At the moment, we’re thrilled to announce the launch of Knowledge Intelligence for Cybersecurity— the Databricks platform designed to place superior, agentic AI on the core of recent cyber protection. In a world the place assaults are sooner and extra dynamic than ever, organizations want extra than simply incremental tooling—they want clever brokers, powered by unified, enterprise-wide knowledge, to quickly detect, examine, and reply to threats earlier than they escalate.
With Knowledge Intelligence for Cybersecurity, safety groups can seamlessly unify, govern, and activate each sign throughout IT, safety, and enterprise methods—all inside a single open lakehouse. Agent Bricks permits organizations to deploy safe, production-ready AI brokers that automate detection and triage, whereas highly effective self-service analytics instruments empower each practitioner to discover knowledge, construct detections, and collaborate in actual time. By means of deep integrations and an open companion ecosystem, Databricks connects with current safety stacks to maximise flexibility, protection, and innovation—making it doable to maneuver from siloed, reactive protection to proactive, AI-augmented cyber operations at scale.
Already trusted by Fortune 500 leaders and modern safety groups throughout industries, Knowledge Intelligence for Cybersecurity allows CISOs and safety leaders to lastly break by means of the friction of knowledge silos, alert overload, and expensive legacy SIEM architectures. Our platform democratizes real-time cyber insights, automates detection and response with Agent Bricks, and offers each safety stakeholder—from analyst to govt—AI-powered insights for contemporary threats.
How Databricks is Reshaping the Way forward for Cybersecurity
Safety right now is an information downside at its core. Databricks units a brand new commonplace with:
- Agent Bricks for AI Cyber Brokers: Construct safe, production-ready AI brokers that deal with repetitive detection, triage, and investigation—studying and evolving with every new risk.
- Unified Safety Knowledge Basis: Mixture, govern, and activate safety, IT, and enterprise knowledge from any supply—cloud, endpoint, API, SaaS, legacy methods—in an open lakehouse.
- Lakebase for Actual-Time SecOps: Energy real-time risk intelligence, case administration, and vulnerability workflows with a completely managed cloud database that delivers quick, dependable analytics at lakehouse scale.
- Self-Service Safety Insights: With Databricks One and AI/BI Genie, everybody—from practitioners to non-technical executives—can ask pure language questions, entry dashboards, and drill into occasions, with out code or knowledge science bottlenecks.
- Open, Modular, and Ruled: Keep away from platform lock-in with open requirements, industry-leading governance (Unity Catalog, DASF 2.0), and seamless integration to your SIEM/SOAR/XDR stack.
“Cybersecurity is essentially an information downside. We constructed Knowledge Intelligence for Cybersecurity so each enterprise can unify safety, IT, and enterprise knowledge in a ruled safety lakehouse, and harness superior AI with Agent Bricks for real-time detection and automatic response. Nobody else is best positioned to deal with this downside. Databricks clients can minimize SIEM prices by as much as 80% and transfer from reactive alert-chasing to clever, environment friendly protection. With Databricks, your knowledge platform turns into your strongest protection.” — Omar Khawaja, VP of Safety and Area CISO Databricks
The Three Pillars of Knowledge Intelligence for Cybersecurity
1. Environment friendly SecOps at Scale with Agent Bricks
Responding to AI-driven threats calls for AI-powered automation. With Agent Bricks, customers can construct and deploy customizable AI brokers for triage, enrichment, and response—boosting velocity and decreasing alert fatigue.
Fashionable threats transfer at machine velocity, and adversaries leverage automation and AI to bypass conventional controls. To maintain tempo, safety operations don’t want extra instruments, however built-in intelligence and agentic automation giving analysts the correct knowledge on the proper time. Databricks uniquely delivers these capabilities at scale— decreasing prices, accelerating response, and amplifying human experience.
AI Brokers for triage and detection: Agent Bricks allows safe, manufacturing‑prepared AI brokers for cyber protection— automating alert triage, investigation, and response so SOC groups can act sooner, cut back noise, and adapt to rising threats in actual time—liberating analysts for higher-impact work.
