{"id":5123,"date":"2025-09-30T13:00:00","date_gmt":"2025-09-30T13:00:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=5123"},"modified":"2025-09-30T13:00:00","modified_gmt":"2025-09-30T13:00:00","slug":"databricks-enters-the-cybersecurity-arena-with-an-ai-driven-platform","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=5123","title":{"rendered":"Databricks enters the cybersecurity arena with an AI-driven platform"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Databricks is trying to carve out a bigger role in cybersecurity for itself with the launch of \u201cData Intelligence for Cybersecurity,\u201d a platform aimed at unifying fragmented security data and powering AI agents against automated attacks.<\/p>\n<p>The company says the tool integrates directly with existing security stacks, giving teams a single, governed foundation for spotting threats earlier and responding faster.<\/p>\n<p>\u201cWith Data Intelligence for Cybersecurity, Databricks is making data and AI every organization\u2019s strongest defense strategy,\u201d said Omar Khawaja, VP of Security and Field CISO at Databricks. \u201cSecurity teams can now gain a more accurate, governed, and flexible approach to building AI agents that proactively combat today\u2019s modern and AI-based threats.\u201d<\/p>\n<p>Databricks\u2019 pitch leans on its \u201cLakehouse\u201d architecture, which it claims delivers real-time intelligence with richer context than traditional SIEM tools. Early adopters such as Arctic Wolf, Palo Alto Networks, and SAP are already reporting sharper detection rates, lower costs, and fewer bottlenecks in security operations, according to a Databricks <a href=\"https:\/\/www.databricks.com\/blog\/transforming-cybersecurity-data-intelligence?itm_data=pr-resource-diforcyber\" target=\"_blank\" rel=\"noopener\">announcemen<\/a>t shared with CSO ahead of its publication on Tuesday.<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>Stitching Security Data into One Fabric<\/h2>\n<p>A recurring pain point for security teams, Databricks noted, is data sprawl with telemetry scattered across different tools and each vendor enforcing its own rules of engagement. The new <a href=\"https:\/\/www.databricks.com\/solutions\/industries\/cybersecurity\" target=\"_blank\" rel=\"noopener\">platform<\/a> is apparently designed as a counter to that, with \u201cAgent Bricks\u201d allowing organizations to build AI-powered apps and agents that analyze threats and take action under governance controls. The platform also introduces conversational dashboards and natural language queries, aimed at helping even non-technical leaders grasp real-time risks.<\/p>\n<p>Arctic Wolf\u2019s Dan Schiappa acknowledges the issue of sprawl. \u201cCybersecurity is increasingly a data challenge, shaped by the scale, speed, and diversity of telemetry across modern environments,\u201d he said in the announcement. \u201cThe Aurora Platform processes over 8 trillion security events each week, and Databricks is part of the foundation that allows us to unify and analyze this data in real time.\u201d<\/p>\n<p>Other early adopters have reported measurable improvements, too. Palo Alto Networks reportedly tripled its AI-powered detection features and reduced operational costs, while SAP cut engineering time by 80% and boosted rule deployment fivefold.<\/p>\n<p>Databricks also announced partner integrations with a bunch of known cybersecurity providers, including Abnormal AI, ActiveFence, Alpha Level, Arctic Wolf, BigID, DataBahn, Datanimbus, Deloitte, Entrada, Obsidian Security, Panther, PointGuard AI, Rearc, SPLX, Theom AI, Varonis, and ziggiz.<\/p>\n<h2 class=\"wp-block-heading\"><a><\/a>A crowded field of AI Security Platforms<\/h2>\n<p>Databricks\u2019 latest move puts it in competition with established security players who\u2019ve been leaning heavily on AI-driven analytics, including <a href=\"https:\/\/www.csoonline.com\/article\/4058991\/where-cisos-need-to-see-splunk-go-next.html\">Splunk<\/a> (now part of Cisco), Microsoft <a href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/boosting-microsofts-response-to-cybersecurity-attacks-with-microsoft-azure-sentinel\" target=\"_blank\" rel=\"noopener\">Sentinel<\/a>, Google <a href=\"https:\/\/cloud.google.com\/blog\/products\/identity-security\/introducing-chronicle-security-operations\" target=\"_blank\" rel=\"noopener\">Chronicle<\/a>, and startups like <a href=\"https:\/\/www.csoonline.com\/article\/524286\/what-is-siem-security-information-and-event-management-explained.html?utm=hybrid_search#:~:text=Who%20are%20the%20leading%20SIEM%20vendors?\">Securonix<\/a>. Each offers some flavors of unifying data streams, layering AI detection, and reducing analyst fatigue.<\/p>\n<p>For Databricks, the differentiator will be whether its Lakehouse roots can overcome the \u201crip-and-replace\u201c perception common in cybersecurity. Analysts will be watching to see if Agent Bricks can give customers enough flexibility to deploy AI responsibility while avoiding the <a href=\"https:\/\/www.csoonline.com\/article\/4051505\/avnet-unlocks-vendor-lock-in-and-reinvents-security-data-management.html\">lock-in<\/a> that plagues traditional SIEM. <\/p>\n<p>Adanan Amjad, US cyber leader at Deloitte, argued that the ecosystem strategy could help Databricks stand out. \u201cOur alliance with Databricks helps enable organizations to fully utilize AI-driven insights, helping them transform their security operations to meet the challenges of today\u2019s digital landscape,\u201d he said. Still, to excel, Databricks will need to prove that an open partner network and unified governance deliver more than just marketing lines.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Databricks is trying to carve out a bigger role in cybersecurity for itself with the launch of \u201cData Intelligence for Cybersecurity,\u201d a platform aimed at unifying fragmented security data and powering AI agents against automated attacks. The company says the tool integrates directly with existing security stacks, giving teams a single, governed foundation for spotting [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":5124,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-5123","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5123"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5123"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/5123\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/5124"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5123"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5123"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5123"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}