Varonis Expands Coverage to Help Secure Critical Snowflake Data

Varonis now offers Snowflake users enhanced visibility and data security for critical data warehouses and databases.
Nathan Coppinger
3 min read
Last updated June 19, 2024

Varonis protects data wherever it lives, and now that extends to data warehouses and databases in Snowflake.

Thousands of enterprises use Snowflake to simplify their data foundation, power their AI strategy, and develop applications.

With Snowflake, end users can easily store, manage, share, and even export data, much of which is sensitive information. Without security oversight, users could potentially expose massive amounts of critical data to cyber threats.

Varonis now provides enhanced visibility and security for your critical Snowflake data and the underlying cloud infrastructure. Our new integration gives you the ability to:

  • Gain a centralized overview of your Snowflake security posture and where data is exposed through excessive access or critical misconfigurations.
  • Discover and classify sensitive data stored in your Snowflake data warehouse.
  • Identify where data has been published on the Snowflake marketplace or exported to public stages in AWS, Azure, or Google Cloud.
  • Detect and fix configuration drift to help maintain compliance and improve your Snowflake security posture.
  • Monitor activity to detect and investigate threats across Snowflake and your cloud environment.

Improve your Snowflake security posture.

Our customizable DSPM dashboards provide a centralized overview of your data security posture across Snowflake and broader cloud environments.

Easily identify where your sensitive data may be at risk and if there are any gaps in your security posture through excessive access, public exposure, and misconfigurations — all from a single pane of glass view.

Begin remediating risks and improving your data security posture across your cloud resources from these dashboards.

DSPM Dashboard - Snowflake

Monitor and visualize your Snowflake security posture alongside your SaaS and IaaS data with the Varonis DSPM dashboards.

Automatically discover and classify sensitive Snowflake data.

Varonis scans Snowflake data and presents data sensitivity, concentration (hit count), and exposure together in an easy-to-read, hierarchal view. This added context ensures that findings are actionable.

Our extensive library of built-in classifiers helps you pinpoint sensitive and regulated data down to the precise table and column. This includes PII, financial data, intellectual property, AI training data, and other types of sensitive information that should be locked down and protected.

Customize your classification scope to prioritize the classification of critical Snowflake databases, speed up scans, and save on cost.

image (3)

Automatically discover and classify sensitive data stored across the cloud and view results in an intuitive file tree format.

Easily confirm classification results with file analysis, which shows you exactly where the classification results appear within each database table.

Snowflake Classification results

Review classification results to see the exact types of sensitive data that exist in your environment.

Identify and reduce sensitive data exposure.

Varonis maps granular permissions to Snowflake data and simplifies its complex permission structures down to a normalized CRUDS model (create, read, update, delete, and share).

Varonis helps you understand what the different users and groups in your organization can do with your critical data and where it is potentially overexposed internally, externally, or publicly. 

Snowflake permissions-2

Simplify permissions management in Snowflake with Varonis.

Use Varonis to easily understand the creation, assignment, and modification of Snowflake roles and permissions to quickly identify where there is excessive access to Snowflake databases and get to a least-privilege model.

See where external or personal accounts can access your Snowflake databases and if they have been published on the Snowflake marketplace or exported to public stages in AWS, Azure, or Google Cloud.

Varonis also enables you to automatically discover shadow and backup admin accounts with privileges to change critical Snowflake security configurations and user permissions that could cause serious damage if compromised.

Snowflake admins

Easily audit the admin and privileged users in your Snowflake environment.

Detect and fix configuration drift.

Varonis continuously scans your Snowflake data warehouse and broader cloud environment to identify security gaps and misconfigurations that could put your data at risk or break compliance.  

Snowflake config drift 2

Varonis surfaces misconfigurations in a centralized dashboard, sorted by severity, so you can begin prioritizing and remediating.

We’ll surface security risks such as:

  • Missing row access policies
  • Missing network policies
  • The ability to export sensitive data to a public stage

Easily compare the posture of your environment against standard rules and regulations like CIS, ISO, NIST, and HIPPA, and identify where your configurations drift out of compliance.

Each configuration insight provides a severity level to help you prioritize remediation efforts. Additional context explains why the misconfigurations are a security risk and provides you with detailed recommendations on how to fix the issue.

Snowflake misconfiguration recommendation

Expand each insight to review Varonis’ recommendations on how to fix the issue.

Detect and stop threats to critical Snowflake data.

Varonis monitors your Snowflake environment for abnormal or risky activity that could indicate a threat.

We see activities such as when users are granted privileged permissions, data is exported to public stages, and when critical configurations are changed. We then alert you to potential threats in real-time.

Varonis maps each alert to the relevant MITRE ATT&CK tactics and techniques to help security teams better understand the alert’s context, impact, and phase, enabling them to investigate better and respond to threats.

Snowflake alert

Varonis automatically detects risky or suspicious behavior and provides additional context to accelerate investigations.

A granular cross-cloud audit trail of events makes it simple to understand how your data is being used and by whom so you can easily investigate threats, including lateral movement, across Snowflake and your broader cloud environment.

Speed up investigations by filtering the audit trail by privileged users, sensitivity, activity type, and more.

Snowflake audit trail

Varonis provides a complete cross-cloud audit trail to facilitate investigations and identify lateral movement.

Comprehensive data security

Don’t settle for siloed solutions that provide partial visibility.

Varonis offers a comprehensive data security solution across your SaaS and IaaS environments. Our unified platform helps your team easily monitor and improve your organization’s Snowflake data security posture, minimize sensitive data risk, and defend against cyber threats.

Ready to secure your most sensitive Snowflake data and improve your security posture?

Try Varonis for free and request a demo today

 

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

targeted-campaign-against-snowflake-customers:-what-you-need-to-know
Targeted Campaign Against Snowflake Customers: What You Need to Know
Recent data breaches of prominent Snowflake cloud customers highlight the risks of compromised cloud storage accounts.
varonis-introduces-universal-classification-support-for-databases
Varonis Introduces Universal Classification Support for Databases
Integrate Varonis with virtually any network-connected database to discover and classify sensitive data at scale with pinpoint accuracy.
varonis-expands-dspm-capabilities-with-deeper-azure-and-aws-support
Varonis Expands DSPM Capabilities with Deeper Azure and AWS Support
Varonis is expanding its IaaS coverage to AWS databases and Azure Blob Storage, strengthening the CSPM and DSPM pillars of our Data Security Platform.
varonis-8.6:-control-collaboration-chaos-in-microsoft-365
Varonis 8.6: Control Collaboration Chaos in Microsoft 365
Varonis is excited to announce Varonis Data Security Platform 8.6, with enhanced data security for Microsoft 365 to help find and fix collaboration risks.