Databricks introduces data intelligence for Cybersecurity

Databricks has announced the launch of Data Intelligence for Cybersecurity, a solution designed to support organisations in responding to modern, increasingly AI-driven cyber threats. The platform integrates with existing security infrastructures and consolidates enterprise data using Databricks' open ecosystem and Lakehouse architecture.

This approach enables security teams to leverage AI more effectively, identifying risks earlier, gaining richer contextual understanding of attacks, and improving response times. As part of this release, Databricks Agent Bricks allows organisations to build AI-powered applications and agents that can analyse data accurately and execute governed actions across the entire security workflow.

The challenge of data fragmentation in cybersecurity 

The growing complexity of cyber threats, particularly with the adoption of AI by malicious actors, has left many organisations struggling to keep pace. Fragmented data and reliance on generalised AI models often result in slow response times, limited visibility, and increased risk exposure. Data Intelligence for Cybersecurity addresses these issues by providing real-time threat intelligence and broad contextual visibility. Built on the Lakehouse architecture, it unifies security data across disparate systems, giving teams the ability to detect hidden threats and respond with greater speed and precision.

The platform brings together several capabilities designed to support both technical and non-technical users. Through Agent Bricks, organisations can quickly develop and deploy production-ready AI agents to automate threat detection and response. Its intuitive interface, which includes natural language search and real-time analytics, provides accessible insights across all levels of the organisation. Crucially, the Lakehouse architecture enables a unified view of the entire attack surface, helping to overcome the limitations of legacy SIEM systems and proprietary data silos.

Customer use cases 

Several organisations have already adopted Data Intelligence for Cybersecurity to improve their operational resilience. Arctic Wolf, for example, operates one of the largest cybersecurity data platforms, processing over eight trillion events per week. With Databricks, it has been able to unify and analyse this data in real time, accelerating AI innovation and enhancing its AI-powered Security Operations Centre (SOC).

Barracuda Networks reports a 75% reduction in daily processing and storage costs, in addition to achieving sub-five-minute alerting and freeing up engineers to focus on innovation rather than infrastructure management. Similarly, Palo Alto Networks has consolidated fragmented security data and tripled the speed of its AI-powered threat detection capabilities, resulting in reduced operational costs and improved global visibility. SAP Enterprise Cloud Services has also seen significant performance improvements, reducing engineering time by 80% and increasing rule deployment speed fivefold.

To extend the platform’s capabilities, Databricks has partnered with a broad network of security and analytics providers, including Abnormal AI, Accenture Federal, ActiveFence, Alpha Level, Arctic Wolf, BigID, DataBahn, DataNimbus, Deloitte, Entrada, Obsidian Security, Panther, PointGuard AI, Rearc, SPLX, Theom, Varonis, and ziggiz. These collaborations aim to deliver integrated, scalable solutions tailored to modern cybersecurity needs across industries.

Partners have highlighted the strategic value of this integration. Accenture Federal Services noted the importance of co-developing cybersecurity standards at the federal level, combining Databricks' data platform with domain expertise to deliver modern solutions. Arctic Wolf praised the ability to analyse vast volumes of security telemetry in real time, while DataBahn described the collaboration as a model for the next generation of AI-native security operations.

Deloitte emphasised the need for AI-driven insights in today’s security strategies, and Panther pointed to the flexibility it brings for organisations operating in hybrid and cloud-native environments. Varonis highlighted how the integration supports end-to-end visibility and governance of sensitive data, combining scalable analytics with real-time threat detection.

By bringing together data unification, AI enablement, and partner integration, Data Intelligence for Cybersecurity aims to equip organisations with the tools and infrastructure necessary to address the evolving cybersecurity landscape with greater agility and insight.