Cloud Security

Unlock Real-Time Data Security with Snowflake Openflow and Proofpoint DSPM

Share with your network!

The Snowflake cloud-based data platform has transformed how organizations manage big data workloads in the AI era. Snowflake helps businesses collect, store and analyze vast amounts of data more cost effectively. But its flexibility and scale also bring challenges for managing data movement and classification. 

Proofpoint Data Security Posture Management (DSPM) maximizes the value of your Snowflake investment. DSPM addresses problems such as rapid data growth and complexity of data classification. It provides continuous, rapid discovery, accurate classification and full visibility of your Snowflake data at scale. 

Today, we’re proud to announce our integration of Proofpoint DSPM with Snowflake Openflow. Using Openflow, organizations can integrate their enterprise data ecosystems with AI models, apps and data agents directly in Snowflake, and Proofpoint is the first security vendor to be chosen as an Openflow partner.  

“AI has drastically increased the volume and velocity of data, making it even more imperative for enterprises to maintain full control and governance over their most valuable asset. Snowflake Openflow ensures that fully interoperable data movement is not only possible, but can be secure at the same time,” said Amer Deeba, Group Vice President of Proofpoint’s DSPM group. “Proofpoint DSPM enables customers to classify sensitive data inline within Openflow and apply Snowflake tags to it, unlocking a more complete, centralized data landscape so they can innovate confidently and securely.” 

Customers can embed our classification engine directly into their Snowflake data pipelines, automatically tagging sensitive data the moment it’s ingested. This integration not only improves Cortex Search—making classification metadata instantly searchable—but also delivers unparalleled visibility into your data estate. It does this without complex deployments or workflows, streamlining secure adoption of retrieval augmented generation (RAG) applications that use large language models (LLMs).  

Snowflake Openflow: Security at pipeline speed 

Snowflake Openflow is a fully managed, low-code data integration service built on Apache NiFi. Deployed within your Snowflake account, it offers an open and extensible platform to ingest, transform and route both structured and unstructured data—batch or streaming—across any source and destination. With built-in processors, connectors and enterprise-grade security, Openflow turns complex extract, transform, load (ETL) and AI-driven workflows into simple, scalable data pipelines. 

Proofpoint DSPM: Embedding classification in your data flow 

Proofpoint DSPM brings high-performance, in-pipeline classification directly into Openflow. Supporting over 120 classifiers—covering personally identifiable information (PII), payment card industry (PCI) data, protected health information (PHI), credentials and custom patterns—DSPM enables: 

  • Real-time tagging. Records are labeled the moment they enter your data flow, making sensitive content immediately visible. 
  • Continuous classification updates. Classification occurs during all data ingestion, ensuring sensitive content is flagged immediately within your pipelines. 
  • Native schema integration. Classification metadata writes back into your Snowflake tables. This powers Cortex Search and downstream tools with rich context. 

Running within Openflow, DSPM minimizes data egress. It elastically scales with your compute and accelerates security response without disrupting analytics operations. 

Why this matters for your business 

DSPM integration with Snowflake Openflow bring several key benefits: 

  • Eliminate risk in real time. DSPM classifies data the moment it’s ingested via the connector. This mitigates data exposure windows for AI pipelines, preventing sensitive records from slipping through. 
  • Accelerate incident response. Search‑ready classification tags enable SecOps and data teams to pinpoint and remediate sensitive events in minutes, not hours. 
  • Seamlessly scale security. The DSPM engine runs natively within your Snowflake compute footprint, automatically scaling with your workloads. There is no manual tuning required. 
  • Simplify compliance and reporting. Continuous, audit‑ready metadata streamlines evidence collection for the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Health Insurance Portability and Accountability Act (HIPAA), and Payment Card Industry Data Security Standard (PCI‑DSS). This reduces your compliance effort by as much as 50%. 

How to use: A customer-hosted container example 

First, sign in to the Proofpoint portal and copy your unique API key, which authorizes access to the DSPM Docker image. Use that key to pull the official Proofpoint DSPM container, then publish the image to Snowpark Container Services. In Snowflake’s Openflow canvas, add the Proofpoint DSPM template that references the Snowpark image URL and specify which objects and fields require classification. When you enable the connector, data that flows through the connector will now be automatically classified and written back into the defined Snowflake table that can be indexed in Cortex Search or surfaced in your other tools. 

Learn more 

  • To learn more about Snowflake Openflow, read the press release
  • For help using Openflow, see the official documentation
  • For more information on Proofpoint DSPM, join our upcoming webinar, “Bridging the Data Security Gap with DSPM.” Click here to register.