PricingCareersContact Us

How Snowflake uses Vulcan Cyber for risk-based vulnerability management

Continual innovation and development open the door to vulnerabilities in Snowflake’s workload. But as the to-fix list grows, how does the security team prioritize effectively and ensure that they mitigate their cyber risk?

All^
  • 00 The Snowflake Challenge
  • 01 Vulcan Cyber Benefits
  • 02 About Snowflake
  • 03 The situation
  • 04 The process
  • 05 The results

The Snowflake Challenge

  • Teams didn’t collaborate
  • Scan data wasn’t enough
  • Vulnerability management needed SLA alignment

Vulcan Cyber Benefits

 

Total visibility

Universal translator

Remedies as a service

Custom risk modeling

About Snowflake

Snowflake is the only data warehouse built for the cloud, enabling the data-driven enterprise with instant elasticity, secure data sharing and per-second pricing across multiple clouds. Snowflake combines the power of data warehousing with the flexibility of a big data platform and the elasticity of the cloud at a fraction of the cost of traditional storage solutions.

Founded in 2012 Snowflake now has more than 2,000 customers including JetBlue Airways, Accor and Conagra Brands. Rapid customer growth required notable scale out of the cloud infrastructure underpinning the Snowflake cloud platform. This growth also created an increased need to efficiently maintain and secure the platform.

THE SITUATION

Time intensive Hard to measure Manual process

THE PROCESS

Automated risk-based prioritization Aligning metrics and KPIs to the business Auto-generated patching scripts

THE RESULTS

Increased productivity Self-service reports and tracking Minimal manual effort

 

The situation

THE SNOWFLAKE ENVIRONMENT

Vulnerability management and remediation was very time-intensive at Snowflake, with significant manual effort required. For example, new vulnerability scan reports were manually reviewed by the compliance, IT and DevOps teams, with the security engineering team assisting with prioritization. Then the remediation team was required to build patch scripts, run quality assurance on them, and then roll them out.

As Snowflake grew quickly and expanded into additional cloud environments, a manual approach to prioritization and remediation could not scale. Moreover, measuring the effectiveness of the vulnerability management program was a challenge. The team needed reliable and insightful vulnerability metrics capable of covering the entirety of the program and showing progress made or ensuring SLAs were met.

The intensive Hard to measure Manual process

The process

The Vulcan platform works on top of Snowflake to leverage its proprietary risk model and provide risk-based prioritization to all vulnerabilities and misconfigurations discovered within the network. It applies context and business logic to vulnerability scan reports along with asset inventory and configuration data extracted from the Snowflake data platform (e.g. security groups, ELB configurations). With this level of visibility, the Snowflake team uses Vulcan to ensure they are remediating high-risk, public-facing vulnerabilities first, in accordance with Snowflake business requirements. Moreover, the Vulcan remediation intelligence library seamlessly provides the best remedy for the vulnerability, delivering Ansible patch and configuration automation scripts needed by the DevOps team to remediate vulnerabilities at scale. Armed with the necessary fixes, the DevOps team now only needs to review and apply the supplied solutions remotely.

To enable clear reporting and assessment of the vulnerability management program, key metrics and measurements were set, along with service level agreements, customized in accordance with Snowflake requirements.

 

Automated risk-based prioritization

Aligning metrics and KPIs to the business

Auto-generating patching scripts

The results

Using Vulcan has led to a much more efficient end-to-end vulnerability management program at Snowflake. By automatically prioritizing all vulnerabilities discovered, remediation teams can now target the most critical issues. Moreover, using auto-generated Ansible remediation automation scripts saves the DevOps team several days of work every month. This process lightens the workload and allows the team to address more critical issues sooner to more effectively enforce the infrastructure security posture required by Snowflake customers.

Self-service dashboards give the compliance team the insights and data they need to demonstrate governance results to auditors. The dashboards also enable management to track the vulnerability management program using metrics that reflect the business requirements and SLAs. Self-service and collaboration features of Vulcan allow teams across Snowflake to reduce the need for recurring meetings and gives valuable time back to every stakeholder.

 

Increased productivity

Self-service reports and tracking

Minimal manual efforts

Read up

Case Study
Continual innovation and development opens the door to vulnerabilities in Mandiant's workload. But as the to-fix list grows, how does the security team prioritize effectively and ensure that they mitigate their cyber risk?
Infographics
Pulse and Vulcan Cyber surveyed 200 cybersecurity leaders to learn more about their cyber hygiene
regimens.
Virtual Event
Watch The Remediation Summit 2021 on demand and learn from cyber security experts from Gong, FireEye, Wipro and Vulcan Cyber.