A quarter full of risk – get to know the notable vulnerabilities of Q3 2024 >>

Go beyond vulnerability scanning with the Vulcan Cyber ExposureOS >>

Exposure management analytics and KPIs you need to know about  >>

Get a demo

A quarter full of risk – get to know the notable vulnerabilities of Q3 2024 >>

Go beyond vulnerability scanning with the Vulcan Cyber ExposureOS >>

Exposure management analytics and KPIs you need to know about  >>

Get a demo
Get a demo

case study

How Snowflake uses Vulcan Cyber for risk-based vulnerability management

Continual innovation and development open the door to vulnerabilities in Snowflake’s workload. But as the to-fix list grows, how does the security team prioritize effectively and ensure that they mitigate their cyber risk?

download pdf
The Snowflake Challenged

The Snowflake Challenge

  • Teams didn’t collaborate
  • Scan data wasn’t enough
  • Vulnerability management needed SLA alignment

 

Vulcan Cyber Benefits

Total visibility Universal translator Remedies as a service Custom risk modeling

 

About Snowflake

Snowflake is the only data warehouse built for the cloud, enabling the data-driven enterprise with instant elasticity, secure data sharing and per-second pricing across multiple clouds. Snowflake combines the power of data warehousing with the flexibility of a big data platform and the elasticity of the cloud at a fraction of the cost of traditional storage solutions.

 

Founded in 2012 Snowflake now has more than 2,000 customers including JetBlue Airways, Accor and Conagra Brands. Rapid customer growth required notable scale out of the cloud infrastructure underpinning the Snowflake cloud platform. This growth also created an increased need to efficiently maintain and secure the platform.

The situation

Time intensive Hard to measure Manual process

 

The process

Automated risk-based prioritization Aligning metrics and KPIs to the business Auto-generated patching scripts

 

The results

Increased productivity Self-service reports and tracking Minimal manual effort

 

The Situation

The Snowflake environment

Vulnerability management and remediation was very time-intensive at Snowflake, with significant manual effort required. For example, new vulnerability scan reports were manually reviewed by the compliance, IT and DevOps teams, with the security engineering team assisting with prioritization. Then the remediation team was required to build patch scripts, run quality assurance on them, and then roll them out.

As Snowflake grew quickly and expanded into additional cloud environments, a manual approach to prioritization and remediation could not scale. Moreover, measuring the effectiveness of the vulnerability management program was a challenge. The team needed reliable and insightful vulnerability metrics capable of covering the entirety of the program and showing progress made or ensuring SLAs were met.

Time intensive Hard to measure Manual process

 

The Process

The Vulcan platform works on top of Snowflake to leverage its proprietary risk model and provide risk-based prioritization to all vulnerabilities and misconfigurations discovered within the network. It applies context and business logic to vulnerability scan reports along with asset inventory and configuration data extracted from the Snowflake data platform (e.g. security groups, ELB configurations). With this level of visibility, the Snowflake team uses Vulcan to ensure they are remediating high-risk, public-facing vulnerabilities first, in accordance with Snowflake business requirements. Moreover, the Vulcan remediation intelligence library seamlessly provides the best remedy for the vulnerability, delivering Ansible patch and configuration automation scripts needed by the DevOps team to remediate vulnerabilities at scale. Armed with the necessary fixes, the DevOps team now only needs to review and apply the supplied solutions remotely.

To enable clear reporting and assessment of the vulnerability management program, key metrics and measurements were set, along with service level agreements, customized in accordance with Snowflake requirements.

Automated risk-based prioritization Aligning metrics and KPIs to the business Auto-generating patching scripts

 

 

The Results

Using Vulcan has led to a much more efficient end-to-end vulnerability management program at Snowflake. By automatically prioritizing all vulnerabilities discovered, remediation teams can now target the most critical issues. Moreover, using auto-generated Ansible remediation automation scripts saves the DevOps team several days of work every month. This process lightens the workload and allows the team to address more critical issues sooner to more effectively enforce the infrastructure security posture required by Snowflake customers.

Self-service dashboards give the compliance team the insights and data they need to demonstrate governance results to auditors. The dashboards also enable management to track the vulnerability management program using metrics that reflect the business requirements and SLAs. Self-service and collaboration features of Vulcan allow teams across Snowflake to reduce the need for recurring meetings and gives valuable time back to every stakeholder.

Increased productivity Self-service reports and tracking Minimal manual efforts

 

Want to hear more?

