Snowflake is a fully managed data platform that enables users to store, process, and analyze large volumes of data across their cloud environments. Datadog has released an updated integration with Snowflake that converts many threat hunts into proactive detections, developed by Datadog's detection engineers and tested by the internal security team. The new OOTB (out-of-the-box) detections in Datadog Cloud SIEM enable users to improve security alerting around their Snowflake instance. These detections cover various aspects of Snowflake activity, including initial access, persistence, credential access, defense evasion, collection, exfiltration, and more. The updated integration ingests additional data tables from Snowflake, making it possible for Cloud SIEM to provide these OOTB threat detections. Datadog's security team has fine-tuned these detections for their environment, demonstrating how teams can modify the OOTB detections to make them actionable. The team uses various methods, such as cloning and modifying rule queries, severity, and runbooks, to adapt the detections to their needs. Additionally, signal correlation rules combine multiple types of detections into a new, more complex rule, improving fidelity without losing the value of lower-severity signals. Suppression rules can be used to filter out noisy signals, and workflows can be created to orchestrate and automate end-to-end processes in response to specific signals. The post provides guidance on how to get started with the updated Snowflake integration, including configuring log ingestion, reviewing and customizing detections, setting up alerts and notifications, monitoring, and refining the detections for optimal effectiveness.