- Panther, the leading AI SOC platform, accelerates Databricks’ security offerings, helping customers integrate data sources, detect threats, and investigate alerts from swarms of agents.
- This acquisition supports Databricks’ efforts to replace traditional SIEM by enabling agent detection and response to operate on a unified security lakehouse.
- Panther products feature over 100 out-of-the-box data integrations, detection-as-code capabilities, and agent SOC workflows for instant automated threat investigation.
DATA + AI Summit — June 16, 2026 — Data and AI company Databricks today announced its intention to acquire Panther, a leading AI SOC platform. This acquisition advances the company’s vision for Security Lakehouse, a new category of security software that disrupts traditional SIEM with an agentic approach. Databricks and Panther together enable organizations to detect more threats, investigate all alerts, and defend against AI-powered attacks. Trusted by leading security teams including Anthropic, Panther has proven its ability to defend the most demanding AI-native environments. Panther is the third security acquisition announced by Databricks, strengthening its AI security product team and strengthening its investment in security.
Panther: AI SOC built for Security Lakehouse
AI-driven attacks are evolving faster than human-driven defenses can keep up. Attackers are now using AI agents to find new vulnerabilities and attack paths across cloud, SaaS, and AI systems. SIEM, on the other hand, is held back by high costs, limited data, and manual, labor-intensive workflows. As a result, most organizations only analyze a portion of their security data, leaving them unaware of many of the new agent-driven attacks in their environments.
Current SOC workflows are still largely manual, further exacerbating this problem. The team manually manages data ingestion, hand-writes detection rules, and manually investigates all alerts. Traditional tools don’t allow SOC teams to respond to new threats. Panther fills the gap by replacing expensive closed SIEM stacks with agent SOC workflows. This allows defenders to investigate every alert and thwart attacks at the speed and scale of AI.
“Legacy SIEM was never designed for AI,” said Ali Ghodsi, co-founder and CEO of Databricks. “Databricks, trusted for data and AI by 70% of Fortune 500 companies, is reinforcing the vision of Lakewatch and Security Lakehouse. With Panther, we power and expand our ability to analyze all your data and automate SOC workflows. Together, we can deliver the best platform to help protect the world from agent attacks.”
Jack Naglieri, Founder and CEO of Panther, said: “SOCs are at a tipping point. AI is changing the way attacks are launched, and defenders are finally able to catch up. Together with Databricks, we can equip defenders with sophisticated agents that scale detection, investigation, and response.”
“Building frontier AI requires security operations that are programmable and deeply integrated with the way modern engineering teams work,” said Tim Nguyen, director of defense at Anthropic. “Panther allows us to take a software engineering approach to detection and response, giving our team the flexibility to quickly adapt as the environment evolves.”
Accelerating Databricks’ Security Lakehouse vision
Earlier this year, Databricks announced Lakewatch, a security lakehouse designed to help organizations defend against increasingly sophisticated AI-driven attackers. Lakewatch unifies security, IT, and business data into a single managed lakehouse for agent detection and response. This enables customers to ingest, retain, and analyze unprecedented amounts of unstructured data while reducing total cost of ownership.
The addition of Panther accelerates Databricks’ security lakehouse vision in several important ways.
- Agent workflows designed for SOCs: Lakewatch and Panther embed AI agents directly into core SOC workflows to automatically prioritize alerts, gather context, and suggest next steps.
- Covers extensive, high-fidelity data: 100+ pre-built and well-parsed integrations across critical cloud infrastructure, identity providers, endpoints, networks, and SaaS applications for instant, out-of-the-box ingestion without the complex mapping required for traditional SIEM.
- top security team: The Panther team of engineers and former SOC analysts brings deep experience in open source and cloud-native security operations. Founded by the leaders of the open source StreamAlert project originally created at Airbnb, Panther has grown into a cloud-native SIEM and AI SOC platform built on discovery-as-code and a security data lake.
The acquisition of Panther builds on Databricks’ recent security investments, including the acquisitions of Antimatter and SiftD.ai. Hear more at the Data + AI Summit this week in San Francisco.
Details regarding the acquisition proposal
The proposed acquisition is subject to customary closing conditions, including necessary regulatory approvals.
About data bricks
Databricks is a data and AI company. More than 20,000 organizations around the world, including adidas, AT&T, Bayer, Block, Mastercard, Rivian, Unilever, and 70% of the Fortune 500, rely on Databricks to build and scale their data and AI apps, analytics, and agents. Headquartered in San Francisco with more than 30 offices worldwide, Databricks offers an integrated platform that includes Lakebase, Genie, Agent Bricks, Lakeflow, Lakehouse, and Unity Catalog. For more information, follow Databricks on LinkedIn. ×YouTube, Instagram.
contact: press@databricks.com