Automated contextual enrichment: Seamlessly combine with SOAR, SIEM, EDR and different platforms; orchestrate cross-channel response actions, and summarize incidents with precision and consistency.
Operational resilience at scale: Lower SIEM prices by as much as 80%, cut back imply time to detect/reply (MTTD/MTTR) by as much as 90%, and get rid of redundancy by automating repetitive duties throughout the SOC.
Steady optimization and governance: Unity Catalog, DASF, and adaptive agent frameworks guarantee all automation and knowledge sharing is safe, audit-ready, and constantly refined for high quality and compliance.
2. Self-Service Safety and Knowledge Insights
Cyber resilience calls for that analysts, in addition to enterprise and threat leaders, can entry and act on actual insights in actual time. Databricks democratizes this with highly effective, code-free dashboards and AI-powered search. True cyber resilience hinges on empowering each analyst, detection engineer, and enterprise chief to entry and act on knowledge—with out ready in line for knowledge engineering help. Democratizing analytics is the distinction between proactive protection and reactive firefighting. Databricks allows this with:
Databricks One and AI/BI Genie convey real-time, AI-powered safety insights to everybody: Each safety and enterprise customers can entry unified dashboards, monitor threat, and ask pure language questions—all in a easy, code-free interface ruled for compliance and privateness.
Self-service analytics: Analysts use SQL, Python, pure language, and visible instruments to entry, harmonize, and examine unified knowledge on demand—no extra knowledge science gatekeeping or delayed investigations.
Federated entry, immediate enrichment: Allow lightning-fast pivots, root trigger evaluation, and risk looking, with context-rich linking of person, asset, and enterprise knowledge at any scale.
Actionable dashboards and collaboration: Construct and share real-time dashboards, notebooks, and detections—fueling sooner decision-making from the SOC to the C-suite.
No bottlenecks, solely agility: Safety professionals roll out, check, and tune detections and analytics immediately—eradicating operational bottlenecks and bettering total workforce velocity.
“Every detection rule can now set off an automatic response—similar to account suspension—inside minutes. Each alert, with full processing context, is centrally logged and delivered on to buyer dashboards so groups can act quick.” -Merium Khalid, SOC Offensive Safety, Barracuda Networks
3. Unified Safety Knowledge Basis
Fragmented knowledge holds safety groups again. The fashionable enterprise operates in a dispersed, multi-cloud, multi-vendor atmosphere the place knowledge fragmentation is the enemy of safety. With no unified knowledge basis, threats go undetected, knowledge stays siloed, and compliance dangers pile up.
“With Anvilogic on Databricks, we course of threats sooner than ever — decreasing engineering time by 80% and rising rule deployment velocity 5–6x. We’ve gained velocity, visibility, price financial savings and full management over our knowledge.” — Roland Costea, Chief Data Safety Officer (CISO) – Enterprise Cloud Providers (ECS), SAP
A unified safety knowledge basis grants groups the full-spectrum visibility wanted for superior detection and speedy, correct investigations. With Databricks, each safety occasion, person exercise, and enterprise context is consolidated for context-rich risk looking and forensics. A Unified Safety Knowledge Basis with Databricks gives:
Actual-time knowledge unification: Speed up risk intelligence, case administration, and vulnerability monitoring with Lakebase, a completely managed, serverless Postgres database that brings real-time OLTP reliability and seamless lakehouse-scale analytics to each layer of safety operations.
Centralized telemetry: Mixture all safety, IT, and enterprise knowledge—structured, semi-structured, and unstructured—throughout cloud, endpoint, SaaS, and legacy sources, eradicating blind spots and enabling a “single supply of fact.”
Open and scalable structure: Databricks leverages lakehouse rules and open requirements (Delta Lake and OCSF) to help petabyte-scale analytics, versatile ingest, and future-proof integration.
