As cloud environments grow, many organizations adopt SaaS solutions such as databases, identity providers, and AI platforms to support their cloud needs. These solutions run and store critical data, however, they sit outside the cloud service provider’s (CSP) boundary. Ensuring the security of these Cloud SaaS platforms can be challenging as it often means teams pivot from their regular security workflows to siloed tools or even face a gap in their security coverage.
Today, we are excited to introduce the Snowflake Connector in public preview, expanding Wiz CNAPP coverage to our customers' Snowflake environments. The Snowflake Connector helps secure Snowflake using the same Wiz workflows customers use to secure the rest of their cloud, helping identify risks like sensitive data exposure, misconfigurations, excessive permissions, and real-time threat activity. If there is a critical Snowflake security issue, security teams can be confident that it’ll be identified and prioritized alongside the rest of their security issues across the cloud.
Comprehensive data security with Wiz for Snowflake
With Wiz for Snowflake, teams quickly identify and remediate risks like exposed sensitive data, overly permissive access, and suspicious activity within Snowflake databases and tables. The following capabilities are now extended to Snowflake environments:
Wiz DSPM automatically scans for sensitive data in Snowflake using hundreds of built-in classifiers, including PII, PHI, and PCI. After connecting to Snowflake, Wiz quickly discovers all databases, scans for sensitive data, and maps the findings on the Wiz Security Graph.
Wiz Cloud Detection and Response (CDR) monitors access logs for Snowflake accounts, databases, and tables in near real-time. Security teams can detect suspicious activity and analyze active threats with a detailed timeline of events, enabling them to prioritize, investigate, and respond quickly.
Wiz CIEM for Snowflake analyzes cloud entitlements and effective permissions to help teams understand their identity-related risk in Snowflake. This provides teams visibility into Snowflake roles, grants, users, and all identity-related configurations for who can access what data. Wiz CIEM enables you to quickly answer who can access what data and identify risks, such as excessive and admin privileges in Snowflake.
Wiz CSPM scans Snowflake environments against the CIS Snowflake benchmarks to detect any deviations from secure configurations. For example, it identifies misconfigurations such as users who haven't logged in for over 90 days and should be disabled, users with password-based authentication that lack multi-factor authentication (MFA), and more. By continuously scanning your Snowflake environment, Wiz CSPM helps ensure adherence to best practices and minimizes potential configuration risks.
Wiz takes it a step further than just identifying Snowflake risks and threats in siloes by correlating the different risks to find toxic combinations that lead to critical sensitive data in Snowflake. For example, the following is an Issue that Wiz detects Snowflake subscription with a user without MFA has access to sensitive data.
Here, Wiz correlates information detected about identities, misconfigurations, and data to identify an attack path that poses a critical risk to the environment. Seeing any of these risks in isolation would make it challenging to understand the criticality of this risk. However, the Wiz Security Graph allows organizations to quickly understand the full context around a security risk with easy-to-understand visualization. Teams can dig deeper into the toxic combination and see additional information, such as Cloud Configuration Findings detected on the Snowflake User, review the sensitive data found, and look at risky identity configurations. The combination of risks wrapped into a Wiz Issue makes it clear that this issue must be fixed immediately.
Operationalizing security for your Data Cloud
The Snowflake Connector helps give security, dev, and SOC teams visibility into the most critical issues in Snowflake. By bringing Snowflake into the same Wiz workflows these teams use to secure existing cloud data stores, organizations can operationalize security in the cloud and move faster by democratizing security across teams. The key benefits of extending Wiz to your Snowflake environment include:
Improve Snowflake security posture: Gain unified visibility into critical Snowflake security risks by correlating across your environment’s data, identity, access, and configuration issues.
Prioritize with cloud context: Fix the Snowflake risks that pose the highest threat to your environment by correlating risks from your cloud environment and SaaS platforms, all contextualized on the Wiz Security Graph.
Democratize security: Empower teams to respond to security issues across the cloud using the same context and workflows by leveraging a consistent security platform across CSPs and Cloud SaaS platforms like Snowflake.
"We're excited to announce our partnership with Wiz, delivering cutting-edge security capabilities to our customers using the Snowflake Data Cloud. As Wiz becomes the first CNAPP to extend its risk scanning and threat detection capabilities to Snowflake, organizations can now enhance their security posture with ease. Together, Snowflake and Wiz are shaping the future of cloud data security, ensuring data remains safeguarded."
Jake Berkowsky, Field CTO, Cybersecurity, Snowflake
Mutual customers can start leveraging Wiz for Snowflake now in Public Preview to improve their security posture in Snowflake. To learn more about how you can begin securing your Snowflake data with Wiz, visit our docs today (login required). Additionally, we are excited to invite you to an insightful webinar where we will dive deeper into Wiz’s support for Snowflake, register now, and embark on a journey towards strengthened security posture and threat mitigation in Snowflake.