The Snowflake authentication setup is terrible.

MFA can’t be enabled org wide, each user has to manually log in and enable it. There’s no policy to block users without MFA. And it uses Duo MFA rather than your orgs MFA. (You can bring your own MFA with SAML).

Also all users log in via a Snowflake domain, so you can just pull creds from info stealer marketplaces or logs.

That’s why they’re being targeted as a platform.

· Edited · · Ivory for iOS · 4 · 45 · 97