Satori selected as a representative vendor in the Gartner Market Guide for Data Security Platforms 🥳

Back to Blog

Access Control,

Snowflake

Writing The Snowflake Security Book

By Yoav Cohen
|CTO and Co-Founder
By Ben Herzberg
|Chief Scientist
January 6, 2022
For the last few years, we at Satori have been a bit obsessed with Snowflake. But hey, you can’t blame us because we’re not the only ones. Snowflake is a platform that delivers on its promise of providing a single data cloud platform to advance business needs—a very appealing promise indeed. It is a data cloud that is easy to get started with and removes a lot of the operational hassle involved in running big data operations.   Satori further enhances users’ Snowflake experience by enabling customers to have a secure, private, and well-governed Snowflake experience, without changing anything tangible on the experiential level, and with quick implementation and maintenance. This way, users can streamline access to sensitive data they store in Snowflake and implement effective security policies on top of their Snowflake.   Importantly, while we were working on our product and on understanding the needs of Snowflake users, we realized that there is a gap in users’ general knowledge. Snowflake users are primarily data engineers who have a great understanding of data operations but not necessarily a great amount of security expertise. On the other hand, security teams which use Snowflake have the security knowledge but not the Snowflake-specific practical knowledge. At first, we attempted to start to bridge that knowledge gap by writing a Snowflake security guide, which was then enriched by additional guides to specific topics like row-level security, roles management, dynamic masking, and more. But we felt that this was not truly enough.   Part of the DataSecOps mindset that is central to our values is that data and security engineers should work closely together in collaboration. Our team searched for a practical book to fill this knowledge gap: both to help data engineers better understand how to secure their Snowflake platforms and to help security engineers better understand practical security functions in Snowflake (hint: there are quite a bit of security mechanisms they can employ).   Since we did not find such a book, we decided to write it. The decision to write a book was not easy;  building Satori is already an intensive process, and writing a fully-fledged book alongside our work was a crazy idea. But sometimes you have to be a bit crazy and go that extra mile to make a difference. Writing the book itself became a black hole sucking in our free time, and the endeavor took the support of our beloved families and the entire Satori team.

 

Writing the Actual Book

Starting with an Abstract

Our book writing process began with an abstract. We initially had our basic idea and goal: writing a book to help data and security professionals gain an understanding of Snowflake’s various security capabilities. We wanted this book to be practical but to also explain the concepts and assist in prioritizing security tasks. We wanted the book to be a tool for end-to-end understanding of the topic but also a guide you can refer to while performing a specific task.

 

Continuing with an Outline

Once we understood our writing goal, we broke this task down into a comprehensive outline that would help us understand the different book components or chapters. Once we divided the project into smaller components, we broke it down further. For example, we knew that one of the main challenges in securing your platform is properly setting up authentication in a way that fits your business needs and security requirements. Still, as a large and daunting task, we broke this step down into the different types of authentication available in Snowflake and added technical instructions as well as security recommendations.

 

Publishing a Book

Deciding on the best way to publish the book was conflicting. On one hand, publishing independently would give us executive control over the entire process. On the other hand, we thought that working with an expert publisher would help us deliver the best result and, more importantly, reach a wider audience. Given that we were investing a lot of effort into this project, we wanted the book to be used by as many people as possible so they could benefit from this shared knowledge. We decided on the latter option.   We pitched the book to APress, and after a smooth process, we had our book contract complete with deadlines and a process for delivering the book in an agile manner. To get the book ready for publication, it was time to get some help from our friends.  

