Cloud infrastructure, security, and DevOps writing from Jake Berkowsky.https://zenzora.com/https://zenzora.com/2026/01/log-to-action/https://zenzora.com/2026/01/log-to-action/On-Demand Anomaly Analytics with Snowflake Cortex and Word2Vec A few weeks back, a customer came to me with an interesting problem. They, like many customers, had a massive amount...Mon, 05 Jan 2026 22:02:46 GMThttps://zenzora.com/2025/07/securing-remote-mcp-servers/https://zenzora.com/2025/07/securing-remote-mcp-servers/This week, I had the pleasure of speaking at FWD:Cloudsec about securing remote MCP servers. As I normally speak about security data analytics, it was a welcome break to research a...Wed, 02 Jul 2025 18:50:52 GMThttps://zenzora.com/2025/06/snowflake-agents-for-cybersecurity/https://zenzora.com/2025/06/snowflake-agents-for-cybersecurity/I often run a Capture The Flag (CTF) session for customers of Snowflake. I provide a dataset with access logs, vulnerability data, Jira tickets, and cloud audit logs. We work toget...Mon, 16 Jun 2025 19:54:49 GMThttps://zenzora.com/2025/04/building-a-threat-intelligence-agent-with-snowflake-and-streamlit/https://zenzora.com/2025/04/building-a-threat-intelligence-agent-with-snowflake-and-streamlit/Last week, Google announced Sec-Gemini , a large language model (LLM) specifically designed to tackle cybersecurity challenges. Among the highlights of their announcement was the i...Tue, 08 Apr 2025 20:01:46 GMThttps://zenzora.com/2025/04/small-coffee-social/https://zenzora.com/2025/04/small-coffee-social/A social network for bots Tldr ; I wrote a social network for bots view the current iteration here: https://smallcoffee.social Over the holidays I had a dream about a social networ...Wed, 02 Apr 2025 17:16:41 GMThttps://zenzora.com/2025/03/should-you-own-security-ingestion-pipelines/https://zenzora.com/2025/03/should-you-own-security-ingestion-pipelines/Tradeoffs in security data lakes The idea of using a security data lake to power your threat detection workloads is nothing new. Since the launch of Snowflake’s AI Data Cloud for C...Mon, 24 Mar 2025 18:46:21 GMThttps://zenzora.com/2025/02/snowflake-siem-integration-architectures/https://zenzora.com/2025/02/snowflake-siem-integration-architectures/For IT and Security teams tasked with monitoring Snowflake, integration with a SIEM or other centralized monitoring solution is critical. This article goes over which logs are typi...Tue, 18 Feb 2025 15:16:17 GMThttps://zenzora.com/2024/09/a-guide-to-reporting-on-developer-security-with-snyk-and-snowflake/https://zenzora.com/2024/09/a-guide-to-reporting-on-developer-security-with-snyk-and-snowflake/Everyone wants to shift left to stop vulnerabilities as early in the process as possible. This makes sense, a bug (security or otherwise) stopped before it’s even deployed is not o...Thu, 12 Sep 2024 14:01:44 GMThttps://zenzora.com/2024/08/implementing-schema-search-on-snowflake/https://zenzora.com/2024/08/implementing-schema-search-on-snowflake/How to search multiple log sources at once Security and observability data lakes have allowed customers to have access to more data than ever before and have given them the tools t...Tue, 13 Aug 2024 14:07:21 GMThttps://zenzora.com/2024/08/normalization-in-security-data-lakes/https://zenzora.com/2024/08/normalization-in-security-data-lakes/Early this summer I had the opportunity to present at my favorite conference, FWD:Cloudsec. I presented on the specific topic of data normalization for security data lakes. The con...Tue, 06 Aug 2024 16:17:48 GMThttps://zenzora.com/2024/02/security-analytics-with-wiz-and-snowflake/https://zenzora.com/2024/02/security-analytics-with-wiz-and-snowflake/If you’re looking for a high value, low effort way to boost your security program, analytics on cloud risk data is a fantastic contender. If you have Snowflake and you use Wiz then...Wed, 07 Feb 2024 12:00:00 GMThttps://zenzora.com/2024/01/security-data-lakes-normalization-and-ocsf/https://zenzora.com/2024/01/security-data-lakes-normalization-and-ocsf/As Snowflake’s Cybersecurity Field CTO, I get asked fairly frequently around my thoughts on the Open Cybersecurity Schema Framework (OCSF) and about normalization in general. The f...Thu, 04 Jan 2024 12:00:00 GMThttps://zenzora.com/2023/11/navigating-the-journey-from-spl-to-sql/https://zenzora.com/2023/11/navigating-the-journey-from-spl-to-sql/As the field of security data engineering continues to evolve, workloads that once lived in the siem are being migrated to or augmented with a security data lake. Often time this m...Mon, 27 Nov 2023 12:00:00 GMThttps://zenzora.com/2022/11/9-ways-to-give-access-to-an-internal-tool/https://zenzora.com/2022/11/9-ways-to-give-access-to-an-internal-tool/The following is a work of fiction. However all the solutions are real things I've attempted in my time as a Cloud Consultant. Image this, you're minding your own business when an...Fri, 25 Nov 2022 08:15:40 GMThttps://zenzora.com/2022/05/tips-for-managing-a-teams-stress/https://zenzora.com/2022/05/tips-for-managing-a-teams-stress/As a leader, it can be tempting to push your team to get the