AWS re:Invent 2025 - Agentic AI Meets Cybersecurity: eSentire’s Atlas AI Powered by Snowflake & AWS

AWS re:Invent 2025 - Agentic AI Meets Cybersecurity: eSentire's Atlas AI Powered by Snowflake & AWS

Snowflake's AI Capabilities and Integration with AWS

• Snowflake has evolved beyond just being an enterprise data warehouse, now supporting data lakehouse, data mesh, and advanced ML/AI capabilities.
• Snowflake has been deployed on AWS since its inception and integrates natively with dozens of AWS AI services like Amazon SageMaker, AWS Glue, and AWS Kinesis.
• Snowflake's AI functionality is branded as "Cortex" and includes capabilities for:
  • Batch processing of unstructured data using large language models (LLMs) and document processing
  • Building "agentic systems" centered around enterprise data using Cortex Search and Cortex Analyst
• Customers can embed Cortex agents within their applications to orchestrate AI services across Snowflake and AWS.

eSentire's Agentic AI Cybersecurity Platform

• eSentire is a managed detection and response (MDR) provider with over 2,000 customers, solving the challenge of providing enterprise-grade security for non-Fortune 500 companies.
• Prior to Snowflake, eSentire struggled with siloed data from various security telemetry sources, making it difficult to process and analyze.
• By ingesting 20TB of data per day into Snowflake, eSentire was able to normalize and unify their data, enabling the development of advanced agentic AI systems.

eSentire's Agentic AI Security Investigations

• eSentire's agentic AI system automatically performs up to 30 different tool calls during a security investigation, far exceeding what a human analyst could do in the same timeframe.
• The agentic system iterates through evidence collection and hypothesis refinement to reach a high confidence determination of whether an incident is a true positive or false positive.
• Internal studies show the agentic system aligns with the decisions of eSentire's senior human analysts 95% of the time.

Business Impact and New Licensing Models

• The agentic AI system allows eSentire to deliver much more comprehensive security investigations and outcomes to customers, beyond just reducing human effort.
• eSentire has leveraged the agentic AI capabilities and data residency features of Snowflake to license their platform to service providers in new international markets like India and Saudi Arabia.
• eSentire has also started using Snowflake Intelligence to enable their internal business teams to self-serve analytics on data sources like Salesforce, ServiceNow, and Gong.

Key Takeaways

• Snowflake provides a robust AI/ML platform that integrates deeply with AWS services, enabling advanced agentic AI applications.
• eSentire leveraged Snowflake to unify their security data and build a highly capable agentic AI system for security investigations.
• The agentic AI system delivers much more comprehensive and accurate security outcomes compared to human analysts alone.
• Snowflake's data residency and platform capabilities have enabled eSentire to expand their business model and licensing to new international markets.
• Snowflake Intelligence has empowered eSentire's internal business teams to self-serve analytics on critical data sources.