Lacework and Snowflake on Wednesday announced a product integration and go-to-market partnership that aims to help its customers gain more flexibility with analytics, build more effective dashboards, and respond to security incidents with lower cost.
Both companies are well-known in the security field. Lacework’s data-driven security platform has been built natively on top of Snowflake. It takes tens of billions of security data points and, through intelligent automation and its analytics engine, delivers visibility into the handful of security events that matter most in any given day.
For companies to become data-driven organizations, they have to analyze all of the data and derive something meaningful from it, said Steve Lukose, director of security engineering at Clari.
“When Clari combined Lacework's security intelligence with Snowflake's business intelligence, we knocked down those silos, providing our team a unified view of datasets in a single dashboard,” Lukose said.
This partnership is really about two companies focusing on their unique distinctive companies to deliver value to customers, said Frank Dickson, program vice president for security and trust at IDC. Dickson said Snowflake markets data warehouse-as-a-service, which lets corporate users store and analyze data using cloud-based hardware and software.
“Snowflake certainly provides analytics, but security analytics is a highly specialized science,” Dickson said. “Lacework lives and breathes security analytics. The result is the combination of an organization that is good at storing, structuring and analyzing data with a company that is really good about applying security analytics to data. It’s a win-win.”
Tyler Shields, CMO at JupiterOne said that Lacework was built natively upon Snowflake as its underlying system. He said essentially the partnership gives their joint customers the ability to do Snowflake-style reporting and analytics in a dedicated security lake.
“This is interesting, but requires a pretty significant data analysis capability within the customer to maximize the value,” Shields said. “If they make it super easy, point and click, and create value that can be used without a data scientist on staff, it could be very powerful. Data analytics is difficult to do, but when done right is extremely powerful.”
John Morgan, CEO at Confluera, said today’s cloud security requirements demand collaboration across different platforms given the high complexity of the cloud. Aggregating and centralizing data is a great first step, but it's just one of many factors organizations must consider. Morgan said we are now at a phase in the industry where organizations have to process data deterministically, without errors and guess-work, in real-time, and at a low-cost to stop attacks before ransomware and attacks are executed.
“Organizations must dig deeper into these requirements to determine the best solution to address cyber risk,” Morgan said. “We are also seeing security solutions designed specifically to address the unique challenges of the cloud, including its ephemeral nature, control plane vulnerabilities, run-time attack detection, and container security along with the real-time data processing requirements. With these requirements in mind, organizations can get ahead of modern cloud attacks and formulate an effective remediation strategy.”
Doug Cahill, vice president of analyst services and a senior analyst at the Enterprise Strategy Group, added that the dynamic and ephemeral nature of cloud native environments and a multitude of services generates massive event telemetry adding to the deluge of alerts security operations teams are already struggling to triage.
“The partnership between Snowflake and Lacework aims to bring scale and context to this reality with the combination of Lacework’s anomaly detection sensors and Snowflake’s Data Cloud to make security findings more readily available and actionable,” Cahill explained.