most out of them and to get results. People don't like like saying no and often just want to be helpful and give it the...Sun, 15 May 2022 03:40:06 GMThttps://zenzora.com/2022/04/a-response-to-thinking-about-the-future-of-infosec/https://zenzora.com/2022/04/a-response-to-thinking-about-the-future-of-infosec/I recently read an article by Daniel Miessler about his predictions for the future of cybersecurity. He talks about changes to organizations, the market and the day to day of cybersecurity professionals. I decided to write down some of my thoughts in response.Tue, 12 Apr 2022 02:55:44 GMThttps://zenzora.com/2022/04/wordpress-on-aws-begrudgingly/https://zenzora.com/2022/04/wordpress-on-aws-begrudgingly/Don't do it, but if you must then read this firstFri, 01 Apr 2022 20:02:25 GMThttps://zenzora.com/2022/03/helping-engineers-make-better-estimates/https://zenzora.com/2022/03/helping-engineers-make-better-estimates/One insight that I've found pretty ubiquitous in my career is that engineers hate being made to provide estimates on things. Still, in my role selling consulting engagements and pr...Mon, 28 Mar 2022 22:25:57 GMThttps://zenzora.com/2022/01/setting-up-github-actions-with-aws-using-cloudformation/https://zenzora.com/2022/01/setting-up-github-actions-with-aws-using-cloudformation/I recently helped a client migrate their Devops Pipelines to Github Actions. One of the nice features about GH is that its relatively easy to setup and use an identity provider tha...Wed, 26 Jan 2022 02:21:50 GMThttps://zenzora.com/2021/03/critiquing-cloud-lockin/https://zenzora.com/2021/03/critiquing-cloud-lockin/I hear a lot of talk about cloud lockin. I hear it from people with self funded startups, authors on tech blogs and developers. The argument I hear most is that if you start using...Sat, 06 Mar 2021 05:23:17 GMThttps://zenzora.com/2020/11/brute-force-squad/https://zenzora.com/2020/11/brute-force-squad/I got this picture in my family chat recently with a the question "is this correct?" The short answer is "kinda". The long answer is this blog post :) What is Brute Forcing Put sim...Mon, 02 Nov 2020 21:11:33 GMThttps://zenzora.com/2020/08/network-security-concepts-in-school-safety-plans/https://zenzora.com/2020/08/network-security-concepts-in-school-safety-plans/As summer nears its end, there's a lot of discussion about how and when to reopen schools and universities. As a security professional, I can't help but see the parallels between p...Tue, 18 Aug 2020 19:28:05 GMThttps://zenzora.com/2020/07/security-nonblockers/https://zenzora.com/2020/07/security-nonblockers/A few months ago during a conversation at a secops event, the topic of granting exceptions came up. One of the attendees was shared his dismay. "Management is always steamrolling m...Fri, 31 Jul 2020 19:53:46 GMThttps://zenzora.com/2020/07/sigred-a-new-critical-vulnerability/https://zenzora.com/2020/07/sigred-a-new-critical-vulnerability/Last Tuesday, as they do every second Tuesday, Microsoft released its monthly patch updates. One in particular (CVE-2020-1350) has been drawing a lot of attention. The vulnerabilit...Tue, 21 Jul 2020 21:55:15 GMThttps://zenzora.com/2020/07/thiefquest-the-new-macos-ransomware-thats-more-than-it-seems/https://zenzora.com/2020/07/thiefquest-the-new-macos-ransomware-thats-more-than-it-seems/Last week a new macOS malware threat was discovered. Mac ransomware, while not unheard of, is still interesting enough to be of interest to security researchers. So, when Dinesh De...Fri, 10 Jul 2020 01:40:40 GMThttps://zenzora.com/2020/06/contact-tracing/https://zenzora.com/2020/06/contact-tracing/This past year, as the Covid-19 virus began to spread so did the efforts to digitize the contact tracing process. As fast as the virus grew, so did the number of technical efforts...Mon, 22 Jun 2020 19:31:47 GMThttps://zenzora.com/2020/06/cleaning-up-users-in-1password/https://zenzora.com/2020/06/cleaning-up-users-in-1password/Recently I was helping a company audit their 1password account. Thought I'd share some useful snippets using jq and the 1password CLI tool . This command suspends users who haven't...Wed, 10 Jun 2020 18:48:46 GMThttps://zenzora.com/2020/05/shifting-left-with-vulnerability-management/https://zenzora.com/2020/05/shifting-left-with-vulnerability-management/Recently a friend of mine told me his company, in an effort to improve security, was launching a bug bounty program. I’m a huge fan of bug bounty programs, hiring professionals to...Sun, 31 May 2020 22:04:35 GMThttps://zenzora.com/2020/05/maturity-in-devops/https://zenzora.com/2020/05/maturity-in-devops/As a consultant, I tend to work with a variety of clients and teams all across the product maturity spectrum. Some are just starting; maybe they have an MVP, maybe they are still b...Sun, 31 May 2020 22:01:26 GMThttps://zenzora.com/2020/05/trying-pritunl-zero/https://zenzora.com/2020/05/trying-pritunl-zero/Pritunl is an open source OpenVPN and IPSec solution that comes with a somewhat popular VPN client. Pritunl Zero fills in a few more gaps by providing zero trust access to SSH and...Sun, 31 May 2020 21:59:38 GMT