Exabeam, the security analytics and automation company, announced a partnership with Snowflake, the Data Cloud company, to augment Snowflake data lakes with Exabeam security analytics and automation. The partnership enables organizations to identify risks and respond swiftly to incidents across their entire business ecosystem.
The COVID-19 pandemic has accelerated digital transformation, expediting the move to the cloud and increasing demand for improved productivity and efficacy through automation. Organizations can now quickly move data and security to the cloud by migrating to Snowflake Data Cloud and Exabeam SaaS Cloud.
Security teams can quickly detect, investigate and respond to complex threats with the help of analytics and automation skillsBy adding the analytics and automation capabilities of Exabeam to the data stored within Snowflake, security teams can quickly and efficiently detect, investigate and respond to complex threats.
The combination of both solutions advances an organization’s security posture by automating the entire workflow from data collection through response, enabling fast and consistent outcomes.
Cloud-based security analytics
“With demand for cloud technology surging amid the shift to remote working, we proudly welcome Snowflake to our partner network,” said Adam Geller, Chief Product Officer, Exabeam.
“Using the combination of the Exabeam Cloud Connector for Snowflake with Exabeam Advanced Analytics, joint customers can easily apply intelligence and automation capabilities to their data stored within Snowflake's platform. This addresses the increasing market need for cloud-based security analytics on third-party logs sent to Snowflake.”
“Security data continues to grow in size and complexity, and a fragmented architecture keeps many organizations struggling to mobilize it for protecting the enterprise,” said Omer Singer, Head of Cybersecurity Strategy at Snowflake.
“Snowflake’s unique architecture eliminates data silos, providing organizations a single scalable and cost-effective platform for all their data, while Exabeam’s security analytics adds intelligence and automation to strengthen an organization’s ability to identify and respond to cyberthreats across subsidiaries, geographies, and public cloud providers.”
In 2020, several large-scale corporate data breaches centered around compromised credentials of cloud-based data stores. In one example, more than 5 million guests of Marriott hotels were impacted when cybercriminals stole the login credentials of Marriott employees, likely through phishing or credential stuffing.
The information was then used to siphon personal customer details such as birth dates, contact information, as well as hotel and airline loyalty program accounts.
Exabeam provides real-time mapping of logs stored within Snowflake and attributes all activity and behavior to users and devices Combining Exabeam’s security analytics with Snowflake’s data platform can provide protection against credential-based attacks, including insider threats. The technical integration between the Exabeam SaaS Cloud and Snowflake Data Cloud is done through the new Exabeam Cloud Connector for Snowflake, which allows for easy ingestion of data stored in Snowflake. Exabeam provides continuous, real-time mapping of logs stored within Snowflake and attributes all activity and behavior to users and devices.
This attribution, with additional data and context, provides visibility into abnormal or risky activity to detect malicious insiders or attacks involving compromised credentials. As a new addition to the 40-plus existing Exabeam Cloud Connectors, the Cloud Connector for Snowflake also allows for monitoring of Snowflake audit logs in Exabeam Advanced Analytics to detect anomalous account behaviors within the application itself.
Assisting security operations
“The proliferation of data is central to all businesses, and so is the need to guard against malicious attacks – especially now, as enterprises rely so heavily on data clouds like Snowflake,” added Chris Stewart, Senior Director, Business Development for Exabeam.
“This partnership advances our mission to assist security operations teams in quickly detecting, investigating, and responding to incidents throughout the enterprise.”