Delta Lake permits us to not solely question the information higher however to additionally purchase a rise within the knowledge quantity. We’ve seen an 80% improve in visitors and knowledge within the final yr, so with the ability to scale quick is essential.— Tomer Patel, Engineering Supervisor, Akamai
Ruled and compliant by design: Constructed-in Unity Catalog gives fine-grained entry controls, lineage, and audit trails, assembly essentially the most rigorous regulatory and operational necessities.
Accelerated context and readiness: Contextualize safety telemetry immediately with enterprise and asset knowledge—giving each analyst richer context for risk looking, response, and compliance.
With Databricks, your group’s knowledge lakehouse turns into your safety lakehouse: a basis that delivers the breadth and depth fashionable protection calls for.
Knowledge Intelligence in Motion: Buyer Impression Highlights
SAP Enterprise Cloud Providers (ECS) + Anvilogic
Managing 200,000+ VMs, SAP ECS wanted to beat SIEM limitations to price, scale, and detection velocity. Deploying Anvilogic on Databricks, they automated detection engineering, minimize rule deployment time by 5–6x, and delivered real-time insights each internally and to clients.
With Anvilogic on Databricks, we course of threats sooner than ever – decreasing engineering time by 80% and rising rule deployment velocity 5–6x.— Roland Costea, Chief Data Safety Officer (CISO), SAP ECS.
Arctic Wolf
Arctic Wolf processes over 8 trillion safety occasions weekly and protects 10,000 organizations utilizing AI-driven safety operations on Databricks, empowering hundreds of consultants to ship sooner detection and response whereas decreasing operational overhead and unifying knowledge for more practical risk safety.
We help hundreds of organizations and deal with over 8 trillion safety occasions per week. AI and automation allow us to do extra with the identical workforce – decreasing imply time to detect, triage and resolve, however all the time emulating and amplifying our area consultants.—Michael Mylrea, AI Fellow & Architect, Arctic Wolf
Barracuda Networks
Barracuda Networks lowered every day processing and storage prices by 75% in comparison with legacy methods and delivered buyer alerts inside 5 minutes, unifying 100 detection guidelines and 50 knowledge sources on Databricks to allow speedy, scalable, automated cyber risk protection at decrease price.
Databricks remodeled our detection engineering – from real-time alerting to price financial savings, and, most significantly, the flexibility to defend clients at scale. We’re in a position to standardize and automate detection and response, so our clients all the time profit from the newest intelligence.— Merium Khalid, Director, SOC Offensive Safety, Barracuda Networks
Rivian
Going through 10TB of safety knowledge every day and rising SIEM migration prices, Rivian constructed the TRAILS platform on Databricks. In simply 4 months, they achieved 60% SIEM price financial savings, unified greater than 100 knowledge sources, and empowered real-time, scalable safety operations.
Reducing our SIEM prices by 60% whereas migrating 7–10TB of every day knowledge from over 100 sources in underneath 4 months was solely doable as a result of Databricks gave us full management, scalability, and real-time detection.— Chris Mandich, Director, Cybersecurity Operations, Rivian.
Palo Alto Networks
Palo Alto Networks adopted Databricks to unify fragmented safety knowledge and speed up AI-powered risk detection options by 3x. The platform lowered operational prices and enabled proactive, real-time safety insights throughout their international cloud ecosystem.
With Databricks, we’ve turned knowledge complexity into a bonus. The platform’s scalability has reshaped our strategy, accelerated our safety innovation and helped us to ship impactful options to clients with unprecedented velocity.— Krishnan Narayan, Senior Distinguished Engineer, Palo Alto Networks.
Akamai
Akamai lowered safety occasion knowledge ingestion time from quarter-hour to underneath 1 minute and now achieves over 85% of buyer queries with responses underneath 7 seconds, enabling real-time analytics at scale for 30% of the web’s visitors utilizing Databricks SQL and Delta Lake.
