Snowflake was one of Hunters’ first customers, and now the companies have partnered to combine Hunters’ autonomous threat detection technology with Snowflake’s data lake, to provide a joint solution.
Israeli cybersecurity startup Hunters.AI has announced a new collaboration with cloud data warehouse unicorn Snowflake, which will see Hunters leverage Snowflake’s data lake to accelerate the speed and efficiency of Hunters’ threat detection capabilities.
Hunters is an early stage startup, which completed a $5.4 million seed funding round a little under a year ago. Their technology is based on correlating data from a vast array of events, logs, and static data sources that was not being correlated before, from different types of security solution logs and SaaS solutions. That differentiates them from other detection tools which lack that holistic visibility because they are focused on a single dimension like the network or endpoints.
“Our value is not just in our technology expertise, but in our broad domain expertise, which is something that had been missing in the market,” said Noa Katz, Hunters’ Director of Marketing.
Correlating the data isn’t focused on finding obviously threatening acts, but incidents which in conjunction with other benign-looking incidents, may show a patterns that resembles patterns in which attackers typically behave, and thus pose a threat.
Snowflake is an early customer of Hunters, and last year Hunters highlighted an exercise with Snowflake which demonstrated how what they call their autonomous threat hunting capability works. Hunters conducted a recent Red Team attack exercise combining all elements of a worst-case scenario. The attackers were given credentials for a user account with elevated admin privileges, an internal company laptop and the element of surprise. Hunters identified the attack in minutes and alerted the Snowflake response team. The key was their ability to detect a series of actions, none of which by themselves was malicious but the combination of which was anomalous.
“When that announcement was made last year, Snowflake was a reference customer,” Katz said. “This is something else. Snowflake is now both a customer and a technology partnership. There is a growing need in the market for automation of threat detection and covering more surfaces from attack. We achieve this with this amazing collaboration. They come in with the data, and we come in with the automation.”
The partnership will see Hunters leverage the Snowflake data lake, to increase their interconnection of diverse enterprise data sources significantly, and make their autonomous threat hunting faster and more efficient.
“We will be selling a joint solution – a security data lake,” Katz said. “We consider it a real joint Go-to-Market based on the synergy of our technology value.”
Katz said that the integration between themselves and Snowflake will be significantly deepened going forward.
“In addition, since last year we have grown immensely in our ability to conduct autonomous investigations and detect threats even faster than before,” she stated. “We have deepened our ability to provide full attack stories. We don’t just provide alerts which flood the user with noise.”
Katz said that other key strategic partnerships are in the works.
“We will be announcing another major partnership soon,” she said. “These help position us as an additional layer in a security strategy.”