‍The Challenges of Securing For Digital Resiliences in SaaS

Cybersecurity is a top priority for any SaaS-first, cloud company. For Brad Jones, CISO of Snowflake, it means providing secure, reliable, and privacy-first data solutions for more than 11,000 customers.

When it comes to SaaS, customers must configure defenses and monitor for advanced attacks, malicious insiders, and threats from GenAI. However, to collaborate effectively on security, app owners and InfoSec need modern tools. Brad’s team faced the challenge of monitoring for misconfigurations and threats across known and unknown apps, all without compromising productivity.

‍

“SaaS apps by their nature are exposed, and they’re out there on the wide internet, so they're a prime target for threat actors. They could be trying to get corporate information to exploit internal infrastructure or to exfiltrate data,” said Jones.

‍

End-to-End SaaS Protection with Obsidian Security

Jones’ team needed a purpose-built platform to solve the full spectrum of SaaS security: prevention, discovery, detection, and response. The Obsidian solution delivered just that, beginning with a complete baseline of user activity. Snowflake first used these capabilities to manage fast-growing SaaS-to-SaaS integrations.

‍

“Obsidian’s Integration Risk Management solution gives us insights and understanding of what privilege has been granted to other third parties. We make certain that we have a clear line of sight or get rid of those connections
that don't have appropriate business use."

‍

At the core of the solution is Obsidian’s proprietary Knowledge Graph. Built on a deep understanding of identities and their integrations, it normalizes unstructured logs to deliver key security outcomes for Snowflake:

     • Reduced time to identify and remediate vulnerabilities through app owners, at scale

     • Managing privilege for non-human, 3rd party integrations to core SaaS

     • Monitoring of business-exempt local SaaS accounts that bypass the IdP

     • Preventing advanced phishing attempts and reducing MTTR for security events

     • Reduce costs by consolidating IT & eliminating point solutions for SaaS discovery

And regarding the challenge of GenAI...

‍

A Deeper Look Into the Browsers: Security Where You Work

Jones' team was facing new forms of enterprise risk, including insider threat from difficult-to-restrict Shadow IT and Generative AI applications (e.g. uploading corporate documents). While enterprise browsers curb some of this behavior, Snowflake and the majority of businesses still rely on multiple browsers. Jones' team needed a flexible solution to monitor for loss and capture evidence for data-driven change management. The Snowflake team also needed to stay vigilant against advanced (and still evolving) spear phishing threats.

Snowflake deployed Obsidian Security's Browser Extension to secure where employees work: the browser. The lightweight extension detects and blocks risky behavior—whether it's engagement with unsanctioned apps or clicking malicious links. And by adding Obsidian to its stack, Snowflake completed its phishing defense strategy—extending protection to personal inboxes and catching adversary-in-the-middle (AiTM) threats that evade filters and detections from legacy tools.

‍

Addressing Emerging Security Risks of Tomorrow

Obsidian Security's suite of SSPM, ITDR, and Identity Threat Prevention (ITP) restores complete security to SaaS. Obsidian's intelligent platform and expert team have helped Snowflake empower a culture of security, ensuring the highest level of protection for their customers' data.

‍

“It’s part of our security posture and our culture to really believe in the human firewall. It’s important that we empower our application owners to understand how they can identify and fix security problems on their own."

‍