Delta Lake permits us to not solely question the information higher however to additionally purchase a rise within the knowledge quantity. We’ve seen an 80% improve in visitors and knowledge within the final yr, so with the ability to scale quick is essential.— Tomer Patel, Engineering Supervisor, Akamai
Knowledge Intelligence for Cybersecurity: Companion Ecosystem & Open Structure
Databricks’ cybersecurity ecosystem is powered by a dynamic community of expertise and repair companions, every delivering specialised options constructed on or linked to the Knowledge Intelligence Platform. From modern AI automation, to knowledge ingest and superior knowledge governance, these companions lengthen the ability of Databricks with real-time safety analytics, streamlined operations, and seamless integrations—serving to organizations unlock unified protection and agility at scale. Uncover how our companion group elevates each aspect of recent safety.
Irregular AI
AI-native e mail safety
Irregular AI makes use of Databricks to spice up actual‑time e mail safety, streamline analytics, and enhance operational effectivity for superior risk detection—throughout a number of AWS workspaces with standardized insurance policies and monitoring.
Accenture Federal Providers
Architecting next-gen federal options
Accenture Federal Providers and Databricks are partnering to assist construct the way forward for safe AI bringing collectively the Lakehouse structure with mission-critical protection experience and capabilities. The partnership helps federal companies transfer past reactive protection to proactive, AI-driven safety.
Resolution: Darkish Gentle
We’re accelerating integration with companions like Databricks to assist co-engineer new requirements for federal cybersecurity and safe AI. The fusion of Databricks’ Knowledge Intelligence Platform with our deep federal experience, delivers a bonus for cyber defenders. That is how we modernize on the velocity of AI and win the information conflict within the federal area.— Amanda Satterwhite, Cyber Apply Lead, Accenture Federal Providers
ActiveFence
AI security guardrails for Databricks Mosaic
ActiveFence integrates with Databricks to safe LLM brokers in actual time, blocking malicious prompts and imposing coverage throughout 117+ languages.
Weblog: Constructing Safer AI Brokers on Databricks with ActiveFence Guardrails
Alpha Stage
AI-native safety automation
Alpha Stage leverages Databricks infrastructure and security-focused AI, vastly decreasing threat to organizations by automating lots of the repetitive duties in risk detection and response.
Anvilogic
AI SOC, powered by Modular Detection Engineering
Anvilogic integrates with Databricks to ship end-to-end, AI-powered SOC workflows—spanning knowledge onboarding, detection logic growth, behavioral rule execution, and automatic triage.
Buyer Story: Reworking risk detection with AI insights at scale
Arctic Wolf
Scalable SOC intelligence
Arctic Wolf’s Aurora Platform makes use of Databricks to course of trillions of safety occasions, unifying various telemetry and accelerating AI-driven risk detection for over 10,000 clients worldwide.
Press Launch: Arctic Wolf Aurora Platform on Databricks Knowledge Intelligence Platform
Cybersecurity is more and more an information problem, formed by the size, velocity, and variety of telemetry throughout fashionable environments. The Aurora Platform processes over 8 trillion safety occasions every week, and Databricks is a part of the inspiration that enables us to unify and analyze this knowledge in actual time – enabling Arctic Wolf to scale the platform, speed up AI innovation, and increase our AI-powered SOC to ship sooner risk detection, extra dependable safety, and outcomes that safety groups can belief. — Dan Schiappa, President, Expertise and Providers, Arctic Wolf
BigID
Delicate knowledge discovery and governance
BigID integrates with Databricks for automated identification, classification, and masking of delicate knowledge. BigID maps compliance frameworks together with Databricks AI Safety Framework (DASF) 2.0 to knowledge insurance policies, permitting granular governance and privateness controls throughout knowledge lakes and cloud environments.
DataBahn
Telemetry pipeline and knowledge orchestration
Databahn unifies and optimizes safety telemetry for Databricks, automating knowledge motion and operations whereas delivering clear, enriched knowledge for analytics, compliance, and AI at scale.
