A real-world security incident where a Snowflake service account was targeted by repeated authentication attempts, but the attack was prevented by migrating from password-based authentication to RSA key-pair authentication combined with Network Security Policies (NSP). The post details the incident response, including SQL commands to lock and disable compromised accounts, step-by-step instructions for setting up key-pair authentication with encrypted private keys, and best practices for secure credential sharing with vendors. It also compares five different approaches to securing service accounts, from basic key-pair auth to advanced solutions like OAuth integration and Private Link.
Sort: