TL;DR
Supported data types | 3rd party detection | Hunters detection | IOC search | Search | Table name | Log format | Collection method |
|---|---|---|---|---|---|---|---|
Obsidian Alerts | ✅ | obsidian_alerts | Snowflake share |
Overview
Obsidian Security is a cybersecurity company specializing in SaaS security and threat prevention. It helps organizations monitor, detect, and respond to threats in cloud applications like Microsoft 365, Google Workspace, and Salesforce. By analyzing user behavior, permissions, and configurations, Obsidian provides real-time threat detection, compliance enforcement, and security posture management. Its identity-centric approach helps prevent account takeovers, insider threats, and data breaches in SaaS environments.
Supported data types
Obsidian Alerts
Table name: obsidian_alerts
Obsidian Alerts are security notifications generated by Obsidian Security’s SaaS threat detection platform. These alerts help IT and security teams identify suspicious user activity, misconfigurations, and potential breaches in cloud applications like Microsoft 365, Google Workspace, and Salesforce. Obsidian uses behavioral analytics and machine learning to detect anomalies, such as unusual login locations, privilege escalations, or excessive data access. With real-time alerts, organizations can respond quickly to insider threats, account takeovers, and compliance risks, improving overall SaaS security.
Send data to Hunters
The Obsidian data is shared with third-party companies like Hunters via a Snowflake share. To enable it, please connect Obsidian support and connect the Obsidian data to the Hunters' associated Snowflake account. Then, open a support case to Hunters to complete the integration setup, providing the following details:
Snowflake Database name (for example
OBSIDIAN)Table name (for example
ALERTS)
Please make sure to provide the Hunters' associated Snowflake role with the query permissions on this table.