Weblog: The Subsequent Period of Knowledge Intelligence
Enterprises are at a crossroads the place cybersecurity should maintain tempo with the velocity of evolving threats. Partnering with Databricks demonstrates what’s doable when AI-native pipelines converge with a contemporary knowledge intelligence platform. This isn’t simply an integration – it’s the blueprint for the following period of safety operations. We see safety knowledge not as one thing to easily retailer, however as a strategic useful resource to harness – unlocking real-time insights that drive sooner, smarter choices.— Aditya Sundararam, Chief Product Officer, DataBahn
DataNimbus
Modernize your core with clever, AI-powered options
DataNimbus helps enterprises speed up transformation with Databricks-native options—delivering sooner pipeline growth, real-time AI insights, and scalable analytics to drive innovation and enterprise worth.
Deloitte
Finish-to-end cloud and AI modernization
Deloitte’s unified strategy leverages Databricks to optimize SIEM/SOAR methods and successfully accumulate, analyze, and visualize community and safety info. With cost-effective storage and processing, Deloitte allows organizations to deal with long-term incident investigations, risk looking, and rising knowledge volumes.
Resolution: Cyber Knowledge Optimization
Weblog: Strengthening Cyber Resilience by means of Environment friendly Knowledge Administration
It’s essential for companies to combine superior knowledge intelligence into cybersecurity methods. Our alliance with Databricks helps allow organizations to totally make the most of AI-driven insights, serving to them remodel their safety operations to fulfill the challenges of right now’s digital panorama. Collectively, we’re paving the way in which for a safer and resilient future. —Adnan Amjad, US Cyber chief at Deloitte
Entrada
AI-powered safety knowledge administration
Entrada gives full-stack Databricks implementations for centralized SIEM knowledge monitoring, strong AI analytics, and cost-effective compliance, utilizing proprietary graph networks and LLMs for risk detection.
Resolution: Gatehouse Safety
HiddenLayer
Safety for the complete AI lifecycle
HiddenLayer secures agentic, generative, and predictive AI functions throughout the complete lifecycle — defending IP, making certain compliance, and enabling secure adoption at enterprise scale.
Weblog: Integrating HiddenLayer’s Mannequin Scanner with Databricks Unity Catalog
Noma Safety
Enterprise-grade AI and agent safety
Noma Safety is the one platform purpose-built to safe and govern enterprise AI and brokers, enabling cybersecurity organizations to quickly and confidently undertake AI at scale.
Weblog: Databricks and Noma Safety Companion to Safe the Enterprise AI Lifecycle
White Paper: 10 Steps to Safe AI with Databricks AI Safety Framework
The cyber problem of our time is agentic AI safety at enterprise scale. As waves of AI brokers and fashions are deployed, they want systematic threat visibility and management woven into their DNA. Collectively, Noma Safety and Databricks are prepared for this problem. We’re defining AI safety from ad-hoc checkpoints to proactive guardrails embedded throughout enterprise AI. With deep visibility, safety posture administration, and automatic coverage enforcement aligned with frameworks just like the Databricks AI Safety Framework (DASF), our joint clients can unlock the total transformative energy of AI with confidence and velocity.— Niv Braun, Noma Safety Co-founder and CEO
Obsidian Safety
Unified SaaS knowledge safety
Obsidian Safety strengthens Databricks functions with SaaS safety and risk detection, enabling enterprises to run real-time AI and analytics at scale with confidence, knowledge safety, and built-in compliance.
Panther
Rework cloud noise into safety sign
Panther is the AI-powered SIEM that scales along with your Databricks Safety Lakehouse. It unifies safety knowledge, automates monitoring with code-driven workflows, and makes use of AI brokers to assist groups transition to autonomous safety operations.
Each group has distinctive safety wants and knowledge architectures. This partnership with Databricks offers our clients unprecedented selection and suppleness – whether or not you are cloud-native or hybrid, we’re assembly you the place you might be and providing you with the instruments to scale safety operations in your phrases.— William Lowe, CEO, Panther Labs
PointGuard AI
Complete AI safety and governance
PointGuard AI gives deep integration with Databricks to find, harden, and constantly monitor AI belongings, fashions, and brokers – securing MLOps pipelines and imposing coverage throughout the AI lifecycle.
