IMHO it's fair to call out Snowflake's authentication isn't very good - it's the worst SaaS MFA solution I've seen as it has no top level, easy switch for org wide MFA enforcement.
Combined with putting all customers under *.snowflakecomputing.com sub domain is why their customers are getting owned - infostealers are just full of creds ready to go.
I gather Snowflake are discussing changes to fix, don't tell the fanboys (and yes, they're all dudes).
Kevin Beaumont /
npub176…fkwlw
2024-06-09 14:51:05
in reply to nevent1q…zpc8
Author Public Key
npub176rs4lx7gjqwepgg75psfpv7zjj3xz0lyj4n7rux93ftm390sars6fkwlwPublished at
2024-06-09 14:51:05Event JSON
{
"id": "36f5f84d92494274e96f3d6fe66ffb09187ca0d67fd7bd51a5ca4ef1476aa009",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1717944665,
"kind": 1,
"tags": [
[
"e",
"9a275cbfcfd143ed9976e165de8622907453e4d764b942b80394c5df2d346251",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/112587221630806838",
"activitypub"
]
],
"content": "IMHO it's fair to call out Snowflake's authentication isn't very good - it's the worst SaaS MFA solution I've seen as it has no top level, easy switch for org wide MFA enforcement.\n\nCombined with putting all customers under *.snowflakecomputing.com sub domain is why their customers are getting owned - infostealers are just full of creds ready to go.\n\nI gather Snowflake are discussing changes to fix, don't tell the fanboys (and yes, they're all dudes).",
"sig": "9e3eb8345bef18bb0b14afecd8c4d49aec2f7ac6248afbed3126cb57f6835190d492c08baecccba41eefa3b3357d5c94958e876c87f0600c48a24695df1f498e"
}