Threat intelligence provider Cybersixgill announced on Wednesday a partnership with data cloud company Snowflake. The collaboration, which is set to add comprehensive cyber threat intelligence to the Snowflake Data Marketplace, is being announced a month after Cybersixgill's completion of a $35 million Series B funding round, bringing the company’s total investment to $56 million.
The Snowflake Data Marketplace provides data scientists and business intelligence and analytics professionals access to at least 1,100 query-ready, real-time datasets from more than 200 third-party data and data service providers.
“Leaders and security professionals are asking for easy access to threat intelligence that makes them more effective at preventing and stopping breaches,” said Omer Singer, Snowflake’s head of cybersecurity strategy. “The integration of an industry leader like Cybersixgill for threat intelligence into the Snowflake Data Marketplace allows our customers to access an incredibly comprehensive collection of deep, dark and clear web data about relevant threat actors, their targets and techniques.
"Performance Architecture Snowflake means customers can apply these IOCs [indicators of compromise regarding potential intrusions] and TTPs [tactics, techniques and procedures] to their own petabyte-scale security data," he said. "With this critical intelligence, companies can identify attacks earlier and respond to incidents faster – multiplying the benefits that the data lake of security brings to your cyber defense.”
The Cybersixgill solutions, many of which are free to Snowflake customers, provide real-time intelligence in addition to crucial insight into the nature and source of each threat. According to the company, analysts can leverage the best-in-market data collection of millions of intelligence items and thousands of IOCs from the deep, dark and clear web, including historical data going as far back as 30 years ago, deleted posts, invite-only messaging groups and millions of threat actors.
“A significant challenge with threat intelligence is the ability to analyze and act on the vast amount of data it generates. Additionally, traditional storage methods prevent companies from having long-term access to that data for a historical look-back at past compromises, which is critical when assessing risk exposure and applying long-term attribution to Advanced Persistent Threats (APTs),” said Brad LaPorte, adviser with Lionfish Tech Advisors and a former Gartner analyst.
“The integration of Cybersixgill in the Snowflake data lake is an industry first – breaking down silos and making threat intelligence widely available to users across the enterprise for years to come," he said. "The synergy of this partnership will be essential for organizations as they rapidly adopt modern architectures such as Extended Detection and Response (XDR) powered by expansive data lakes. Research shows that over half of organizations plan to implement a data lake in the next year. Due to this, I recommend that every company using Snowflake should go to the Marketplace and get Cybersixgill right away.”
“The continual shift to the cloud and the increasing centralization of security for enterprise organizations has resulted in a tremendous amount of data that must be ingested and analyzed,” said Gabi Reish, chief business development and product officer for Cybersixgill.
“With the Snowflake Data Marketplace, organizations have the ability to now combine third-party data with their own to build security solutions and applications that enable informed and rapid detection and response. Being added to the Snowflake Data Marketplace is part of our strategy to deliver the most extensive collection of threat intelligence data to our customers, and enables users across the organization to consume threat intelligence in multiple ways.”
In the last three years, Cybersixgill has experienced accelerated growth, quadrupling its revenue and doubling its global footprint. The company uses automatic collection and extraction of threat intelligence sourced from social media, instant messaging and clear, deep and dark webs to provide the context needed for customers to implement preemptive security breach responses.
Following the onset of the war in Ukraine, which has involved cyberwarfare from both the attacking and defending nations, cybersecurity has become a hot-button topic in the hi-tech industry. With countries beginning to utilize the cyber arena more readily, the metaphorical bar has been raised for other parties to stage increasingly nefarious attacks.
Zachy Hennessy contributed to this report.