Buyer Story: Finastra Establishes AI Safety and Governance
Rearc
Cyber Intelligence on Databricks implementation
Rearc has supported a number of main corporations as they migrate or increase their conventional SIEMs with Cyber Intelligence on Databricks. Rearc gives knowledgeable skilled providers alongside a library of prebuilt safety content material, accelerators, and AI instruments to drive safety transformation.
Resolution: Cyber Intelligence on Databricks
Securiti AI
Knowledge command heart analytics
Securiti Knowledge Command Middle gives full visibility and controls on an enterprise’s total knowledge and AI panorama, throughout hybrid cloud and SaaS.
SPLX
Steady AI pink teaming and safety
SPLX delivers automated pink teaming for Databricks AI apps and fashions, exposing hidden dangers and hardening defenses from growth to deployment.
Theom
Automated unstructured and structured knowledge and AI governance and safety Theom makes use of Databricks for real-time threat detection, automated coverage enforcement, and scalable governance and safety throughout unstructured and structured cloud and on-premises knowledge.
Varonis
Knowledge safety
Varonis makes use of Databricks’ open lakehouse to ship scalable knowledge discovery and classification, automated remediation, and data-centric risk detection for hybrid and cloud infrastructure.
Securing the huge datasets that gasoline AI is a problem and a necessity. Organizations depend on Databricks for scalable analytics and Varonis to constantly uncover, classify, and defend delicate knowledge. With our integration, we’ve got streamlined entry governance and real-time risk detection throughout the Databricks Knowledge Intelligence Platform. Firms can acquire end-to-end visibility and proactive knowledge safety for his or her essential enterprise knowledge with Varonis and Databricks. — David Bass, EVP of Engineering and CTO at Varonis.
ziggiz
Let your knowledge do the work
ziggiz makes use of Databricks to unify enterprise safety knowledge and automate as much as 90% of SOC workflows, serving to groups detect and reply to threats sooner by means of clever automation.
Knowledge Intelligence is Safe by Design
Databricks integrates Unity Catalog for granular governance and the rules of the DASF 2.0 for AI threat administration—making certain compliance, safe automation, and transparency at each layer. Your knowledge isn’t locked in, and your safety technique evolves with your small business, not vendor constraints. From entry controls and audit trails to AI mannequin lineage and steady coverage enforcement, safety is embedded throughout the platform—not bolted on. This unified strategy empowers organizations to fulfill essentially the most demanding regulatory necessities, adapt to rising dangers, and confidently scale data-driven innovation—all whereas sustaining full possession and management over their info
By embedding AI and safety natively—not bolting it on—Databricks empowers enterprises to:
- Speed up detection and response: Unified knowledge basis and real-time analytics permit for sooner risk identification and mitigation.
- Implement compliance effortlessly: Automated governance and granular controls maintain knowledge protected and audit-ready, eliminating gaps and handbook work.
- Scale securely: Organizations evolve defenses on the tempo of cloud and AI, assured that safety and privateness stay uncompromised.
- Preserve management: Full knowledge possession and clear automation let firms innovate with out vendor constraints or hidden dangers.
With Databricks, safety isn’t an add-on—it’s the engine that drives clever, resilient cyber protection at scale.
Getting Began
- Map Your Panorama: Determine silos, price drivers, and highest-impact use circumstances.
- Have interaction with Databricks: Workshops, Brickbuilder Options and Accelerators in your stack—sidecar, parallel, or spine.
- Combine and Pilot: Modular deployments; begin augmenting your SIEM/SOAR rapidly, scale securely.
- Empower Your Groups: Roll out Databricks One, AI/BI Genie, Lakebase and Agent Bricks.
Your Knowledge, Your Protection—Able to Study Extra?
With Databricks, unify each safety sign, empower your groups, and set new requirements for cyber agility, resilience, and worth.
Able to see your knowledge turn into your strongest safety asset? Contact us for a demo or be part of our subsequent Knowledge + AI Cybersecurity occasion.
With Databricks, you don’t simply modernize safety—you future-proof it with unified knowledge, safe AI with Agent bricks, actual time knowledge with Lakebase and industrial-grade automation. Welcome to the brand new commonplace for clever cyber protection.
