The traditional security monitoring architecture has been troubling security teams with data silos, performance issues, and delays in retrieving archived data for years. Many analysts who continue to operate with the antiquated SIEM architecture stack also experience a high volume of alerts—with many false positives. Luckily, the internal security team at Snowflake has found a way to solve these problems and more by utilizing the Snowflake Data Cloud as Snowflake’s security data lake.

Join this session to learn:

  • How the detection lifecycle model helps speed up detection development while improving quality
  • How to prioritize your identity and assets and dynamically adjust alert severity based on the prioritization
  • How to group alerts based on risk levels
  • Daniel Wyleczuk-Stern

    Senior Security Engineer Snowflake

  • Haider Dost

    Manager, Threat Intelligence and Detection at Snowflake