At Snowflake Ventures we continue to believe there is a window of opportunity for a new breed of SaaS application. With Snowflake as the data infrastructure, an economy of partners are building best-of-breed applications that will transform industries and departments across the enterprise.
Cybersecurity is one such area where we see significant benefits and promise for transformation. Customers adopting the new generation of security analytics software use Snowflake’s Data Cloud as the security data lake in a cloud-native security analytics stack. In response to our customers’ evolving requirements and challenges as they move into the cloud, we will continue to lean more and more into the world of cybersecurity through our data platform capabilities, partnerships and investments.
Historically, security teams have collected security log data in dedicated SIEM (Security Information and Event Management) solutions. Built for data centers where scalability and elasticity were limited, most of these solutions were later lifted and shifted into the public cloud rather than being architected from scratch to take advantage of the unique properties of the cloud. This has left organizations’ security teams at a decided disadvantage when trying to deploy traditional SIEMs at the scale, complexity and velocity required in the cloud.
Threat detection and response cannot succeed when security engineers are forced to leave important security data sources in a silo outside their SIEM. Many CISOs as Snowflake customers have told us that they cannot centralize high volume datasets such as flow logs, EDR (Endpoint Detection & Response) forensics and SaaS telemetry in their legacy stack. They end up with visibility gaps and are also unable to connect the siloed security information with contextual data from other parts of the business.
Today, we’re excited to announce that Snowflake Ventures is among the Series B investors in Panther, a leading cloud-scale security analytics platform provider. In its latest funding round, Panther has raised $120 million, elevating the company to a unicorn valuation of $1.4 billion.
Snowflake announced a go-to-market partnership with Panther in 2020 and our joint customers include Dropbox, Figma and Guild Education. Snowflake itself is a Panther customer having previously developed security tooling in-house in the absence of good alternatives to the limitations of traditional SIEM solutions.
Built end-to-end to take advantage of the elasticity of the cloud and detection-as-code, Panther uses Snowflake as a key component of their data infrastructure to enable security teams to cost-effectively collect, analyze and alert across petabytes of security data in real-time. When an organization needs to investigate a security breach, the security team can massively scale up compute resources for the duration of the breach investigation and, once complete, quickly scale back down again. This translates to substantial savings along with high levels of performance when it matters most.
Panther customers can deploy Panther as a connected application to their existing Snowflake infrastructure. In this scenario, Panther customers extend their own Snowflake account to become their security data lake. This gives them control and ownership over their data and aligns them with the enterprise-wide data strategy. Establishing a single source of truth in an analytics platform unlocks the potential of detection- and security-policy-as-code .
We’ve heard from some of the world’s most sophisticated cloud-centric security teams that the combination of Panther and Snowflake has given them the threat detection flexibility that they were looking for, in a consolidated architecture with minimal overhead. Enabling every team to become data driven is core to Snowflake’s mission so we naturally wanted to accelerate our already substantial collaboration.
For more information on our investment framework, visit the Snowflake Ventures website here. Please contact your Snowflake team to learn more about how to use Panther with the Data Cloud.