Security teams are using the Snowflake Data Cloud to store many types of security data in a single, scalable platform where they can apply advanced analytics to improve security posture and increase automation. This security data lake model scales to accommodate the enormous scale and complexity of security data being generated in the cloud performantly and cost effectively.

Customers have already found success running SIEM workloads using connected applications from Snowflake partners including Hunters, Panther, and Securonix. Today, we are extending our ecosystem beyond SIEM with new capabilities to directly protect employee accounts, with an investment in Material Security which will become closely integrated with the Data Cloud.

Material Security is a cloud-based solution that provides risk analysis, defense-in-depth protection, and security infrastructure for Office 365 and Google Workspace. The solution takes a data-driven approach to defend against phishing, lateral account takeovers and other threats, and provides security teams with powerful automation and reporting capabilities.

We believe strongly that security teams are more effective when they centralize data in their Snowflake environment, creating a single source of truth which can be leveraged across a wide variety of security functions. That’s why we are committed to making these continued investments to bring additional security capabilities to our platform. Customers are actively involved in this strategy, asking for ecosystem support across additional use cases without the traditional data silos. 

Our investment in Material Security means our joint customers can now seamlessly bring even more of their security data together in the Data Cloud, where they benefit from Snowflake’s scalability, governance and ease of use. Security teams will be able to use Material Security across three major cloud providers while owning their data in a unified data platform together with other security, contextual and business datasets.

An early joint customer is Coinbase, which is using Snowflake and Material Security to centralize their email security data into their existing security data lake. As Matt Muller, Director of Security Operations at Coinbase says: “A security team is only as good as the data that fuels it. Integrating Material Security directly on top of an existing Snowflake security data lake enables faster incident response, reduces investigation times, and creates new correlations for threat detection.” 

Office 365 and Google Workspace accounts contain some of the most sensitive information that any business owns, and attacks on them, especially via email, continue to grow in sophistication. The combination of Snowflake and Material Security provides a strong defense against these attacks and continues our aim to bring more and more security capabilities to the Data Cloud.

The investment is part of a wider trend in which SaaS companies are increasingly storing and processing customer data on their customers’ data platforms rather than on their own. This connected application model extends beyond cybersecurity to many functional areas and is a growing motivation for our investments as Snowflake aims to deliver a more seamless way for customers to build, distribute, and use applications natively in the Data Cloud.