Cyera + Snowflake: Govern every agent, secure every dataset, move at the speed of AI

Snowflake is where business-critical enterprise data lives: customer records, application metrics, financial transactions, clinical data, regulated fields of every kind, and increasingly, where AI agents are being built to query it, which changes the calculus.

That scale and speed is exactly what makes Cortex AI so powerful, and it's also what makes the right security foundation so important. When a human analyst queries a sensitive table, there is intent, context, and accountability. AI agents operate differently: at higher volume, without the same guardrails, and in ways that aren't always visible to the teams responsible for the data. They can end up with more access than anyone meant to give them and by the time someone notices, the exposure or damage is already done.

Cyera has already answered the hardest part of this problem: what sensitive data lives in Snowflake. We've discovered and classified over one trillion sensitive records at 95% precision, giving security and data teams a foundation they can actually act on. The next step is to govern both the humans and the agents that access and use your sensitive and proprietary data within Snowflake.

This is why we're expanding our partnership with Snowflake through three new integrated capabilities:

1. One-click remediation of risky access through Snowflake Access Governance (Generally Available). Cyera connects column-level data discovery directly to enforcement in Snowflake, so security teams can apply native tag-based dynamic masking and enforce least-privilege access, without disrupting pipelines or downstream queries.
2. Full discovery and visibility into Cortex AI agents (Available in Private Preview in July). Cyera AI Guardian extends its agent security capabilities to Snowflake Cortex AI, automatically inventorying every Cortex service, classifying the sensitive data each agent touches, and mapping every Snowflake identity with access.
3. Natural-language risk analysis in Snowflake Cortex Analyst (Generally Available). Joint customers can query Cyera in plain language directly through Cortex Analyst to surface data risks, exposure, and compliance posture across their data estate, and generate executive reports on demand. No SQL, MCP server, or prompt engineering required.

Snowflake Access Governance: Dynamically mask sensitive data with one click

Knowing where sensitive data lives is table stakes. Acting on it, quickly, precisely, and without disrupting the business, is where most teams get stuck. Cyera connects column-level data discovery directly to enforcement in Snowflake. When a sensitive column is flagged, you don't open a ticket, reassign a task, or rewrite a query. You fix it in one click.

Here's what that looks like in practice. Say Cyera surfaces an over-exposed column containing credit card numbers in plain text:

‍

Most risk doesn't live across entire tables. It lives in specific fields. Cyera continuously scans your Snowflake environment and identifies over-exposed columns at the precision level that matters, so you can apply tags only where needed and enforce masking policies consistently across all similar columns, without locking down data that the business relies on.

That tag connects directly to a dynamic masking policy in Snowflake. Authorized users continue seeing full data. Unauthorized users, including AI agents that inherited access they were never meant to have, see masked values. No schema changes. No query rewrites. No disruption.

Protection scales across thousands of columns from a single centralized policy. Risk is reduced in minutes, not months. And as your data environment grows, the coverage grows with it.

Extend AI Security Posture Management to Snowflake Cortex AI

Enforcing protection at the column level addresses exposure in your data layer. But what about the agents being built on top of it?

Data and analytics teams are building and deploying Cortex agents and search services across the enterprise, often without security review. Each search service indexes columns from source tables: PII, financial records, third-party licensed data. Agents inherit broad roles or are granted public access. And unlike a human analyst making a deliberate request, an agent can query sensitive data, reason over it, and take action, sending emails, calling external APIs, triggering procedures, thousands of times before anyone notices.

Cyera’s AI Security Posture Management capability makes the full picture visible. It automatically discovers every Cortex agent across every Snowflake account in your fleet: who built it, who can invoke it, what data it is connected to, and how actively it is being used. That inventory is where understanding your real AI attack surface starts.

Take the example of an HCP Insight Agent, built within Cortex AI and discovered by Cyera AI Guardian:

Cyera doesn't stop at the agent layer. It joins each search service's indexed columns directly to existing DSPM findings, surfacing which sensitive data classes are reachable through each AI surface without a separate classification pass: PII, financial records, regulated health information, third-party licensed data.

From there, Cyera assesses access exposure and surfaces prioritized risk findings with evidence and remediation steps, covering:

• Prompt injection exfiltration paths via outbound tools like email and external APIs
• Row-level security bypass on Cortex search services
• Third-party data license violations (e.g., IQVIA, Veeva) exposed through AI surfaces
• Regulatory exposure in unstructured fields across healthcare, financial services, and pharma

The Cyera Agent Graph maps how the HCP Insight Agent reaches, moves, and exposes sensitive data across your environment:

‍

In the image above, you can see that this Cortex AI agent has been flagged as Critical and was designed to surface commercial performance data for healthcare provider interactions. The Agent Graph instantly reveals its full anatomy: two Cortex Search knowledge bases (SPECIALTY_RX_SEARCH and FIELD_ACTIVITY_SEARCH) and capabilities to send QBR briefing emails and query Commercial KPIs, with access to Confidential and Restricted Snowflake databases. In seconds, you can see exactly what this agent knows, what it's authorized to do, and what sensitive data sits within its reach, and judge whether that access matches its intended purpose.

The shift this enables is significant. Security teams stop asking what AI is running and start asking what to fix first. As new agents and search services are created, Cyera surfaces them automatically, classified, risk-assessed, and mapped against your broader data sensitivity posture.

Cyera Dataport via Cortex Analyst: Ask Your Security Posture Anything

Cyera’s actionable data intelligence can now be queryable in plain language in Snowflake Intelligence through Cortex Analyst by anyone on the data or security team. No exports. No SQL. No tickets to the security team.

Data teams can now answer security questions they used to depend on others to answer. Take IAM risk as an example. Instead of waiting on a manual access review, you can ask Cortex Analyst directly and get a structured, evidence-backed analysis in seconds:

Ask it anything relevant to your workflow:

• Which tables or columns have open access that shouldn't, and which AI agents can reach them
• Audit-ready reports mapped to GDPR, HIPAA, or PCI DSS, generated without a data pull or a SQL query
• A current read on your data security posture before a board meeting, regulatory review, or AI project launch

The result is that data teams no longer have to pause an AI project to chase down a security signoff. The answers are already in Snowflake, in the same place the work is happening.

Securing data and AI on Snowflake

Most security controls were built for humans making deliberate requests. AI agents don't work that way. They query sensitive data, reason over it, and take action: sending emails, calling APIs, triggering workflows, thousands of times, automatically, across every account in your fleet.

By the time exposure shows up in an audit or a breach notification, the agent has already moved on.

The three integrations Cyera and Snowflake announced today address this at every layer. Snowflake Access Governance closes off the data before agents can reach it. AI Guardian surfaces every agent, maps what it can touch, and flags the moment something looks wrong. Cyera Dataport querying via Cortex Analyst puts the intelligence to answer any security question directly in the hands of the people doing the work, without a ticket, an export, or a SQL query.

Together, they give Snowflake customers a way to move as fast as AI demands, with visibility and control that keeps pace.

• To see how Cyera and Snowflake work together in practice, book a personalized demo today or learn more here.
• Visit Cyera at Booths #2509 & #1205 at Snowflake Summit

‍