With our Snowflake integration, Enterprise customers can store normalized security data in Snowflake for long-term retention. Previously, querying this security data could only be performed from within your Snowflake dashboard. Now, with our latest release, you can run queries directly from Panther’s Data Explorer against data in your Snowflake.
Panther is the bridge between unstructured security logs and a sustainable security data lake powered by Snowflake. And with our Python rules engine, built-in detections, and support for popular alert destinations like Slack and PagerDuty, Panther offers cloud-first organizations a scalable and cost-effective alternative to legacy SIEMs.
In the screenshot below, you’ll notice the tag “Powered by Snowflake”. This indicates that queries in Panther read data from your Snowflake.
Storing security data in Snowflake offers cloud-first organizations many benefits, including affordable long-term storage, a rich ecosystem of integrations, and a massively scalable infrastructure to power investigations. This latest enhancement offers security practitioners a more seamless experience optimized for baselining behaviors, contextualizing alerts, and hunting for threats against years of normalized data.
With our Snowflake integration, you can:
Send terabytes of normalized log data to your Snowflake data platform for affordable long-term retention, with real-time threat detection and robust security investigations in Panther.