SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
Flux result ee5ad0d5 3607 4258 9d99 6077b9989b34
#
Firewalls
#
Data Analytics
#
SIEM

Databricks launches Lakewatch to counter AI attacks

Tue, 24th Mar 2026
Author image
By Catherine Knowles, News Editor

Databricks has launched Lakewatch, a security information and event management product designed to address AI-driven cyber attacks.

The launch takes Databricks into the cyber security market with a platform that combines security, IT and business data in a single environment. Offered in private preview, Lakewatch is built around an open-format approach intended to help customers retain and analyse larger volumes of data than many existing SIEM platforms.

SIEM tools help security teams collect and analyse logs, alerts and other operational data to identify threats and investigate incidents. Databricks argues that many defenders are still constrained by siloed systems, manual processes and the cost of storing large volumes of telemetry, even as attackers use AI tools to scan for weaknesses and automate attacks.

Lakewatch is designed to work with structured and unstructured data, including audio and video, and to support long-term retention without requiring customers to move or duplicate information. The platform can also use AI agents to automate tasks such as detection, triage and threat hunting.

The product includes agent-based investigation tools built with Databricks' Agent Bricks software, along with automated triage through its Genie technology. Databricks is also introducing what it calls an open security lakehouse ecosystem, with integration partners including Akamai, Arctic Wolf, Cribl, Okta, Palo Alto Networks, Proofpoint, Wiz and Zscaler.

Market Push

The launch expands Databricks' ambitions beyond data analytics and AI infrastructure into an established security software segment long dominated by specialist vendors. It is positioning Lakewatch around the idea that organisations need to analyse a wider range of data sources in one place as threats become more automated.

Databricks argues that high ingestion costs often force security teams to discard large amounts of data, limiting visibility during investigations. Its pitch for Lakewatch centres on lower storage and processing costs, as well as open formats intended to reduce lock-in to a single vendor.

"Security teams can no longer rely on manual workflows to outpace AI-driven attacks," said Ali Ghodsi, Co-Founder and CEO, Databricks. "With Lakewatch, we are giving enterprises a new open data architecture and agentic capabilities to replace stagnating SIEM tools. Defenders must have even better visibility and speed than today's agent attackers."

Anthropic Tie-up

Alongside the launch, Databricks is expanding its work with Anthropic on what it describes as agentic security operations. Anthropic's Claude models are being used within Lakewatch to analyse signals across security, IT and business data and help identify threats.

Databricks also said Anthropic uses its platform for its own security lakehouse. The two companies already have a strategic partnership, and the security tie-up adds another layer to that relationship as AI model developers and infrastructure providers look for more commercial applications in cyber defence.

Acquisitions

Databricks is also acquiring Antimatter and SiftD.ai as part of the push. Antimatter was founded by security researchers from UC Berkeley and focuses on authentication and authorisation for AI agents. SiftD.ai was founded by the creator of Splunk's Search Processing Language and architects of Splunk's search stack.

The deals bring in teams with backgrounds in security engineering, search and threat analytics. Databricks said the acquisitions are intended to support its approach to open, agent-based SIEM systems.

Customer references for Lakewatch include Adobe and Dropbox. Adobe's security team said the growing volume of security data is driving demand for new tools that can process and interpret that information more quickly.

"As the volume of security data grows, organisations need new ways to analyse and act on that information quickly and at scale," said Karthik Venkatesan, Security Engineering Lead, Adobe. "Databricks provides the foundation needed to move from data-driven to AI-driven approaches for security operations, and Lakewatch is an important step toward bringing security intelligence closer to where data already lives."

Related stories
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding
Cyber insurance now common among North American SMBs
CIQ launches Linux compliance platform ahead of deadlines
Emerson & OPSWAT strike global reseller deal for OT patching

Top stories

Team Cymru launches Total Insights Feeds for threat data
FIRST conference highlights AI & CVE disclosure push
Protegrity launches AI Team Edition for secure inferencing
Autonomize launches healthcare AI platform version 3
CERN joins OpenSearch foundation as associate member