>>Hey everyone. Welcome back to the queue of Lisa Martin with Dave Valante and we're live in Vegas. This is snowflake summit, 22, their fourth annual event. A lot of people here, a lot of news, a lot to unpack so far, and this is only day, day one. We've got two guests here with us to talk about, uh, cyber security, a very important topic, please welcome Omar singer the head of cyber security strategy at snowflake and Julie Chilo VP of security at Guild education. Welcome. Thank >>You. Thank you >>For having all of >>Our favorite topics. Yeah. Oh >>One. It's not boring. >>You know this much and you have so much more to learn now. So here >>We go. Cybersecurity is, is not to say it's boring. Not boring is an understatement. Yeah. Omar, I wanna start with you so much news coming out today. Talk to us about what's new with cybersecurity. Workload is snowflakes. Flywheel of innovation just seems to be getting bigger and faster. >>Yeah. Yeah. Well, well, I'll tell you it's been a long road to get to where we are today. Um, my initial role at snowflake was to lead security engineering. So I've actually been using snowflake as the home for security data, basically from day one. And we saw that it worked, it worked really well. And we started hearing from customers that they were dealing with some of the same challenges that we faced as an internal security team. And we decided as snowflake that we wanna bring the benefits of the data cloud to cyber security teams at all of our customers. And that's what the workload is all about. >>Talk to us about the, the voice of the customer. Obviously we saw a lot of customer stories heard your customer. We're gonna be talking about Guild education in a minute, but in the voice of the customer, in terms of being influential, obviously you were an internal customer drinking that champagne like this tastes really good. This is better of the Flaco <laugh>, but how is the voice of the customer influential in terms of the, the cybersecurity workload, as we've seen the threat landscape change so much in the last two years alone? >>Sure, sure. And you know, security, it's a really hard problem. We like to think of it as a data problem. And when you start thinking about it, that way snowflake is re very relevant for it. But many security teams don't yet think about their challenge as a data challenge. And so they're struggling with a very fragmented data landscape. The facts are all over the place and they're not able to ask the kind of questions that they need to understand. Where are my risks? How are the bad guys gonna try to get into my network? And they can't reflect that to leadership to everybody that really cares about cyber security. This is a board level concern today without the unified data and without the analytics. Um, they really can't do any of that. And, and yeah, representing the customer is, is a big part of what I do. And we have great customers like, like Julie, who's been kind of with us on this journey. She's, she's a part of the movement. I mean, Julie, what, what has it been like, uh, for, for you? >>Oh, it's been, uh, it's been game changer for, for Guild for sure. When we first, uh, started, I didn't one, I didn't know this was a concept <laugh> so when I first started talking O me and, um, snowflake, uh, I had just heard through the grapevine that, that you could do, like, this was a thing you could use the data, you could get everything you needed in one place. And, um, it's been game changing for my team. Uh, we, we were in many different security tools. They were all isolated, siloed, and we're now able to move everything into one, uh, one area, uh, and get we're getting close to the one pane of glass, which I, um, I just heard was a mythical concept for >>Security for >>A long time. Yeah. For a long time. Um, so it's, uh, it's just been amazing and it's, uh, brought us closer to our data ops team. So I'm here this week, uh, with somebody from data ops, actually, that's awesome to help us out. >>So can you describe that further? I'm I'm, I'm, I'm amazed and skeptical the, the, the I'm imagining, you know, the Optiv chart that says eight, 8 million security tools on there, are you actually able, uh, describe how you're able to consolidate your tooling? >>So, one of, one of the biggest problem, one of the biggest problems we were facing initially was our SIM, um, the security incident and event management tool could not take anything from our DevSecOps tools. And so any security that we had in a developer pipeline was really isolated to that tool, and we could never get it into a SIM Sims just aren't meant they're not built to handle that they're built to handle, um, not, not really old school networks and, and data center traffic and everything I have is in the cloud. And so we were really, I, everything was isolated. So with snowflake, what we do is we, um, worked with our data ops team. We can move things from, um, like our, our scanning tools for, for the developer pipelines into snowflake. We can use then correlate different things such as, from like eight year ADP. Like if a, do you have somebody pushing code to production who's out on vacation, you can actually do that correlation with snowflake that was never available before. These are things we could never do before. And we're able to, um, just do correlations. You could not get in that you cannot get in a SIM. >>Why couldn't I just throw those into any old, you know, run of the mill cloud data warehouse? >>Well, you know, it's not just the scale, it's the complexity of the data. I think snowflake how we have the, the sche on read and then all of the kind of things that make snowflake really good for other departments turns out, works really well for security. And it's the ecosystem too. Nobody else has this ecosystem approach. You know, you heard on the keynote today that snowflake is the, this disrupting, um, the, the software application development, right? All, all that kind of focus. The tool consolidation doesn't need to mean that you only have one tool you can actually have best of breed, choose the tool you want. As long as the data's consolidated, you're not building more silos. And that's what our partners are doing. They're separating the application from the data. They're bringing the work to the data, and that's what you hear here. So Julie's team can still choose to use a variety of tools that get the job done, but all those tools are working off of the single source of truth. And that, that is unique to what snowflake >>Can enable. So we, we are Reiss. Uh, we should have asked you about Guild education, explain your, your, your organization. >>Oh, what does Guild do? Uh, so we're a late stage startup. Uh, we manage education as a benefit for, for large companies. So we, we house data from very large organizations with like their workforce and, and help students help, help their workforce go back to school. >>Okay. So unpacking some of the things you said, schema on Reed, but not necessarily no schema on, right. It's a little different, right. Because you're ingesting. Yeah. And then you're determining the scheme on read that's right. Right. Okay. So that makes it simple and fast for zoom, but you get data in and then you figure it out, bringing work to data. Can we just double click on that a little bit? Cuz I think when I think about that, we've heard terms like over the years bring compute to the data. That's what Hadoop was supposed to do. And it didn't, you know, it was like, everything was mm-hmm <affirmative> shoved. So what do you mean by that? How, how, what, what actually does that >>Mean? Yeah. So if you think about the traditional SAS solution, the vendor needed to invest in a data center and to have a data platform that would be scalable and robust because their service dependent on it and they couldn't trust that the customer would have that kind of data platform on the customer's side. What Snowflake's data cloud has done has democratized the data platform. So now you have startups to fortune 500 S the vendors, the customers, they're all uneven footing when it comes to the data platform. So now the vendors can say, bring your own snowflake. Why not? You know, and they can focus on building the best application to solve the real challenges that security teams have. But by the way, not only cybersecurity, we see this and for example, the, um, customer data space as well. So we're seeing more and more kind of SaaS industries seeing this approach and the applications are gonna come yeah. To the data platform of choice, uh, for the practitioner. >>Julie, can we talk about some of the outcomes that Guild education has achieved so far by working with this solution in terms of, we look at the threat landscape and how it's changed so much the last couple of years and how it's a matter of if, or sorry, when not, if I get hit with an attack, how, what are some of the key outcomes that a snowflake partnership and technology has enabled you to achieve? >>So the, the biggest one, again, it's around the Def sec ops program, um, where you see so many attacks these days happening in the code base. So you really have to be careful with your, your pipeline where the code's getting moved through, who has access, who can move code into production. Um, and these are so the, like if you're using GitHub or, um, like using a scanning tool called snake, they're, they're separate, like they're completely separate the only way that we can see who's moving code into production, or if there was a vulnerability or somebody turned off, the security tool is to move these logs, this data into snowflake, uh, and our engineering teams were already using snowflake. Uh, so that made it, that was an easy transition for us. I didn't have to go out and convince another team to support us somewhere else, but a great example where we were, we're seeing great, um, savings, not only in people time, but, but for security, um, we were having problems or the security or the <laugh>, the engineers were turning off our secure codes scanner. >>And we didn't find out until a little bit later. Uh, oh yeah. Yeah. So found out we, my team, we had a team, we spent about 160 hours going through a thousand pole requests manually. And I said, no, no more go find the go figure out where this data exists. We put it in a snowflake and we can create an automatic, uh, ping to the security team saying, Hey, they turned off the, the scanner, go check and see what, why did the scanner get turned off? So it's an immediate response from my team instead of finding out two months later. And this is just, isn't something you can do right now. That's you can't set it up. So, um, makes it so easy. Ping goes to slack. We can go to the, immediately to the engineering team and say, why did you >>Using using automation? >>Yeah. Did you, did you turn this off? Why did you turn it off? Get an exception in so one, it like helps with compliance, so we're not messing up our SOC two audit. Uh, and then two, from a security perspective, we are able to, to trust, but verify, um, which is a big part of the DevSecOps landscape, where they need code to move into production. They need a scan to run in under five minutes. My team can't be there to scan, you know, 10, like 10 times a day or a hundred times a day. So we have to automate all of that and then just get information as it comes in. >>Is it accurate to say that, um, you're not like shutting off your tools, you're just taking advantage of them and compressing the time to get value out of them or are you actually reducing the tool sets? >>No, we don't. Well, no, we, our goal wasn't to reduce the tool set. I mean, we did actually get rid of the SIM we were using. Uh, so we were partnering with one of, um, uh, snowflakes partners, um, >>Because yeah, but you still have a SIM, >>We still have it. It's just minimized what goes to the SIM, because most of what I care about, isn't actually going to a SIM. Yeah. It's all the other pieces that are in a cloud because we use all like, we're, we're a hundred percent in the cloud. I don't have servers, I don't have firewalls. We don't have routes routers or switches. So all the things I care about live in a cloud somewhere. And, and I want that information. And so a lot of times, um, especially when it comes to the engineering tools, they were already sending the information to snowflake or they're also interested. And so we're partnering like it's, we're doubling up on the use of the >>Data. Okay. And you couldn't get that outta your SIM. Maybe you're asking your SIM to do too much, or it just didn't deliver. >>No systems are built on search engines. You know, they don't, >>They, they can't do it. >>You kind of knew what you were looking for and you say, Hey, where did I see this? Where did I see that? Very different from data analytics and the kinds of question that security teams really want to ask. These are emergent properties. You need context, you need sequel, you need Python. That's how you ask the questions that security teams really want to ask the legacy Sims. They don't let you ask that kind of question. They weren't built with that in mind. And they're so expensive that by moving off of them, to this approach, you kind of pay for all these other solutions that, that then you can bring on. >>That seems to make the, what you just said. There was brilliant. It seems to make the customer conversation quite easy if they're saying, well, why should I replace my SIM? It's doing just fine. You just nailed it with, with what you said there. >>So, yeah. And we're, and we're seeing that happen extensively. And I'm excited that we have customers here at summit talking about their experience, moving off of a legacy SIM where the security team was off to the side, away from the rest of the company to a unified approach, the SIM and the other security solutions working on top of the snowflake and a collaboration between security and the data >>Team. So what does your security ecosystem look like? You've got SIM partners. Do you have identity access partners, endpoint partner. Absolutely. >>Describe that compliance automation ass. Yeah. We hear about companies really struggling to meet all the compliance requirements. Well, if all the data's already centralized, then I can kind of prove to my auditors and not just once a quarter, but once a day, I can make sure that all the environment is in compliance with whatever standard I have. So we see a lot of that cloud security is another big one because there's just 10 times more things happening in the cloud environment than in the data center. Everything is so heavily instrumented. And so we see cloud security solutions as significant as well. And the identity space, the list goes on and on. We do see the future being the entire security program uses connected applications with a single source of truth in the company's snowflake. And >>Would you say centralized, you, you it's logically centralized, right? I mean, it's virtually centralized, right? It's not, >>Well, that's >>Not shoved into one container, right? >>I mean, it's right. Well, that's the beauty of the data cloud, right? We, everybody that's on the data cloud is able to collaborate. And so whether it's in the same account or table or database, you know, that's really besides the point because all of the platform investments that snowflake is making on cross region, cross cloud collaboration means that once it's in snowflake, then it is unified and can be used together. But >>I think people misunderstand that sometimes. And BEWA made this point, uh, as the Christian about the global nature of, of snowflake and it's globally distributed, but it's logically a data cloud. >>Yeah. I like to call it one big database in the sky. You know, that's how I explain to security teams that are kind of new to the concept, but >>It's not, it's could be a lot of little databases, but it, but having the same framework, the same governance structure, the same security >>You're right. I think that's how it's achieved is what you're describing. You know, I think from the outcome, what the security team needs to know is that when there's some breach hitting the headline and they need to go to their leadership and say, I can assure you, we were not affected. They can be confident in that answer because they have access to the data, wherever it is in the world, they have access to ask you the questions they need to ask. >>And that confidence is critical. These days as that threat landscape just continues to change. Thank you both so much for joining us. Thank you. Talking about from a cyber security perspective, some of the things that are new, new at snowflake, what you guys are doing at Guild education and how you're really transforming the organization with the data cloud, we appreciate your insights. Thank you for having us. Thank you. Thanks you guys for our guests and Dave ante. I'm Lisa Martin. You're watching the queue live from Las Vegas on the show floor of snowflake summit 22. We'll be right back with our next guest.