The Open Security Lakehouse: Building Agentic Cyber Defense with Lakewatch

Legacy SIEMs are drowning security teams in alerts but starving them of insight. As threats grow more complex and attackers operate at machine speed, cybersecurity must be treated as a data and AI problem at scale.

In this session, we'll walk through a Cybersecurity Intelligence Platform powered by Lakewatch, Databricks' open, agentic SIEM. We'll show how to streamline security data ingestion and automated cloud log collection, then rapidly normalize it into the OCSF standard to cut time-to-value.

From there, we'll explore large-scale analytics, behavioural ML, and Detection-as-Code workflows that bring software engineering rigor to detection and response. The highlight is Agentic Threat Hunting with Lakewatch: AI agents that reason over security signals alongside business and application data, leveraging internal knowledge to add critical context, reduce false positives, and automate complex triage.

Join us to see how modern SOCs can move beyond the traditional SIEM toward true security intelligence with Lakewatch and the Databricks Data Intelligence Platform.