A Little Help From Our Friends

With the help of Susan McDermott from APress, we set up an editorial team. It was especially important for us to have technical editors who are mindful, detail-oriented, and have vast experience with the Snowflake platform itself. We suggested that the Snowflake experts from Leading Edge IT, one of Snowflake's largest integration partners, Chris Tabb, Chris Edge, and Ian Chotakoo join our editorial team. They took this challenge on with passion and were a complete blessing for the book. We even had a lot of fun in our editorial meetings.   In addition, we wanted someone to add the “big picture” aspect of the topic and tie the practical book to broader ideas and trends in the data governance and engineering worlds. We wanted someone who could zoom out and explain where this piece, our book, fits into the larger puzzle. We asked Anita Lynch, New Relic’s CDO, who has vast experience in data and specifically with Snowflake to join our project. We were really happy that she participated and wrote the foreword for our book.   Last but not least, we received some great insights and help from many people within Snowflake, including Vikas Jain, Omer Singer, Kent Graziano, Seth Youssef, Jonathan Sander, David "BigDataDave" Spezia, Felipe Hoffa, and several others. They discussed new features and several capabilities with us which allowed us to focus our efforts and ensure we stayed on track. In addition, the Snowflake team was patient and fun to work with, so our collaboration was all the more enjoyable.

 

Writing the Book

Having a good plan is important, but stellar execution is paramount. We began working and writing. Throughout the process, we held internal syncs between our Satori team as well as external syncs with the editorial staff. Every once in a while, we also shared our latest drafts with our friends at Snowflake and held a few progress update meetings with them. Eventually, after a lot of writing, re-writing, and a couple of unplanned items added to the book content, we had our final draft.

 

Wrapping It Up

Well, physically, there is a large machine somewhere that actually wraps up the book copies and binds them. But this paragraph wraps up the story of writing “Snowflake Security: Securing Your Snowflake Data Cloud”. To any professionals debating whether to make this book writing effort or not, our advice is to make sure you are okay with sacrificing a lot of time without any immediate rewards. Writing a book is a large project, but, eventually, we hope that the book can help people simplify their lives and, in our case, make data more secure. Plus, now our moms can brag,  “My son... you know he’s an author.”

 

Getting The Book

For more information and updates about the book visit the book’s website. You can also purchase our book on APress, O’reilly Library, Target, Amazon (as a physical copy or the Kindle version), as well as other book shops.
Learn More About Satori
in a Live Demo
Book A Demo
About the author
Yoav Cohen
|CTO and Co-Founder

Yoav Cohen is the Co-Founder and Chief Technology Officer of Satori Cyber. At Satori, Yoav is building the company’s technology vision and leading the research and engineering teams that build the Secure Data Access Cloud. Prior to founding Satori Cyber, Yoav was the Senior Vice President of Product Development for Imperva, which he joined as part of the acquisition of Incapsula, a Cloud-based web applications security and acceleration company, where he was the Vice President of Engineering. Before joining Incapsula, Yoav held several technology leadership positions at SAP.

When he isn’t glued to his laptop or on a whiteboard, Yoav can be found traveling with his wife and four kids in an RV, playing electric guitar or doing laps at the pool. He is still dreaming about building his own Operating System.

Yoav holds an M.Sc in Computer Science from Tel-Aviv University and a B.Sc in Computer Science and Biology from Tel-Aviv University.

Ben Herzberg
|Chief Scientist

Ben is an experienced tech leader and book author with a background in endpoint security, analytics, and application & data security. Ben filled roles such as the CTO of Cynet, and Director of Threat Research at Imperva. Ben is the Chief Scientist for Satori, the DataSecOps platform.

Back to Blog

Related articles

Access Control
HIPAA Compliance Through Data Access Control
Satori enables data teams to use HIPAA training as data access control through continuous data...
By Guy Raz
March 27, 2024
Satori
Satori is proud to be a part of the Snowflake Horizon Partner Ecosystem
Satori and Snowflake have teamed up to extend the data governance capabilities of Snowflake Horizon.
By Ben Herzberg By Ravi Kumar
January 31, 2024
Access Control
Secure Data Access for Databricks with Satori
Satori's integration with Databricks provides users with data access controls and all the useful and...
By Ty Alevizos
December 20, 2023