BlogCareersContact Us

How Snowflake uses Vulcan Cyber for risk-based vulnerability management

Continual innovation and development open the door to vulnerabilities in Snowflake’s workload. But as the to-fix list grows, how does the security team prioritize effectively and ensure that they mitigate their cyber risk?

  • 00 The Snowflake Challenge
  • 01 Vulcan Cyber Benefits
  • 02 About Snowflake
  • 03 The situation
  • 04 The process
  • 05 The results

The Snowflake Challenge

  • Teams didn’t collaborate
  • Scan data wasn’t enough
  • Vulnerability management needed SLA alignment

Vulcan Cyber Benefits


Total visibility

Universal translator

Remedies as a service

Custom risk modeling

About Snowflake

Snowflake is the only data warehouse built for the cloud, enabling the data-driven enterprise with instant elasticity, secure data sharing and per-second pricing across multiple clouds. Snowflake combines the power of data warehousing with the flexibility of a big data platform and the elasticity of the cloud at a fraction of the cost of traditional storage solutions.

Founded in 2012 Snowflake now has more than 2,000 customers including JetBlue Airways, Accor and Conagra Brands. Rapid customer growth required notable scale out of the cloud infrastructure underpinning the Snowflake cloud platform. This growth also created an increased need to efficiently maintain and secure the platform.


Time intensive Hard to measure Manual process


Automated risk-based prioritization Aligning metrics and KPIs to the business Auto-generated patching scripts


Increased productivity Self-service reports and tracking Minimal manual effort


The situation


Vulnerability management and remediation was very time-intensive at Snowflake, with significant manual effort required. For example, new vulnerability scan reports were manually reviewed by the compliance, IT and DevOps teams, with the security engineering team assisting with prioritization. Then the remediation team was required to build patch scripts, run quality assurance on them, and then roll them out.

As Snowflake grew quickly and expanded into additional cloud environments, a manual approach to prioritization and remediation could not scale. Moreover, measuring the effectiveness of the vulnerability management program was a challenge. The team needed reliable and insightful vulnerability metrics capable of covering the entirety of the program and showing progress made or ensuring SLAs were met.

Time-intensive Hard to measure Manual process

The process

The Vulcan platform works on top of Snowflake to leverage its proprietary risk model and provide risk-based prioritization to all vulnerabilities and misconfigurations discovered within the network. It applies context and business logic to vulnerability scan reports along with asset inventory and configuration data extracted from the Snowflake data platform (e.g. security groups, ELB configurations). With this level of visibility, the Snowflake team uses Vulcan to ensure they are remediating high-risk, public-facing vulnerabilities first, in accordance with Snowflake business requirements. Moreover, the Vulcan remediation intelligence library seamlessly provides the best remedy for the vulnerability, delivering Ansible patch and configuration automation scripts needed by the DevOps team to remediate vulnerabilities at scale. Armed with the necessary fixes, the DevOps team now only needs to review and apply the supplied solutions remotely.

To enable clear reporting and assessment of the vulnerability management program, key metrics and measurements were set, along with service level agreements, customized in accordance with Snowflake requirements.


Automated risk-based prioritization

Aligning metrics and KPIs to the business

Auto-generating patching scripts

The results

Using Vulcan has led to a much more efficient end-to-end vulnerability management program at Snowflake. By automatically prioritizing all vulnerabilities discovered, remediation teams can now target the most critical issues. Moreover, using auto-generated Ansible remediation automation scripts saves the DevOps team several days of work every month. This process lightens the workload and allows the team to address more critical issues sooner to more effectively enforce the infrastructure security posture required by Snowflake customers.

Self-service dashboards give the compliance team the insights and data they need to demonstrate governance results to auditors. The dashboards also enable management to track the vulnerability management program using metrics that reflect the business requirements and SLAs. Self-service and collaboration features of Vulcan allow teams across Snowflake to reduce the need for recurring meetings and gives valuable time back to every stakeholder.


Increased productivity

Self-service reports and tracking

Minimal manual efforts

Read up

Case study