Modernizing Threat Detection and Hunting Using Databricks Lakewatch

Adobe is enhancing its threat detection and hunting capabilities by complementing existing SIEM-based workflows with Databricks Lakewatch for use cases that demand greater scalability, automation, and data unification. Lakewatch ingests and normalizes large volumes of cybersecurity telemetry into OCSF formatted tables, enabling detection and hunting logic written in SQL or PySpark to operate efficiently on both streaming and historical data. By leveraging Lakewatch’s rule management, Mitre ATT&CK alignment, and integrations with external case management systems, Adobe is automating detections, streamlining hunts, and improving visibility across multiple environments. This session will highlight how Adobe is selectively adopting Lakewatch to modernize security analytics - accelerating development, improving detection fidelity, and driving a unified, data-driven detection platform.