Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis announces strategic partnership with Microsoft to acclerate the secure adoption of Copilot.

Learn more

Varonis Expands Coverage to Help Secure Critical Snowflake Data

Varonis now offers Snowflake users enhanced visibility and data security for critical data warehouses and databases.
3 min read
Last updated February 9, 2024

Varonis protects data wherever it lives, and now that extends to data warehouses and databases in Snowflake.

Thousands of enterprises use Snowflake to simplify their data foundation, power their AI strategy, and develop applications.

With Snowflake, end users can easily store, manage, share, and even export data, much of which is sensitive information. Without security oversight, users could potentially expose massive amounts of critical data to cyber threats.

Varonis now provides enhanced visibility and security for your critical Snowflake data and the underlying cloud infrastructure. Our new integration gives you the ability to:

  • Gain a centralized overview of your Snowflake security posture and where data is exposed through excessive access or critical misconfigurations.
  • Discover and classify sensitive data stored in your Snowflake data warehouse.
  • Identify where data has been published on the Snowflake marketplace or exported to public stages in AWS, Azure, or Google Cloud.
  • Detect and fix configuration drift to help maintain compliance and improve your Snowflake security posture.
  • Monitor activity to detect and investigate threats across Snowflake and your cloud environment.

Improve your Snowflake security posture.

Our customizable DSPM dashboards provide a centralized overview of your data security posture across Snowflake and broader cloud environments.

Easily identify where your sensitive data may be at risk and if there are any gaps in your security posture through excessive access, public exposure, and misconfigurations — all from a single pane of glass view.

Begin remediating risks and improving your data security posture across your cloud resources from these dashboards.

DSPM Dashboard - Snowflake

Monitor and visualize your Snowflake security posture alongside your SaaS and IaaS data with the Varonis DSPM dashboards.

Automatically discover and classify sensitive Snowflake data.

Varonis scans Snowflake data and presents data sensitivity, concentration (hit count), and exposure together in an easy-to-read, hierarchal view. This added context ensures that findings are actionable.

Our extensive library of built-in classifiers helps you pinpoint sensitive and regulated data down to the precise table and column. This includes PII, financial data, intellectual property, AI training data, and other types of sensitive information that should be locked down and protected.

Customize your classification scope to prioritize the classification of critical Snowflake databases, speed up scans, and save on cost.

image (3)

Automatically discover and classify sensitive data stored across the cloud and view results in an intuitive file tree format.

Easily confirm classification results with file analysis, which shows you exactly where the classification results appear within each database table.

Snowflake Classification results

Review classification results to see the exact types of sensitive data that exist in your environment.

Identify and reduce sensitive data exposure.

Varonis maps granular permissions to Snowflake data and simplifies its complex permission structures down to a normalized CRUDS model (create, read, update, delete, and share).

Varonis helps you understand what the different users and groups in your organization can do with your critical data and where it is potentially overexposed internally, externally, or publicly. 

Snowflake permissions-2

Simplify permissions management in Snowflake with Varonis.

Use Varonis to easily understand the creation, assignment, and modification of Snowflake roles and permissions and to quickly identify where there is excessive access to Snowflake databases and get to a least-privilege model.

See where external or personal accounts can access your Snowflake databases and if they have been published on the Snowflake marketplace or exported to public stages in AWS, Azure, or Google Cloud.

Varonis also enables you to automatically discover shadow and backup admin accounts with privileges to change critical Snowflake security configurations and user permissions that could cause serious damage if compromised.

Snowflake admins

Easily audit the admin and privileged users in your Snowflake environment.

Detect and fix configuration drift.

Varonis continuously scans your Snowflake data warehouse and broader cloud environment to identify security gaps and misconfigurations that could put your data at risk or break compliance.  

Snowflake config drift 2

Varonis surfaces misconfigurations in a centralized dashboard, sorted by severity, so you can begin prioritizing and remediating.

We’ll surface security risks such as:

  • Missing row access policies
  • Missing network policies
  • The ability to export sensitive data to a public stage

Easily compare the posture of your environment against standard rules and regulations like CIS, ISO, NIST, and HIPPA, and identify where your configurations drift out of compliance.

Each configuration insight provides a severity level to help you prioritize remediation efforts. Additional context explains why the misconfigurations are a security risk and provides you with detailed recommendations on how to fix the issue.

Snowflake misconfiguration recommendation

Expand each insight to review Varonis’ recommendations on how to fix the issue.

Detect and stop threats to critical Snowflake data.

Varonis monitors your Snowflake environment for abnormal or risky activity that could indicate a threat.

We see activities such as when users are granted privileged permissions, data is exported to public stages, and when critical configurations are changed. We then alert you to potential threats in real-time.

Varonis maps each alert to the relevant MITRE ATT&CK tactics and techniques to help security teams better understand the alert’s context, impact, and phase, enabling them to investigate better and respond to threats.

Snowflake alert

Varonis automatically detects risky or suspicious behavior and provides additional context to accelerate investigations.

A granular cross-cloud audit trail of events makes it simple to understand how your data is being used and by whom so you can easily investigate threats, including lateral movement, across Snowflake and your broader cloud environment.

Speed up investigations by filtering the audit trail by privileged users, sensitivity, activity type, and more.

Snowflake audit trail

Varonis provides a complete cross-cloud audit trail to facilitate investigations and identify lateral movement.

Comprehensive data security

Don’t settle for siloed solutions that provide partial visibility.

Varonis offers a comprehensive data security solution across your SaaS and IaaS environments. Our unified platform helps your team easily monitor and improve your organization’s Snowflake data security posture, minimize sensitive data risk, and defend against cyber threats.

Ready to secure your most sensitive Snowflake data and improve your security posture?

Try Varonis for free and request a demo today

 

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
Try Varonis free.
Get a detailed data risk report based on your company’s data.
Deploys in minutes.
Keep reading
automatically-remove-salesforce-public-links-with-varonis
Automatically Remove Salesforce Public Links with Varonis
Varonis’ least privilege automation capabilities now remove public Salesforce links automatically.
varonis-delivers-market-leading-salesforce-security
Varonis Delivers Market-leading Salesforce Security
Varonis delivers market-leading Salesforce security
varonis-mddr:-industry's-first-managed-data-detection-and-response-offering
Varonis MDDR: Industry's First Managed Data Detection and Response Offering
New 24x7x365 threat detection and response service is built to stop data breaches.
what’s-new-in-varonis:-jan-2024
What’s new in Varonis: Jan 2024
This month brings you a fresh set of updates designed to improve your cybersecurity journey.