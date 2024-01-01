🔬 The solution

Using IP address data in Snowflake

This is when Oort discovered the cost-savings associated with using IPinfo’s data in Snowflake. They could easily connect their existing data sources with IP intelligence to give their team full visibility of the insights immediately. The fact that these IP data queries could be run easily and at a low cost in Snowflake added significant value. Using IPinfo’s data in Snowflake also meant there was no barrier between Oort’s data science team using the IP data. This is because Snowflake’s platform eliminated dependency on Oort’s engineering team to integrate IP address intelligence into their solution. This freed up Oort’s engineering team to work on other pieces of functionality while their data science team began aggregating the data, building new detections, and gathering the context they needed to understand what risks are associated with a given identity based on IP address data. Oort is now using IPinfo’s IP to Geolocation data to monitor suspicious logins and other security risks. With this data, they can identify the location of those logins to detect anomalies to provide more context before responding to incidents. Oort has also implemented the Privacy Detection dataset to help their users pinpoint VPN users. Now Oort’s customers can receive notifications of commercial VPN usage which provides enough context to enforce compliance with organizational policies.