Skip to content

Data for Breakfast Around the World

Drive impact across your organization with data and agentic intelligence.

register now
security hub
overview
compliance center
trust center

SNOWFLAKE SECURITY HUB

Proactive, enterprise-grade security capabilities for data and AI — built-in, not bolted on.

horizon diagram
BLOG

Security and Governance Best Practices for Deploying Snowflake Intelligence Using Horizon Catalog

Security

Built-in security features for data and AI

Protect data and AI access with proactive leaked password and malicious IP control. Deliver purpose-built security controls for AI with model-level RBAC and Cortex Guard to help reduce misuse and exposure as AI adoption scales.

Enterprise

Enterprise-grade defense in depth

Experience layered security capabilities for highly regulated environments with advanced controls like immutable backups, Tri Secret Secure (TSS) and fine-grained RBAC — without custom architecture or operational burden.

Collaborative Security

Extensible cross-cloud security platform

Centralize security posture management across your organization via Trust Center. Enable secure data sharing and consistent security and governance controls across Snowflake and external tables through Horizon Catalog.

Snowflake’sUnique Security Benefits

Native security posture management

Continuously monitor, detect and remediate security risks and misconfigurations using Snowflake’s Trust Center.

Built-in threat prevention

Leverage always-on services like malicious IP and leaked password protection to automatically identify and block threats across your AI Data Cloud.

Advanced data encryption and key control

Protect sensitive data with a multi-layered, easy-to-use Tri-Secret Secure model that combines Snowflake-managed and customer-managed keys.

Mature access control model

Simplify governance with a consistent, hierarchical RBAC framework that provides granular visibility and control over all data assets.

Compliance-grade immutable backups

Protect historical records from sophisticated ransomware attacks and accidental deletion or modification with Write Once, Read Many (WORM) backups.

Purpose-built AI security capabilities

Automatically filter harmful or unsafe LLM responses using built-in Cortex Guard to support secure and responsible generative AI.

Trust center screenshot

PARTNERS

TrustLogix logo
altr logo
Hunters
OneTrust Logo
Anvilogic logo
Snyk logo
panther logo
Wiz logo

SNOWFLAKE SECURITY COMPLIANCE

Certifications and compliance

Snowflake supports leading, globally recognized public sector and commercial security standards demonstrating a strong commitment to security, compliance and data protection, including:

  • ISO 27001
  • SOC 1 & 2 Type 2
  • FedRAMP Moderate and High
  • DoD IL4 and IL5
  • PCI-DSS
  • HITRUST
  • TISAX
  • ITAR

Please visit our self-service Compliance Center to view and download relevant compliance reports.

Security document icon

CISA secure by design pledge

Snowflake is committed to transparency and enhancing customer security through the seven Secure by Design (SbD) pledge areas defined by the Cybersecurity and Infrastructure Security Agency (CISA)

Database security icon

Infrastructure security and resilience

Built natively for the cloud, Snowflake uses cutting-edge cloud security technologies to provide a secure, resilient and highly configurable platform. This allows Snowflake customers to confidently rely on the service for their most critical and demanding data workloads.

FedRAMP logo
HITRUST logo
irap logo
ITAR logo
AICPA logo
PCI logo
A-LIGN logo
HIPAA logo

customers trust SnowflakeFor security and compliance

It’s all about speed to value for customers. Traditional data architectures struggle between being economical but slow, or expensive but fast. In the modern cybersecurity world, we need a highly scalable, performant platform to quickly and easily deliver innovative features and products to customers. That’s why we chose Snowflake.

Karan Sondhi

Snowflake enables us to build a unique security program because we’re able to leverage the whole world of data science tools  and expertise for our security investigations.

Max Burkhardt

With access to all of the data sources in Snowflake as our security data lake, we have better correlations across multiple attack surfaces and analytics are automatically actionable. And as a result, it has led to faster incidence response from our side.

Pallavi Damle

Vulnerability Reporting and disclosure

Snowflake is committed to the security of our customers and their data. We partner with HackerOne to run a private vulnerability disclosure program to work with security researchers to address vulnerabilities in a secure and coordinated manner. Researchers’ contributions help us identify and resolve potential issues before they can be exploited. If a researcher discovers a security vulnerability in any Snowflake products, services and systems, owned or hosted by or on behalf of Snowflake, we highly encourage it to be reported to us. Please refer to Snowflake’s Vulnerability Disclosure Policy (VDP) for additional details.  

Snowflake’s process for responsible vulnerability management and disclosure is a key component of our ongoing commitment to robust and transparent cybersecurity. In accordance with Snowflake’s CVE Policy, we publish CVEs for software and code that is developed and redistributed by us through open source channels. All in-scope issues trigger a security advisory, patch development and a review with details on the vulnerability and its fix. When applicable, Snowflake’s CVEs are published on cve.org, managed by MITRE, a trusted global resource for security professionals.

submit a bug report

If you are a customer and have a password or account issue, please contact Snowflake support.

Where Data Does More

  • 30-day free trial
  • No credit card required
  • Cancel anytime 
start for free
watch a demo