5. Snowpipe Streaming offers high throughput, low latency ingestion, significantly reducing the time between data ingestion and making that data available in the security data lake. Lower latency is vital in security, ensuring that customers have the visibility to their security data as quickly as possible.
Moreover, from a cost perspective, Snowpipe Streaming is incredibly efficient. We’ve observed significant cost reductions (if you’d like to know by how much, come to my talk 🙂), which is a game-changer for managing large volumes of security data.
Seeing Snowflake’s AI advancements
Another reason is Snowflake’s AI advancements with Arctic and the new offerings via Cortex. These innovations bring AI capabilities directly to the data lake, eliminating much of the heavy lifting required to set up and maintain LLM pipelines. In security, creating the right context is often the most challenging part of the process. With LLMs integrated into our data platform, generating insights from data becomes significantly easier. This is particularly important as we move into the era of OCSF (Open Cybersecurity Schema Framework), a universal schema for our data models. This framework will help our LLM models and RAG (retrieval-augmented generation) architectures extract more meaning from the data we store. Additionally, we can leverage LLMs to help push mappings from vendor-owned schemas to the OCSF schema, easing the transition process and offering intelligent suggestions, ultimately enhancing the efficiency and effectiveness of security operations. LLM architectures for cybersecurity become easier when your models sit right beside your data, just a function call away.
Progress with Snowflake’s Iceberg support and its role in driving SIEMs built on data lakes
Finally, the progress in Iceberg support within Snowflake excites me. I believe a significant part of the future of cybersecurity lies in the combination of OCSF and Iceberg—an open cybersecurity schema with an open table format to power the security data lake. This combination will allow both security practitioners and vendors to maximize the value of their security data lake by having an efficient, low-cost security data lake with universal schema support to drive the best performance possible.
The zero-copy security data lake approach, where data is written once and utilized by multiple vendors and applications, represents the future of cybersecurity. It provides a robust foundation for the next generation of SIEMs built on top of security data lakes, enabling more effective and efficient security analytics. If you’d like to learn how companies are using a SIEM with a security data lake on the backend and attending the summit, check out this panel featuring PennyMac’s CISO, this session with Xactly’s CISO, this session with Yext and this session with Kudelski Security,
I am really looking forward to meeting and chatting with security and data practitioners about their challenges and brainstorming possible solutions. Stop by my talk or come visit Hunters at booth 2205.