Databricks Agrees to Acquire Panther, Further Establishing the Security Lakehouse Category

• Panther, a leading AI SOC platform, accelerates Databricks' security offering, helping customers unify data sources, detect threats, and investigate alerts with swarms of agents.
• Acquisition supports Databricks' push to replace legacy SIEMs by operationalizing agentic detection and response on top of a unified security lakehouse.
• Panther product features 100+ out-of-the-box data integrations, detection-as-code capabilities, and agentic SOC workflows delivering immediate, automated threat investigation.

DATA + AI SUMMIT - June 16, 2026 - Databricks, the Data and AI company, today announces intent to acquire Panther, a leading AI SOC platform. The acquisition will advance the company's vision for the security lakehouse, a new category of security software that is disrupting legacy SIEM with an agentic approach. Together, Databricks and Panther will help organizations detect more threats, investigate every alert, and fight AI-driven attacks with AI. Trusted by leading security teams - including Anthropic - Panther has proven it can defend the most demanding, AI-native environments. Panther is the third security acquisition announced by Databricks, strengthening its AI security product team and deepening its investment in security.

Panther: AI SOC built for the Security Lakehouse
AI-driven attacks are evolving faster than human-led defenses can keep up. Attackers now use AI agents to find new vulnerabilities and attack paths across cloud, SaaS, and AI systems. Meanwhile, SIEMs are held back by high costs, limited data, and manual, labor-intensive workflows. As a result, most organizations analyze only a fraction of their security data-leaving them blind to many of the new agent-driven attacks in their environments.

Today's SOC workflows make this worse, because they're still largely manual: teams hand-manage data ingestion, hand-write detection rules, and investigate every alert by hand. With legacy tools, SOC teams simply can't keep pace with new threats. Panther closes the gap by replacing costly, closed SIEM stacks with agentic SOC workflows-so defenders can investigate every alert and disrupt attacks at the speed and scale of AI.

"Legacy SIEM was never designed for AI," said Ali Ghodsi, Co-founder and CEO of Databricks. "Databricks, which has the trust of 70% of the Fortune 500 in data and AI, is doubling down on Lakewatch and our security lakehouse vision. With Panther, we enhance and expand our ability to analyze all data and automate SOC workflows. Together, we can offer the best platform to help defend the world against agentic attacks."

"We are thrilled to join Databricks and help accelerate the security lakehouse vision," said Jack Naglieri, Founder and CEO of Panther. "The SOC is at an inflection point: AI is changing how attacks are launched and defenders can now finally keep pace with them. Together with Databricks, we can arm defenders with sophisticated agents that scale detection, investigation, and response."

"Building frontier AI requires security operations that are programmable and deeply integrated with the way modern engineering teams work," said Tim Nguyen, Head of Defense at Anthropic. "Panther has helped us bring a software engineering approach to detection and response, giving our team the flexibility to adapt quickly as our environment evolves."

Accelerating Databricks' Security Lakehouse Vision
Earlier this year, Databricks introduced Lakewatch, its security lakehouse designed to help organizations defend against increasingly sophisticated AI-driven attackers. Lakewatch unifies security, IT, and business data into a single, governed lakehouse for agentic detection and response, enabling customers to ingest, retain, and analyze unprecedented volumes of unstructured data while reducing total cost of ownership.

Adding Panther accelerates Databricks' security lakehouse vision in several key ways:

• Agentic workflows designed for SOC: Lakewatch and Panther embed AI agents directly into core SOC workflows so they can automatically triage alerts, gather context, and propose next steps.
• Broad, high-fidelity data coverage: 100+ pre-built, deeply parsed integrations across critical cloud infrastructure, identity providers, endpoints, networks, and SaaS applications, delivering immediate, out-of-the-box ingestion without the complex mapping required by legacy SIEMs.
• Top security team: The Panther team of engineers and former SOC analysts brings deep experience in open source and cloud-native security operations. Founded by the leader of the open source StreamAlert project originally created at Airbnb, Panther has grown into a cloud-native SIEM and AI SOC platform built on detection-as-code and security data lakes.

The acquisition of Panther builds on Databricks' recent security investments, including its acquisitions of Antimatter and SiftD.ai. Hear more this week at Data + AI Summit in San Francisco.

Details regarding the proposed acquisition
The proposed acquisition is subject to customary closing conditions, including any required regulatory clearances.

About Databricks
Databricks is the Data and AI company. More than 20,000 organizations worldwide - including adidas, AT&T, Bayer, Block, Mastercard, Rivian, Unilever, and 70% of the Fortune 500 - rely on Databricks to build and scale data and AI apps, analytics and agents. Headquartered in San Francisco with 30+ offices around the globe, Databricks offers a unified platform that includes Lakebase, Genie, Agent Bricks, Lakeflow, Lakehouse, and Unity Catalog. To learn more, follow Databricks on LinkedIn, X, YouTube, and Instagram.

Contact: [email protected]