Data lake configuration
Your data lake is the heart of the Hunters SOC Platform, where all your security data resides. The Hunters ingestion engine connects to your security tools, extracts your data and loads it into the data lake.
Then, different parts of the Hunters SOC Platform access this data for further processing and analysis, such as the Hunters detection engine, automatic investigation engine, dashboards, notebooks and more.
Hunters offers 2 data lake solutions you can choose from:
Use Hunters Snowflake data lake - if your organization does not have an internal data lake solution in use, or if it does but would like to offload the management overhead, it can opt for using a Hunters Hosted Security Data Lake. With this deployment type, all of the data will be ingested into an instance of Hunters Security Data Lake, which is completely maintained and operated by Hunters. This allows the organization to use the benefits of having a Security Data Lake without spending time and resources on managing it.
Bring your own data lake - organizations that already utilize a Snowflake data lake as part of their business operations can use this fact to their advantage and connect Hunters directly to their own data lake instance. This has a few benefits such as owning the entire infrastructure of the Security Data Lake as well as owning and controlling the data (e.g., retention periods, access control etc.).
Bring your own data lake
Hunters supports the ingestion of logs and data into a Snowflake data lake. Before connecting data sources to stream data, you'll need to set up your Snowflake data lake to store the data.
📘In this section