Security monitoring for Snowflake with out-of-the-box detections and rules to help security teams monitor activity and validate security configurations.
“Snowflake’s team of security experts partnered with Panther to develop this valuable security solution. By providing out-of-the box rules based on Snowflake security best practices, Panther enables Snowflake customers to detect and mitigate compromised users, insider threats and other risks to their Data Cloud environment.”
Built-in queries run regularly to detect potentially dangerous changes to the configuration of your Snowflake instance such as disabling MFA or changes to network policies.
Panther monitors for unauthorized users attempting to access your Snowflake instance as well as authorized users attempting to escalate their level of privilege within Snowflake. Additionally Panther will alert you if a user’s account is configured without MFA or SSO.
Monitor services that support your Snowflake Data Cloud such as AWS, S3, Okta, and OneLogin and correlate events in Snowflake with events in those supporting services from one pane of glass.
Panther is able to run on your pre-existing Snowflake instance which enables you to create reports and visualizations with the tools your team is already using, and correlate those findings to other data sources inside the Data Cloud.
Proactively search for IOCs in Snowflake or any of its supporting services using Panther’s Indicator Search, an intuitive interface to search all of your log sources quickly for IP addresses, file hashes, domain names, and more.
Automate level-one alert triage so your team can focus on high-value tasks like investigations and detection engineering.
Map detections to frameworks like MITRE ATT&CK and CIS to bootstrap and accelerate your compliance.
Run fast searches with unlimited computing power so you can accelerate threat detection and incident investigations.
“With Panther, we’re able to enforce secure configurations across our Cloud Managed services with daily cloud scans and real-time alerts for misconfigurations, incompliant resources, and suspicious activity.”
With Panther for Snowflake, Snowflake event logs are aggregated, normalized and analyzed along with security events from other systems so security teams have greater visibility into potential threats across their entire IT infrastructure from cloud to on-premises.
Seamless out-of-the-box security monitoring solution with built-in rules to monitor Snowflake instances.
Security best practices for Snowflake are codified into Panther allowing continuous, real-time monitoring.
Raw logs are transformed into a structured data lake, immediately available for running even the largest queries in minutes.
Avoid time-consuming system administration with a serverless, cloud-native architecture.