Skip to main content

Databricks Announces Lakewatch: New Open, Agentic SIEM

Databricks Lakewatch infographic showing data sources feeding into AI security agents, with “Open Agents” and “Open Formats” panels explaining detection, triage, analytics, and response across Delta Lake, Parquet, and Iceberg.

Published: March 24, 2026

Announcements7 min read

by Reynold Xin, Andrew Krioukov, Molly Limaye, Taylor Kain and Keegan Dubbs

Share this post

Keep up with us

Summary

  • The vision for an Open Security Lakehouse: Why traditional SIEMs fail to scale and how Lakewatch eliminates silos by unifying 100% of your telemetry on the open security lakehouse.
  • Fight agents with agents: How embedded AI and "Genie" agents automate threat detection, natural language hunting, and incident response at machine speed.
  • Modern SecOps economics: How decoupling compute from storage allows you to retain petabytes of data for years while reducing costs by up to 80%.

Today, we're announcing Lakewatch, a new open, agentic SIEM designed to help organizations defend against increasingly sophisticated agent attackers. Lakewatch unifies security, IT, and business data into a single, governed environment for AI detection and response. With open formats, Lakewatch enables customers to ingest, retain and analyze unprecedented volumes of multi-modal data, while slashing costs and eliminating vendor lock-in. Security teams gain complete visibility across the enterprise and can deploy defensive security agents to automate threat detection and response at massive scale. Lakewatch is launching today in Private Preview, with customers including industry leaders like Adobe and Dropbox.

We are also launching an “Open Security Lakehouse Ecosystem,” which includes leading security and delivery partners to help customers automate the normalization of telemetry into open formats, and respond to threats with the unified scale they need to meet modern threats with automated, machine-speed defense.

Security for the Agentic Era

Security is fundamentally changing. Cyberattacks are no longer just human-operated. They're increasingly AI-driven and automated. LLMs have discovered 500+ zero days in open-source code, AI agents have become top-ranked hackers on bug bounty platforms, and state-sponsored groups are weaponizing AI to automate intrusions. Attackers now operate at machine scale, working 24/7 to construct exploits and coordinate attacks.

In the face of these machine-scale attacks, even the best security operations teams face structural constraints. Today's security tools require analysts to manually enrich alerts, hand-author detection rules, and test threat hunting hypotheses over days or weeks. These workflows could be effective against human-paced threats. Against AI-driven attacks operating 24/7 and at machine speed, the architecture itself becomes the bottleneck. ZeroDayClock.com found that the mean time to exploit has collapsed from 23.2 days in 2025 to just 1.6 days in 2026.

The problem compounds when you look at the data. Large enterprises generate terabytes, or even petabytes, of security data daily, but traditional SIEMs couple storage with compute, creating a financial penalty on every byte ingested. Teams respond by limiting ingestion, filtering data through routing layers, deleting historical data, and ignoring multimodal sources like chat logs and video entirely. This creates a dangerous asymmetry: attackers use AI agents to analyze everything and attack anywhere, while defenders see only a fraction of their own data. Traditional SIEMs can't process multimodal data, yet it's exactly where social engineering attacks, insider threats, and prompt injection attempts hide.

This isn't just a cost or scale problem. It's a fundamental architectural mismatch between the threats we face and the tools we have to fight them. We've solved this exact problem before. Data warehouses had the same limitations: expensive ingestion, siloed data, limited to specific use cases. The lakehouse disrupted that model with open formats, cheap storage, and support for any data type. Now we're bringing that same transformation to security.

Lakewatch brings the economics and architecture of the lakehouse to security operations. You can ingest and retain 100% of your security telemetry (including multimodal data), analyze it alongside all your business data, and deploy AI-powered agents for detection and response at a fraction of legacy costs.

How Lakewatch Changes Security Operations:

Complete Visibility Across All Data

Organizations already possess the context needed to investigate threats. HR systems, collaboration platforms, application logs, and transaction data sit in the lake today, but traditional security tools can't access it without costly duplication. Lakewatch flips the model: security runs directly on the lakehouse. Built on Unity Catalog, your security data sits alongside everything else. When an alert fires, you can instantly correlate across any data source without moving files or switching tools. Modern attacks exploit gaps between systems and rely on social engineering, insider context, and multimodal signals that legacy tools can’t process. With all context in one place, analysts can detect and contain threats in minutes instead of days.

Lakewatch makes this possible through:

  • Enterprise-wide governance: Fine-grained access control at table, row, column, and attribute levels with full auditability across all data.
  • Open standards: Built on the Open Cybersecurity Schema Framework (OCSF) so your data never locks into proprietary formats.
  • Automated ingestion: Lakeflow Connect handles ingestion and normalization of major security sources (AWS, Okta, Zscaler, etc) into standardized tables.
  • True data ownership: Store data in Delta Lake or Apache Iceberg in your own cloud storage, run queries across any cloud, and prevent vendor lock-in.

