Databricks Unleashes Lakewatch: A New Era of Open, Agentic Cybersecurity
March 25, 2026, 3:54 am
Databricks unveils Lakewatch, an open, agentic SIEM designed for advanced cybersecurity. It unifies all security, IT, and business data into one governed environment. Lakewatch enables petabyte-scale threat detection and rapid investigations. AI agents automate defense, confronting sophisticated machine-speed attacks effectively. This groundbreaking solution dramatically lowers costs and ends vendor lock-in for organizations. Its innovative pricing model charges for work performed, not data stored, fostering comprehensive data ingestion. Lakewatch integrates cutting-edge AI, leveraging Anthropic models and recent strategic acquisitions. It redefines enterprise security operations, challenging established SIEM market leaders and bolstering Databricks' valuation ahead of a potential IPO. This next-gen platform offers unparalleled visibility and automated response.
Databricks enters the cybersecurity market. It launches Lakewatch, a new open, agentic SIEM. This product redefines security information and event management. It defends enterprises against sophisticated AI attackers. Lakewatch unifies diverse data. It allows petabyte-scale threat detection. Investigations become faster, more efficient.
AI threats evolve rapidly. Attackers deploy AI agents. They continuously scan systems. They discover vulnerabilities. They execute coordinated attacks at machine speed. Defenders struggle. They face incomplete data. Manual workflows slow them down. Siloed architectures create blind spots. High ingestion costs force data discard. This creates a dangerous asymmetry. Attackers leverage AI; defenders often do not.
Lakewatch closes this gap. It unifies all data in open formats. Organizations analyze years of data. No data movement is required. No duplication occurs. This includes multi-modal data. Video and audio identify social engineering. Insider threats become visible. Anomaly detection improves dramatically. Lakewatch’s cost-effectiveness sets it apart.
AI agents drive Lakewatch. They automate detection. They triage alerts. They hunt for threats proactively. This delivers machine-speed defense. It counters machine-speed attacks. Custom security agents are built with Agent Bricks. These agents handle complex workflows end-to-end. They parse and enrich telemetry. Mean Time to Detect and Respond (MTTD/R) decreases significantly. Data remains within a secure, governed environment.
Traditional SIEMs charge based on data volume. This creates prohibitive costs. Many organizations discard critical security data. This leaves them vulnerable. Lakewatch offers a new pricing model. It charges for the work the software performs. It does not charge for data stored. This encourages full data ingestion. It ensures comprehensive visibility. Lakewatch slashes Total Cost of Ownership by up to 80%.
Lakewatch is an open ecosystem. It unifies all structured and unstructured security data. It runs on one open, cloud-agnostic platform. It integrates with any tool. Its Open Security Lakehouse Ecosystem grows fast. Leading security vendors join this network. Partners include Anvilogic, Arctic Wolf, Cribl. Obsidian, Okta, Palo Alto Networks are also part of it. 1Password, Panther, Proofpoint, Rearc, Slack, TrendAI, Wiz, and Zscaler extend its reach. This approach eliminates vendor lock-in.
Automated security intelligence powers Lakewatch. Integrated with Genie, it automates triage. It plans multi-step approaches. It significantly reduces alert fatigue for security teams. Analysts then focus on high-impact threats. Anthropic Claude models help power Lakewatch. They use advanced reasoning. They correlate signals across security, IT, and business data. Threats surface faster. Anthropic also uses Databricks for its own security lakehouse.
Databricks strengthens Lakewatch through strategic acquisitions. It acquired Antimatter. Antimatter laid the foundation for secure authentication. This applies to AI agents. Databricks also acquired SiftD.ai. SiftD.ai founders bring deep expertise. They specialize in large-scale detection engineering. Their background includes modern threat analytics. They contributed to Splunk’s search stack. These acquisitions enhance Lakewatch's capabilities.
Governance and compliance are paramount. Unity Catalog enables consistent policy enforcement. It ensures compliance at scale. Lakewatch offers cost-effective, long-term retention. Global enterprises meet rigorous mandates. NIS2 and DORA compliance become simpler. Detections are managed as code. Automated testing and deployment verify defenses. Security always remains version-controlled.
