Databricks, a leader in data and AI solutions, has launched Lakewatch, an open AI-driven Security Information and Event Management (SIEM) platform aimed at enhancing cybersecurity for enterprises. Announced today, Lakewatch provides a unified environment to centralize security, IT, and business data, helping organizations combat increasingly sophisticated cyber threats. The platform is designed to automate threat detection and response, enabling enterprises to respond to attacks at machine speed. Lakewatch is currently available in Private Preview.
As cyber threats evolve, traditional defenses struggle to keep pace. Attackers can deploy AI agents that continuously scan for vulnerabilities and execute coordinated attacks rapidly, leaving defenders overwhelmed by incomplete data and manual processes. High costs associated with data ingestion often result in the dismissal of up to 75% of relevant data, creating a dangerous imbalance. Lakewatch addresses this issue by allowing organizations to consolidate their data in open formats, enabling comprehensive analysis without the need to move or duplicate information. This capability extends to multi-modal data, such as video and audio, which can help identify risks like social engineering and insider threats.
“Security teams can no longer rely on manual workflows to outpace AI-driven attacks,” stated Ali Ghodsi, Co-Founder and CEO of Databricks. “With Lakewatch, we are giving enterprises a new open data architecture and agentic capabilities to replace stagnating SIEM tools. Defenders must have even better visibility and speed than today’s agent attackers.”
Lakewatch is built on an open security lakehouse model, designed for scalability and speed. Its standout features include the ability to create custom security agents using Agent Bricks, which optimize workflows and enhance detection capabilities. The platform integrates with Genie to automate triage processes, reducing alert fatigue and allowing analysts to concentrate on high-impact threats. Additionally, Lakewatch fosters an open ecosystem, facilitating the integration of both structured and unstructured data across a cloud-agnostic platform. This approach allows for the unification of security data from various tools to better detect anomalies and threats.
Enterprises leveraging Lakewatch include industry leaders such as Adobe and Dropbox. “As the volume of security data grows, organizations need new ways to analyze and act on that information quickly and at scale,” commented Karthik Venkatesan, Security Engineering Lead at Adobe. He emphasized that Databricks provides the foundation for transitioning from a data-driven to an AI-driven approach in security operations, with Lakewatch being a significant advancement in that direction.
In conjunction with the launch of Lakewatch, Databricks is deepening its partnership with Anthropic, utilizing Claude models to enhance the platform’s capabilities. These models can correlate signals across diverse data sets, expediting the identification of threats. Anthropic itself employs Databricks’ security lakehouse to achieve comprehensive visibility into its data and improve threat detection.
To bolster its open, agentic SIEM approach, Databricks has also announced the acquisitions of Antimatter and SiftD.ai. Antimatter, founded by security researchers from UC Berkeley, specializes in secure authentication for AI agents. SiftD.ai, co-founded by a key architect of Splunk’s search technologies, brings expertise in large-scale detection engineering and modern threat analytics.
With Lakewatch, Databricks aims to redefine security operations by providing enterprises with the tools necessary to unify their data and respond to threats faster using AI. This innovative platform not only unifies data but also improves the speed and scale of threat detection, positioning organizations to better defend against evolving cyber threats.
See also
Intel Launches Core Ultra Series 3 vPro with 18A AI Tech and Enhanced DTECT Security
AI-Driven Zero Trust Strategy Enhances Cyberattack Recovery and Reduces Downtime
AiStrike Launches Continuous Detection Engineering Platform to Combat 82% Alert Fatigue
WatchGuard Expands NDR Suite, Enhancing AI Threat Detection for MSPs and SMEs
N-able Enhances Cybersecurity with AI Detections for Hidden Attacks Across Networks
