Exabeam, the security analytics and automation company, announced a partnership with Snowflake, the Data Cloud company, to augment Snowflake data lakes with Exabeam security analytics and automation. The partnership enables organisations to identify risks and respond swiftly to incidents across their entire business ecosystem.
The COVID-19 pandemic has accelerated digital transformation, expediting the move to the cloud and increasing demand for improved productivity and efficacy through automation. Organisations can now quickly move data and security to the cloud by migrating to Snowflake Data Cloud and Exabeam SaaS Cloud.
Automating workflow
Security teams can quickly detect, investigate and respond to complex threats with the help of analytics and automation skills By adding the analytics and automation capabilities of Exabeam to the data stored within Snowflake, security teams can quickly and efficiently detect, investigate and respond to complex threats.
The combination of both solutions advances an organisation’s security posture by automating the entire workflow from data collection through response, enabling fast and consistent outcomes.
Cloud-based security analytics
“With demand for cloud technology surging amid the shift to remote working, we proudly welcome Snowflake to our partner network,” said Adam Geller, Chief Product Officer, Exabeam.
“Using the combination of the Exabeam Cloud Connector for Snowflake with Exabeam Advanced Analytics, joint customers can easily apply intelligence and automation capabilities to their data stored within Snowflake's platform. This addresses the increasing market need for cloud-based security analytics on third-party logs sent to Snowflake.”
Identifying cyberthreats
“Security data continues to grow in size and complexity, and a fragmented architecture keeps many organisations struggling to mobilise it for protecting the enterprise,” said Omer Singer, Head of Cybersecurity Strategy at Snowflake.
“Snowflake’s unique architecture eliminates data silos, providing organisations a single scalable and cost-effective platform for all their data, while Exabeam’s security analytics adds intelligence and automation to strengthen an organisation’s ability to identify and respond to cyberthreats across subsidiaries, geographies and public cloud providers.”
Case study
In 2020, several large-scale corporate data breaches centered around compromised credentials of cloud-based data stores. In one example, more than 5 million guests of Marriott hotels were impacted when cybercriminals stole the login credentials of Marriott employees, likely through phishing or credential stuffing.
The information was then used to siphon personal customer details such as birth dates, contact information, as well as hotel and airline loyalty program accounts.
Technical integration
Exabeam provides real-time mapping of logs stored within Snowflake and attributes all activity and behaviour to users and devices Combining Exabeam’s security analytics with Snowflake’s data platform can provide protection against credential-based attacks, including insider threats. The technical integration between the Exabeam SaaS Cloud and Snowflake Data Cloud is done through the new Exabeam Cloud Connector for Snowflake, which allows for easy ingestion of data stored in Snowflake. Exabeam provides continuous, real-time mapping of logs stored within Snowflake and attributes all activity and behaviour to users and devices.
This attribution, with additional data and context, provides visibility into abnormal or risky activity to detect malicious insiders or attacks involving compromised credentials. As a new addition to the 40-plus existing Exabeam Cloud Connectors, the Cloud Connector for Snowflake also allows for monitoring of Snowflake audit logs in Exabeam Advanced Analytics to detect anomalous account behaviours within the application itself.
Assisting security operations
“The proliferation of data is central to all businesses, and so is the need to guard against malicious attacks – especially now, as enterprises rely so heavily on data clouds like Snowflake,” added Chris Stewart, Senior Director, Business Development for Exabeam.
“This partnership advances our mission to assist security operations teams in quickly detecting, investigating and responding to incidents throughout the enterprise.”