❄️ Latest: Snowflake customers — Learn how to connect Snowflake everything! ❄️

Build Trust across your Data Clouds

Ockam enables Snowflake customers to establish zero-trust connections between any application, anywhere, and their Snowflake Data Cloud

Get startedContact us

Remove public API endpoints

Your data is business critical. Business critical data should not be accessible through a Public API that’s available to the entire internet. Ockam replaces the Snowflake API public endpoint with a private connection between your remote applications and your Data Cloud.

Easier than PrivateLink

Business critical connections are trivially easy to establish with Ockam - particularly when compared to a Private Link. Simply, install an Ockam Node next to your remote application, and go to the Snowflake Marketplace to add Ockam’s Native App to your Snowflake environment.

Secure-by-design that's simple

All of your remote applications will use unique keys to mutually authenticate with, and create secure channels to your Snowflake Data Cloud. Data-in-motion is always end-to-end encrypted. Keys, enrollments, and credentials are safely created, stored, rotated, and revoked automagically so there's almost nothing to manage.

No more shipping secrets

Whether it's reading a credential or secret value from a central source, or transmitting a secret key to another app, every time a secret value is transmitted over the wire is another opportunity for it to leak. Ockam's approach to secret management means each secret key never needs to leave the place where it was generated. By removing the need to transmit secrets the risk of an attacker intercepting a secret in transit is also removed.

Automated & regular key-rotation

Everyone hopes they never have a data breach, but to minimize the impact incase the worst happens Ockam apps automatically and regularly rotate their encryption keys. If a secret key is ever leaked the data at risk is reduced to the amount sent in the small window of that secret key was active. Don't put your historical and future data at risk because rotating secret keys is difficult — it's built-in from the start.

Data authenticity & integrity

The approach to mutual authentication of every app that Ockam provides results in strong data governance guarantees around the authenticity and integrity of the messages moving through your system.

Trust your security team can depend on

Ockam's approach uses existing and well established open source technologies and frameworks. We build trust through transparency so your CISO can be confident everything meets their requirements. The cryptographic and messaging protocols are publicly documented and the implementations are open source and available on GitHub.

We've published an independent third-party audit by the security research firm Trail of Bits, we've passed the security reviews of our major partners, and we're SOC2 compliant.

The current status of our latest audits and compliance controls are also available.

It’s time to start building...

Sync Snowflake to PostgresSync Postgres to SnowflakeQuery federated data in remote PostgresPush from Snowflake to KafkaPull from Kafka to SnowflakeMount Snowflake Stages as a WebDAV filesystemExpose Snowflake Stages as a private SFTP serverQuery a private API from Snowflake using SQL

Or, ask our team a question

We'll get back to you within one business day