Fight Agents with Agents

Traditional SIEMs rely on bolt-on AI features that can't access the full context of your data. Lakewatch brings embedded AI directly to where your security data lives. Genie automates critical workflows such as ingesting and parsing new log sources to OCSF, authoring net-new detections based on the latest threat intelligence, modifying existing rules to reduce false positives, and translating natural language questions into SQL queries. Genie Spaces lets security teams query petabytes of data using plain English instead of specialized query languages, democratizing threat hunting across skill levels.

Key Capabilities Include:

  • Genie Code: AI Assistant to automate ingestion, authoring net-new detections, modify rules to reduce false positives, and translate natural language questions into SQL queries for investigation.
  • Genie Spaces: Natural language query interface and agentic harness allows any user to perform complex multi-step threat hunting, asking questions of their data without learning complex query languages.
  • Detection-as-Code: Define detection rules in YAML with SQL queries or Python notebooks, backtest against historical data, and deploy through CI/CD pipelines.
  • Custom ML Detections: Train and deploy machine learning models directly on your security data using MLflow, Feature Store, and Model Serving, enabling anomaly detection, behavioral analytics, entity risk scoring, and more.
  • Powerful dashboards: Create executive, operational,and compliance dashboards with AI-enhanced visualizations for real-time monitoring.

Efficient SecOps at Petabyte Scale

By decoupling storage from compute, you can store petabytes of full-fidelity security telemetry in your own cloud storage and only pay for compute. Run analytics only when needed using Serverless compute. Maintain years of hot-queryable data instead of weeks. You own the data. You control the costs.

This translates to:

  • Own your data: Security telemetry stored in cloud object storage you control (S3, ADLS, GCS) using open formats.
  • Long-term retention: Meet compliance requirements and power threat hunting over multi-year periods without cost penalties.
  • Predictable economics: Store full-fidelity logs at scale without incurring per-byte license fees.
  • Elastic compute on demand: Provision powerful analytics and ML workloads only when needed with fine-grained cost control.
  • Serverless performance: Zero infrastructure to manage. Pay only for your queries.

Deepening Partnership with Anthropic

Building on the success of the two companies’ existing strategic partnership, Databricks and Anthropic are deepening their collaboration to deliver agentic security operations. Anthropic’s Claude models help power Lakewatch, using Claude's advanced reasoning capabilities to correlate signals across security, IT, and business data to surface threats faster. Anthropic also uses Databricks for its own security lakehouse to gain complete visibility across its security and business data and detect threats earlier.

Open Security Lakehouse Ecosystem

Databricks believes today’s threats require open collaboration across the ecosystem where customers are in full control of their own data. That’s why we’re excited to announce the “Open Security Lakehouse Ecosystem”, a fast-growing group of top security vendors and delivery partners including Anvilogic, Arctic Wolf, Cribl, Deloitte, Obsidian, Okta, 1password, Palo Alto Networks, Panther, Proofpoint, Rearc, Slack, TrendAI, Wiz (now part of Google Cloud), and Zscaler.

Zscaler shares Databricks’ commitment to an open ecosystem. We’re excited to join the Open Security Lakehouse Ecosystem and give our mutual customers the data and tools they need to defend AI-native attacks with AI-native solutions. — Eddie Parra, VP Solutions Architect Partner Ecosystem, Zscaler
As cyber threats evolve into AI-driven, machine-scale attacks, organizations may require a fundamentally new architecture to keep pace. Lakewatch represents a step forward for security operations, bringing the power of the Databricks lakehouse to the SOC, enabling teams to harness their data, deploy intelligent agents, and help stay ahead of evolving threats. — Jennifer Vitalbo, Managing Director, and Government and Public Services Cyber Defense and Resilience Offering Leader, Deloitte & Touche LLP

Expanding Security Leadership with Antimatter and SiftD.ai Acquisitions

To advance its open, agentic SIEM approach, Databricks is announcing the acquisitions of both Antimatter and SiftD.ai. Antimatter was founded by UC Berkeley security researchers who laid the foundation for provably secure authentication and authorization for AI agents. SiftD.ai, founded by the creator of Splunk’s Search Processing Language (SPL) and lead architects of Splunk's search stack, will bring deep expertise in large-scale detection engineering and modern threat analytics.

Learn More

Lakewatch represents a fundamental shift in how security operations work. As an open security lakehouse, the economics are better, the architecture is more flexible, and the AI capabilities are native, not bolted on.

Lakewatch is launching in Private Preview as we work toward broader availability. If you're dealing with cost pressures, retention limits, or looking to bring large security workloads onto your data platform, we want to hear from you.

To learn more about how you can modernize your SOC, visit the Lakewatch product page.

Never miss a Databricks post

Subscribe to our blog and get the latest posts delivered to your inbox