Vulcan Cyber empowers some of the world’s biggest organizations to take action to mitigate cyber risk in their environments. To learn more, check out some of our latest resources below:

The Mandiant Challenge

Nisl aliquam lectus placerat augue adipiscing congue

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Mauris id nulla amet ut lectus. Sociis est sit habitant aliquam rutrum in ultrices. Est egestas bibendum pellentesque adipiscing. Iaculis mauris justo blandit viverra mauris, nunc. Faucibus ac lorem nibh eget dolor, rutrum ipsum. Nulla in neque porttitor viverra dolor amet at. Enim, elementum, ultrices netus non egestas pretium condimentum. Malesuada maecenas vulputate interdum suspendisse vestibulum purus sed in facilisis. Dignissim tellus dictum dictumst aliquam elit amet orci.

Nisl aliquam lectus placerat augue adipiscing congue

Id cursus ipsum nibh vitae. Ut fringilla amet, amet, et non congue aliquam et tempor. Risus id feugiat pretium porttitor augue eget auctor fusce. Auctor tortor massa orci vel nam id in sagittis, in. Porta sit in elementum dictum fermentum, id. Bibendum molestie bibendum tincidunt nullam blandit suscipit nisl, magna. Tortor vel elit ultrices pretium a sit rutrum.

Consequat tellus donec tortor et nibh at elementum adipiscing nisl

Et faucibus justo, quis mauris amet, in placerat.

Euismod auctor blandit ullamcorper ante sagittis, sodales risus bibendum. Turpis sed nunc nibh adipiscing dis in sed. Amet non eros sed mi risus. Diam consequat vel, vitae, justo, ultrices. Viverra nisl urna sed quam venenatis mauris rhoncus. Rhoncus libero sapien, at vitae sed viverra lacus aenean. Et arcu vivamus eu imperdiet morbi turpis senectus. Orci, morbi sodales aliquam at orci vestibulum phasellus. risus amet metus ultrices turpis ante. Sodales mollis donec lectus eleifend etiam faucibus justo, aliquet. Elit, elementum diam aenean hac purus vitae sodales in. At ut faucibus habitant posuere. Facilisi nibh posuere elit gravida molestie nulla.

Malesuada in sed ac quis egestas venenatis

1. Vitae, est, egestas ipsum

consectetur sodales ut ullamcorper. In amet mauris commodo aliquam ut. Orci varius rutrum fringilla elementum lorem turpis pellentesque posuere tellus. Ipsum, viverra molestie lobortis nec cras vestibulum vivamus nunc. Amet sollicitudin pharetra, ac, diam, donec ridiculus iaculis interdum. Amet tincidunt fusce metus at. Risus viverra lobortis eu nunc in. Sed lorem non sit mauris elit.

Description for image

Et faucibus justo, quis mauris amet, in placerat

Euismod auctor blandit ullamcorper ante sagittis, sodales risus bibendum. Turpis sed nunc nibh adipiscing dis in sed. Amet non eros sed mi risus. Diam consequat vel, vitae, justo, ultrices. Viverra nisl urna sed quam venenatis mauris rhoncus. Rhoncus libero sapien, at vitae sed viverra lacus aenean. Et arcu vivamus eu imperdiet morbi turpis senectus. Orci, morbi sodales aliquam at orci Dui link luctus metus ultrices turpis ante. Sodales mollis donec lectus eleifend etiam faucibus justo, aliquet. Elit, elementum diam aenean hac purus vitae sodales in. At ut faucibus habitant posuere. Facilisi nibh posuere elit gravida molestie nulla.

Vulcan Cyber Benefits

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

About Mandiant

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Challenge

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Solution

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Results

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

Want to hear more?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Praesent neque ut malesuada elementum scelerisque eget. Risus sapien mauris velit morbi quam ultrices. Amet adipiscing libero fusce elementum rhoncus vitae cras. Quis at sit ipsum, eros, eu, tellus nunc. Leo, risus amet, sed feugiat blandit feugiat urna. Et consectetur turpis habitant senectus eget. Viverra magna ac nunc augue posuere id suscipit et.

People also read

SDLC and secure coding practices: the ultimate guide for 2024-old How-to guides SDLC and secure coding practices: the ultimate guide for 2024-old Dec 06, 2023
Kubernetes security – a step-by-step guide How-to guides Kubernetes security – a step-by-step guide Dec 25, 2023
Chaos testing: the ultimate guide How-to guides Chaos testing: the ultimate guide Apr 04, 2024