Cybersixgill Partners with Snowflake to Deliver Cybersecurity Threat Intelligence on the Data Marketplace

Cybersixgill, a vendor that offers real-time and actionable threat intelligence, announced today it is partnering with Snowflake, the Data Cloud Company. The goal of the partnership is to add comprehensive cyber threat intelligence, including access to the most extensive deep, dark, and clear web data feed, to the Snowflake Data Marketplace. Through this partnership, enterprises can seamlessly blend Cybersixgill’s threat intelligence data into their Snowflake security data lake.

The Snowflake Data Marketplace gives data scientists and business intelligence and analytics professionals access to 1,100 live and ready-to-query data sets from over 200 third-party data providers and data service providers. (These are current numbers as of January 31, 2022.)

“Security leaders and practitioners are asking for easy access to threat intelligence that makes them more effective at preventing and stopping breaches,” said Omer Singer, Head of Cybersecurity Strategy at Snowflake. “The integration of an industry leader like Cybersixgill for threat intelligence in the Snowflake Data Marketplace allows our customers to tap into an incredibly comprehensive collection of deep, dark, and clear web data about relevant threat actors, their targets, and techniques. Snowflake’s performant architecture means customers can then apply those IOCs and TTPs across their own security data at petabyte scale. With this critical intelligence, companies can identify attacks sooner and respond to incidents faster – multiplying the benefits that the security data lake brings to their cyber defense.”

Cybersixgill automated threat intelligence solutions provide real-time contextual intelligence and the necessary insight into the nature and source of each threat. Analysts can leverage the best-in-market data collection of millions of intelligence items and thousands of indicators of compromise (IOCs) from the deep, dark and clear web, including historical data dating back 30 years, deleted posts, invite-only messaging groups, and millions of threat actors.

“A significant challenge with threat intelligence is the ability to analyze and act on the vast amount of data it generates. Additionally, traditional storage methods prevent companies from having long-term access to that data for a historical look-back at past compromises, which is critical when assessing risk exposure and applying long-term attribution to Advanced Persistent Threats (APTs),” said Brad LaPorte, Advisor with Lionfish Tech Advisors and a former Gartner Analyst. “The integration of Cybersixgill in the Snowflake data lake is an industry first – breaking down silos and making threat intelligence widely available to users across the enterprise for years to come. The synergy of this partnership will be essential for organizations as they rapidly adopt modern architectures such as Extended Detection and Response (XDR) powered by expansive data lake(s). Research shows that over half of organizations plan to implement a data lake in the next year. Due to this, I recommend that every company using Snowflake should go to the Marketplace and get Cybersixgill right away.”

“The continual shift to the cloud and the increasing centralization of security for enterprise organizations has resulted in a tremendous amount of data that must be ingested and analyzed,” said Gabi Reish, Chief Business Development and Product Officer for Cybersixgill. “With the Snowflake Data Marketplace, organizations have the ability to now combine third-party data with their own to build security solutions and applications that enable informed and rapid detection and response. Being added to the Snowflake Data Marketplace is part of our strategy to deliver the most extensive collection of threat intelligence data to our customers, and enables users across the organization to consume threat intelligence in multiple ways.”

Cybersixgill offers several listings, many of which are free to Snowflake customers, in the Snowflake Data Marketplace, including:

• Malware Insights – Enables users to automate malware research and IOCs blacklisting with malware listed on dark web file-sharing sites, marketplaces, and more
• Compromised Sites – Allows for the creation of automated remediation processes against phishing and ransomware attacks based on malicious domains and URLs sold on the dark web
• Compromised End Points – Helps organizations protect themselves from initial access brokers and ransomware by gaining unique intelligence about IP addresses mentioned on underground sites as having a compromised RDP/FTP/VPS connection
• Darkfeed – Provides Snowflake users with an automated feed of malicious IOCs complete with essential context and insights and the ability to preemptively block items that threaten their organization.

Photo by Sora Shimazaki