Post on 26-May-2020
OBSIDIAN AND SNOWFLAKE: CONSOLIDATED SECURITY VISIBILITY
SOLUTION BRIEF
SaaS is everywhere. Organizations have been moving their critical business systems to SaaS and cloud services over the past few years. Security teams need consolidated visibility into users, privileges, and activity across SaaS applications in order to better defend against risks and threats.. Beyond that, they also must be able to correlate SaaS security events and alerts with security data from other parts of their IT environment such as endpoints and the network.
Obsidian is the industry’s first cloud detection and response solution, delivering enriched normalized data on access, privileges, and activity across SaaS. Using Obsidian, security teams can detect and investigate breaches, uncover threats and secure SaaS apps. Obsidian is delivered as a SaaS solution that can be deployed in minutes. No more building and managing API integrations for SaaS logs and configurations.
API Layer
Unified API Data
Analytics
Alerts
Obsidian has partnered with Snowflake to give customers seamless access to Obsidian’s enriched, normalized SaaS security data in Snowflake’s secure, instant data exchange. Customers can store and access virtually unlimited historical timestream data and alerts in Snowflake for incident response, threat hunting, and audits.
By combining this rich SaaS telemetry with network and endpoint activity data in Snowflake’s security data lake, security teams can more effectively discover threats, and respond to breaches across their environment.
Customers will not only save time and financial overhead needed to sort and clean logs, but also gain a holistic understanding of the actors, activities and relationships in their cloud environments. The combined solution offers the safest way to integrate security with business, paving the path for sustained innovation.
Key Features
Deployed in minutes, productive in hours
Powerful alerts based on detections
Consolidated visibility across SaaS
Secure, virtually unlimited data warehouse
Simple integration through Data Exchange
Consolidated security data
OBSIDIAN SNOWFLAKE
How It WorksObsidian integrates with APIs across monitored services to construct a rich view of access and activity.
Obsidian automatically aggregates data about users, accounts, privileges, activity, and configurations from SaaS apps.
The data and alerts can be accessed in a private Snowflake data exchange.
The data is normalized and enriched with context to construct the Obsidian Identity Graph.
The platform applies analytics and ML to deliver insights and alerts.
Use Cases
Unified visibility and monitoring
Compromise detection
Suspicious insider discovery
Incident response
Threat hunting
Risk assessment and auditing
SaaS configuration drift detection
Posture management
v205.1O B S I D I A N S E C U R I T Y . C O M
START TODAY
© Copyright 2020 Obsidian Security, Inc. All rights reserved. Other brand names mentioned herein are for identification purposes only and may be the trademarks of their holders
Obsidian is delivered as frictionless SaaS and can be deployed in minutes.No software or agents to install or configure.
www.obsidiansecurity.com
Free Trial: Obsidian offers potential customers a two-week free trial to test-drive Obsidian in their environment: https://go.obsidiansecurity.com/free-trial
Demo Request: Sign up for a demo of the platform: https://go.obsidiansecurity.com/demo
Email: Contact us at sales@obsidiansecurity.com to schedule a meeting
1
2
3