In a move that has been described as Snowflake’s entry into cybersecurity, the data cloud company has formed a partnership with Securonix, a firm that makes cloud-native security information and event management systems.
The deal is a nonexclusive partnership at this point with no indication that Snowflake has plans to compete against other security companies.
Omer Singer, the company’s head of cybersecurity strategy, confirmed this and added that the alliance is part of Snowflake’s plans to partner with organizations that are moving their SIEM processing to the cloud.
An ambitious move
Singer said that Snowflake is going to be seen as a major player in cloud security, after partnering with Securonix.
SIEM describes an approach in cybersecurity analysis that combines event management and information into one system that analyzes data and identifies deviations from the norm. For instance, SIEM can detect repeated login attempts from one IP address or unusually large data downloads.
The insights from SIEM come from processing large amounts of data, which is growing as companies collect information from multiple sources for analysis, which is increasingly going to scalable cloud storage solutions.
The instrumentation on cloud infrastructure is so heavy that it generates as much as ten times the data that on-premises data centres do. However, it would be impractical to transfer this data to a data centre, which is why it needs to stay in a secure cloud.
Securonix’s ‘bring your own Snowflake’ program will give customers the ability to gain enhanced data in real-time, which they can also query at scale in Snowflake, using Securonix’s user interface, which in turn uses packaged behaviour analytics to identify potential security incidents without transferring or duplicating data.