Databricks enters security market with Lakewatch, a new open and agentic AI SIEM

Databricks officially entered the cybersecurity industry on March 24, 2026, with the debut of Lakewatch. This new platform is an open, agentic Security Information and Event Management system designed to help enterprises defend against sophisticated AI-driven attacks. By unifying security and business data in a single governed environment, the platform allows for petabyte-scale threat detection and response.

Scaling Defense with Agentic Intelligence

The platform introduces autonomous capabilities through Agent Bricks, which allow security teams to deploy AI agents for automated triage and investigation. These agents operate at machine speed to counter modern attackers who use similar technology to scan for vulnerabilities. Because Lakewatch is built on an open lakehouse architecture, it enables organizations to analyze multi-modal data such as audio and video while reducing total costs by up to 80 percent. Databricks has significantly deepened its strategic partnership with Anthropic to power these new capabilities. Anthropic Claude models serve as the reasoning engine for Lakewatch, correlating complex signals across massive datasets to identify threats earlier. In a reciprocal arrangement, Anthropic now uses the Databricks lakehouse to secure its own internal model development environments.

Strategic Growth and Acquisitions

To accelerate the development of Lakewatch, Databricks announced the acquisitions of two specialized startups, Antimatter and SiftD.ai. Antimatter provides a provably secure framework for AI agents, while SiftD.ai brings architectural expertise from the original creators of Splunk's search technology. These integrations consolidate Databricks' position as a primary vendor in the security space rather than just an infrastructure provider. The new security offering is supported by a growing Open Security Lakehouse Ecosystem that includes industry leaders like Okta, Zscaler, and Wiz. Major enterprises including Adobe and Dropbox have already begun using the platform in private preview to streamline their operations. All data remains governed by Unity Catalog, ensuring that compliance with global mandates like NIS2 remains consistent and automated.