Databricks Launches Lakewatch: Open, Agentic SIEM for AI-Driven Threat Detection

Summary

Databricks has announced Lakewatch, a new open-source, agentic Security Information and Event Management (SIEM) platform designed to help organizations defend against sophisticated AI-powered attackers. The platform unifies security, IT, and business data into a single governed environment, enabling AI-driven detection and response capabilities at scale.

Lakewatch leverages open formats to allow customers to ingest, retain, and analyze large volumes of multi-modal data while reducing infrastructure costs and avoiding vendor lock-in. The platform enables security teams to deploy defensive security agents that automate threat detection and response across the enterprise, providing complete visibility into security events.

The platform launches today in Private Preview, with early adopters including major technology companies Adobe and Dropbox. Databricks' move into the SIEM market reflects growing demand for AI-native security solutions capable of handling the complexity of modern threat landscapes.

• Private Preview launch includes marquee customers Adobe and Dropbox

Editorial Opinion

Lakewatch represents a significant evolution in security technology, positioning AI agents as active defenders rather than passive monitors. By combining open architecture with agentic automation, Databricks is addressing a critical gap in enterprise security—the need for systems that can match the sophistication of AI-powered threats. This open approach could accelerate industry-wide adoption of agentic security, though success will depend on the platform's ability to integrate seamlessly with existing security infrastructure.