Exabeam partners with Snowflake

Collaboration enables organisations to identify risk across the entire business ecosystem and automate investigations and incident response.

  • Friday, 29th January 2021 Posted 3 years ago in by Phil Alsop

Exabeam, the security analytics and automation company, is partnering with Snowflake, the Data Cloud company, to augment Snowflake data lakes with Exabeam security analytics and automation. The partnership enables organisations to identify risks and respond swiftly to incidents across their entire business ecosystem.


The COVID-19 pandemic has accelerated digital transformation, expediting the move to the cloud and increasing demand for improved productivity and efficacy through automation. Organisations can now quickly move data and security to the cloud by migrating to Snowflake Data Cloud and Exabeam SaaS Cloud. 

 

By adding the analytics and automation capabilities of Exabeam to the data stored within Snowflake, security teams can quickly and efficiently detect, investigate and respond to complex threats. The combination of both solutions advances an organisation’s security posture by automating the entire workflow from data collection through response, enabling fast and consistent outcomes.

 

“With demand for cloud technology surging amid the shift to remote working, we proudly welcome Snowflake to our partner network,” said Adam Geller, Chief Product Officer, Exabeam. “Using the combination of the Exabeam Cloud Connector for Snowflake with Exabeam Advanced Analytics, joint customers can easily apply intelligence and automation capabilities to their data stored within Snowflake's platform. This addresses the increasing market need for cloud-based security analytics on third-party logs sent to Snowflake.” 

 

“Security data continues to grow in size and complexity, and a fragmented architecture keeps many organisations struggling to mobilise it for protecting the enterprise,” said Omer Singer, Head of Cybersecurity Strategy at Snowflake. “Snowflake’s unique architecture eliminates data silos, providing organisations a single scalable and cost-effective platform for all their data, while Exabeam’s security analytics adds intelligence and automation to strengthen an organisation’s ability to identify and respond to cyberthreats across subsidiaries, geographies and public cloud providers.”

 

In 2020, several large-scale corporate data breaches centered around compromised credentials of cloud-based data stores. In one example, more than 5 million guests of Marriott hotels were impacted when cybercriminals stole login credentials of Marriott employees, likely through phishing or credential stuffing. The information was then used to siphon personal customer details such as birth dates, contact information, as well as hotel and airline loyalty program accounts. 

 

Combining Exabeam’s security analytics with Snowflake’s data platform can provide protection against credential-based attacks, including insider threats. The technical integration between the Exabeam SaaS Cloud and Snowflake Data Cloud is done through the new Exabeam Cloud Connector for Snowflake, which allows for easy ingestion of data stored in Snowflake. Exabeam provides continuous, real-time mapping of logs stored within Snowflake and attributes all activity and behaviour to users and devices. This attribution, with additional data and context, provides visibility into abnormal or risky activity to detect malicious insiders or attacks involving compromised credentials. As a new addition to the 40-plus existing Exabeam Cloud Connectors, the Cloud Connector for Snowflake also allows for monitoring of Snowflake audit logs in Exabeam Advanced Analytics to detect anomalous account behaviours within the application itself. 

 

“The proliferation of data is central to all businesses, and so is the need to guard against malicious attacks – especially now, as enterprises rely so heavily on data clouds like Snowflake,” added Chris Stewart, Senior Director, Business Development for Exabeam. “This partnership advances our mission to assist security operations teams in quickly detecting, investigating and responding to incidents throughout the enterprise.”