OrganisationUS

Databricks

US data and AI platform company that acquired Antimatter and SiftD.ai in March 2026 to launch a SIEM product called Lakewatch.

Last refreshed: 17 April 2026 · Appears in 1 active topic

Key Question

Why is Databricks building a SIEM product using two small acquisitions?

Timeline for Databricks

#117 Apr

Acquired Antimatter and SiftD.ai to launch the Lakewatch Security Information and Event Management product

Cybersecurity: Threats and Defences: Google closes $32bn Wiz deal; 38 M&A

View full timeline →

Follow Cybersecurity: Threats and Defences →

Common Questions

What is Databricks Lakewatch?: Lakewatch is Databricks' new Security Information and Event Management (SIEM) product, built by combining the Antimatter and SiftD.ai acquisitions announced in March 2026, and running on Databricks' data-lakehouse platform.Source: SecurityWeek / Databricks
Is Databricks getting into cybersecurity?: Yes. Databricks acquired Antimatter and SiftD.ai in March 2026 to launch a SIEM product called Lakewatch, entering the enterprise security analytics market for the first time.Source: Lowdown / SecurityWeek

Background

Databricks announced the acquisitions of Antimatter and SiftD.ai in March 2026 and combined them to launch Lakewatch, a new Security Information and Event Management (SIEM) product built on Databricks' data-lakehouse platform. The move positions Databricks, best known for its data engineering and machine learning platform, as a competitor in the enterprise security analytics market alongside established SIEM vendors.

Databricks was founded in 2013 by the creators of Apache Spark and is valued at approximately $62 billion as of late 2025. It provides a unified data analytics and AI platform used by enterprises for data engineering, machine learning and analytics workloads. The security analytics space, where SIEM workloads require processing large volumes of event data, is a natural adjacency for a company whose core strength is high-throughput data processing.

The Lakewatch launch follows Google's $32 billion acquisition of Wiz and positions Databricks in the broader consolidation of Cloud security tooling around data-platform companies. For enterprise security teams evaluating SIEM vendors, Databricks' entry with Lakewatch introduces a data-native alternative built on the lakehouse architecture already in use for non-security workloads.

How the World Sees Them

Investors

The March 2026 M&A wave (38 deals per SecurityWeek) validates the thesis that platform companies are absorbing point security products; Databricks' dual acquisition fits the trend.

Enterprise security buyers

Databricks' Lakewatch enters the SIEM market with a data-lakehouse architecture that aligns with the telemetry-volume problem facing large organisations; but it lacks the detection engineering depth of established vendors.

Existing SIEM vendors (Splunk, Microsoft Sentinel)

A well-funded data-platform company entering the SIEM space with existing enterprise data-pipeline relationships is a material competitive threat.