Snowflake Inc. today introduced a new cybersecurity workload to help organizations more effectively protect their technology environments from cyberattacks.

Snowflake provides a popular cloud data platform, the Snowflake Data Cloud, that enables customers to store and process large amounts of information. The platform supports a variety of workloads ranging from marketing analytics to data science. With the cybersecurity workload that was announced today, Snowflake is expanding its focus on those use cases.

“Snowflake is leading the security data lake movement, helping defenders bring their data and analytics together in a unified, secure, and scalable data platform,” said Omer Singer, head of cybersecurity strategy at Snowflake. “With Snowflake’s Cybersecurity workload, we further empower security teams in the Data Cloud so that they can collaborate with diverse stakeholders and succeed in their vital mission to protect the enterprise.”

Companies that use the workload can leverage Snowflake’s platform to store and process cybersecurity data from their internal systems. Snowflake’s platform is delivered as a managed service, meaning that there’s no need to manage the infrastructure on which it runs or perform related maintenance tasks. According to the company, its platform’s ability to automate infrastructure maintenance makes it easier for organizations to process their cybersecurity data.

Some breach detection platforms only store cybersecurity data for a few weeks or months before deleting it to free up storage space. As a result, important information about a breach can potentially be deleted before administrators have an opportunity to use it. Snowflake says its platform enables companies to retain cybersecurity data for years, which simplifies cyberattack investigations.

Snowflake provides query features that enable administrators to analyze cybersecurity data for clues about a breach. Administrators can run analyses using SQL and the popular Python programming language, support for which is currently in preview. According to Snowflake, SQL and Python can provide a better user experience than the proprietary query languages used by some cybersecurity platforms.

An important component of Snowflake’s value proposition is the integrations that it provides for partner-developed breach detection tools. Companies can use partner-developed tools to analyze the cybersecurity data they keep in Snowflake’s platform for breach indicators.

Before it can be processed, cybersecurity data usually has to be moved from the platform where it’s stored to the breach detection tool that a company uses to spot hacking attempts. Moving a large amount of information between different systems can be complicated and time-consuming. Several threat detection software providers, including Panther Labs Inc. and Securonix Inc., enable their customers to run analyses on cybersecurity data stored in Snowflake’s platform without having to move the data first. 

Image: Snowflake