Enterprise organizations adopt Lakewatch. Adobe and Dropbox are early customers. National Australia Bank also uses the service. They unify data. They detect threats faster with AI. Lakewatch challenges established SIEM vendors. It presents a modern, AI-driven alternative. It bolsters Databricks’ market position. This supports its valuation. A potential 2026 IPO looms. Lakewatch represents Databricks' next frontier in growth and innovation.
Databricks enters the cybersecurity market. It launches Lakewatch, a new open, agentic SIEM. This product redefines security information and event management. It defends enterprises against sophisticated AI attackers. Lakewatch unifies diverse data. It allows petabyte-scale threat detection. Investigations become faster, more efficient.
AI threats evolve rapidly. Attackers deploy AI agents. They continuously scan systems. They discover vulnerabilities. They execute coordinated attacks at machine speed. Defenders struggle. They face incomplete data. Manual workflows slow them down. Siloed architectures create blind spots. High ingestion costs force data discard. This creates a dangerous asymmetry. Attackers leverage AI; defenders often do not.
Lakewatch closes this gap. It unifies all data in open formats. Organizations analyze years of data. No data movement is required. No duplication occurs. This includes multi-modal data. Video and audio identify social engineering. Insider threats become visible. Anomaly detection improves dramatically. Lakewatch’s cost-effectiveness sets it apart.
AI agents drive Lakewatch. They automate detection. They triage alerts. They hunt for threats proactively. This delivers machine-speed defense. It counters machine-speed attacks. Custom security agents are built with Agent Bricks. These agents handle complex workflows end-to-end. They parse and enrich telemetry. Mean Time to Detect and Respond (MTTD/R) decreases significantly. Data remains within a secure, governed environment.
Traditional SIEMs charge based on data volume. This creates prohibitive costs. Many organizations discard critical security data. This leaves them vulnerable. Lakewatch offers a new pricing model. It charges for the work the software performs. It does not charge for data stored. This encourages full data ingestion. It ensures comprehensive visibility. Lakewatch slashes Total Cost of Ownership by up to 80%.
Lakewatch is an open ecosystem. It unifies all structured and unstructured security data. It runs on one open, cloud-agnostic platform. It integrates with any tool. Its Open Security Lakehouse Ecosystem grows fast. Leading security vendors join this network. Partners include Anvilogic, Arctic Wolf, Cribl. Obsidian, Okta, Palo Alto Networks are also part of it. 1Password, Panther, Proofpoint, Rearc, Slack, TrendAI, Wiz, and Zscaler extend its reach. This approach eliminates vendor lock-in.
Automated security intelligence powers Lakewatch. Integrated with Genie, it automates triage. It plans multi-step approaches. It significantly reduces alert fatigue for security teams. Analysts then focus on high-impact threats. Anthropic Claude models help power Lakewatch. They use advanced reasoning. They correlate signals across security, IT, and business data. Threats surface faster. Anthropic also uses Databricks for its own security lakehouse.
Databricks strengthens Lakewatch through strategic acquisitions. It acquired Antimatter. Antimatter laid the foundation for secure authentication. This applies to AI agents. Databricks also acquired SiftD.ai. SiftD.ai founders bring deep expertise. They specialize in large-scale detection engineering. Their background includes modern threat analytics. They contributed to Splunk’s search stack. These acquisitions enhance Lakewatch's capabilities.
Governance and compliance are paramount. Unity Catalog enables consistent policy enforcement. It ensures compliance at scale. Lakewatch offers cost-effective, long-term retention. Global enterprises meet rigorous mandates. NIS2 and DORA compliance become simpler. Detections are managed as code. Automated testing and deployment verify defenses. Security always remains version-controlled.
Enterprise organizations adopt Lakewatch. Adobe and Dropbox are early customers. National Australia Bank also uses the service. They unify data. They detect threats faster with AI. Lakewatch challenges established SIEM vendors. It presents a modern, AI-driven alternative. It bolsters Databricks’ market position. This supports its valuation. A potential 2026 IPO looms. Lakewatch represents Databricks' next frontier in growth and innovation.