Detection and Investigation with the Security Data Lake

Threat detection in the cloud requires a combination of visibility and context. But in order to gain actionable insights from your data, it needs to be centralized, normalized, and structured in a way that supports high-scale analysis and investigation.

Cloud data platforms like Snowflake offer a scalable foundation for storing petabytes of business and security data for long-term retention. By introducing a purpose built security analytics platform like Panther, security teams can operationalize their data lake to correlate activity across applications and infrastructure, detect signs of breach, and trigger high-fidelity alerts to third-party applications like Slack, PagerDuty, and Jira.

Join Snowflake’s Head of CyberSecurity, Omer Singer, and Panther Labs Principal Engineer, Russell Leighton, discuss how you can use Panther and Snowflake to:

• Gain new security visibility with detections-as-code and a central security data lake
• Detect and alert upon anomalies by regularly baselining user behavior
• Correlate suspicious activity with normalized security data and scheduled alerts
• Validate security controls automatically with code-driven compliance policies
• Identify compromised accounts and insider threats in your Snowflake