A comprehensive deep dive into Snowflake Container Services — security architecture, compute isolation, ingress/egress controls, PAT authentication, CORS, private connectivity, and tunneling approaches (SSH, WebSocket, Tailscale, ngrok) to connect SPCS to your own infrastructure.
A proof-of-concept that layers authentication, encryption, and multi-agent coordination onto MCP — with four security tiers from API keys to enterprise OAuth2 with audit trails.
Four sample methods for managing encryption keys in Snowflake — from session variables to cloud KMS to HYOK key wrapping — ensuring sensitive data is protected with keys you control. Postgres pgcrypto compatible.
How to send security alerts from Snowflake directly to your SIEM using native webhook notification integrations — with working examples for Splunk HEC and Microsoft Sentinel, plus a hybrid approach for dynamic OAuth tokens.
How to execute SQL across Snowflake accounts using the SQL API with OAuth — covering Client Credentials (Entra ID), Self-Signed JWT (GCP), PAT, and Key-Pair authentication with full architecture diagrams and code.
An open-source AI skill that teaches any coding agent to build threat detection pipelines, hunt anomalies, and automate incident response in Snowflake — with OWASP, MITRE ATT&CK, and NIST CSF built in.
A better-together reference architecture combining Splunk’s real-time detection with Snowflake’s cost-effective data lake — federated search via DB Connect, 70-80% cost optimization, and years of historical retention.
A defense-in-depth security architecture for AI agents and inference workloads — covering network isolation, identity propagation, authorization, data protection, and auditing under the EU AI Act, DORA, and NIS2.
The core challenge of AI agents: passing the human user’s identity through to Snowflake. This toolkit demonstrates JWT-to-PAT token exchange so agents execute as the actual user — with their roles, permissions, and full audit trail.
How to use Postgres 17 as a transparent encryption proxy so that data stored in Snowflake is always AES-256 encrypted at the column level — with your own key, under your own control.
How to decrypt PGP/GPG-encrypted files directly inside Snowflake using Python UDFs and the pgpy library — no external compute, no middleware, no key in transit.
Tokenize PII in Snowflake so that encrypted data still looks and behaves like real data — joinable, sortable, format-correct — all with your own AES-256 key, enforced through tag-based masking policies.