3 Sources
[1]
Databricks buys Panther Labs in cybersecurity push
The $134bn data-and-AI company says agentic attacks demand agentic defence, and is bolting on a 'security lakehouse' to take on the incumbents that have sold security software for years. Databricks has a new pitch for the AI age of cyberattacks: fight fire with fire. The $134bn data-and-AI company said it will buy Panther Labs, a cybersecurity startup, as it pushes deeper into a market dominated by Splunk and CrowdStrike. It is Databricks' third security acquisition, a sign of how seriously it is taking the business. The companies did not disclose the price. Defend with agents The logic is simple, if alarming. AI has slashed the time attackers need to find and exploit a software flaw. Attackers now use AI to hunt for weaknesses across cloud and SaaS systems faster than human defenders can respond. "If they're going to attack you with agents, you have to defend with agents," Databricks chief executive Ali Ghodsi told Reuters. The old way of managing security alerts, he said, is "dead". Panther is built for that fight. It pulls a company's security data into one place so AI agents can triage alerts and investigate threats automatically. It already defends AI-native environments, part of a wider rush to secure the swarm of AI agents inside big companies. Anthropic is a customer. Killing the SIEM Databricks calls the result a "security lakehouse", and the target is explicit: the legacy SIEM, the security-monitoring software that Splunk and others have sold for years. Databricks launched its own version, Lakewatch, in March. Panther adds a ready-made platform and a team that has spent years building cloud-native threat detection. The deal also fits a pattern. Databricks is buying its way into one vertical after another, and security is the latest. Panther follows two earlier security buys, Antimatter and SiftD.ai. The one that got away, until now There is a backstory. Ghodsi says he met Panther's founder, Jack Naglieri, in 2021, took him to dinner, and pitched an acquisition. Naglieri said no and kept building. "That was a good idea for him," Ghodsi said, "because his valuation has been going up since then." Panther was last valued at $1.4bn, after a $120mn round in 2021, though that figure is not the price Databricks is paying now. Five years on, with its own valuation soaring and an IPO in view, Databricks finally got its yes. The deal is still subject to regulatory clearance.
[2]
Databricks acquires cyberattack detection startup Panther
Databricks acquires cyberattack detection startup Panther Databricks Inc. today announced plans to acquire Panther Inc., a startup with an artificial intelligence platform for detecting cyberattacks. The companies didn't disclose the financial terms. Panther received a $1.4 billion valuation in a 2021 funding round that included contributions from Snowflake Ventures, Coatue and other prominent backers. Understanding the scope of a cyberattack requires a reviewing a significant amount of telemetry. However, organizations often have only partial data about breaches because collecting all the necessary information can be prohibitively expensive. Panther's platform includes filters that remove noise from telemetry streams, which reduces costs and thereby makes it possible to collect more high-value breach data. The platform not only gathers telemetry but also organizes it in a format that eases analysis. From there, Panther scans the data for threats using customer-provided detections. A detection is a snippet of code designed to spot a specific type of malicious activity. Some companies have upwards of hundreds of such code snippets. Panther includes an AI tool that enables customers to create detections using natural language prompts. When a detection generates a false positive, another AI module finds the root cause and suggests code changes. Panther implements detections in Python, a relatively simple language that enables developers to quickly make customizations. The platform also supports a second programming syntax called PantherFlow. According to the company, customers can use it to run queries on cybersecurity logs. For example, an administrator investigating a breach that occurred in the past day can write a PantherFlow script that brings up recent access logs from the affected systems. Panther generates a natural language description of each cybersecurity risk that it finds. It enriches the data with external information such as threat intelligence. As a result, the platform can highlight the vulnerabilities that should be fixed first because they're being actively targeted by hackers. Panther offers its software in two flavors. There's a managed version and an edition optimized to run on cloud data platforms such as Databricks. According to Panther, the latter offering enables enterprises to analyze their cybersecurity logs without moving them. Databricks will use the company's technology to expand its breach detection capabilities . In March, the analytics giant introduced a product called Lakewatch that enables enterprises to collect and analyze cybersecurity logs from multiple sources. Databricks says that Panther's software will speed up tasks such as developing breach remediation plans. "With Panther, we enhance and expand our ability to analyze all data and automate SOC workflows," said Databricks co-founder and Chief Executive Officer Ali Ghodsi. Panther is the third cybersecurity startup that the company has acquired since the start of the year. Databricks previously bought data encryption specialist Antimatter Inc. and SiftD Inc., which built a platform for automating breach remediation tasks.
[3]
Databricks Makes Third Cyber Acquisition, Acquiring Panther Labs
Databricks has agreed to acquire Panther Labs for an undisclosed price to expand the data company's footprint in cybersecurity. The San Francisco-based company positioned the deal as a step toward competing with larger rivals CrowdStrike and Splunk, Reuters reported. Panther Labs was last valued at $1.4 billion after a $120 million Series B round in 2021. The startup's product pulls security-relevant data streams into a single place so software "agents" can act on threats with minimal human involvement as attack volume rises alongside broader AI adoption. At Databricks' Data + AI Summit in San Francisco, CEO Ali Ghodsi argued that AI has accelerated how quickly attackers can turn software flaws into real intrusions and said older alert-and-log workflows were "dead." "If they're going to attack you with agents, you have to defend with agents," Ghodsi told Reuters. "You have to fight fire with fire." Databricks Is Deal Hungry This is Databricks' third acquisition in the cybersecurity space. In March 2025, the company acquired Antimatter, a security startup that specializes in data protection, authorization, and secure governance for AI agents. The transaction was kept confidential until March 2026, when Databricks launched its AI-powered security product, Lakewatch, That same month, Databricks also bought SiftD.ai, an early-stage security startup focused on agentic AI-human collaboration tools and deep expertise in large-scale detection engineering. Financial terms for either deal were not disclosed. Databricks is reportedly considering a new funding round that could begin within the next month, potentially boosting its valuation to between $165 billion and $175 billion. The new funding round might kick off within the coming month. Despite operating for 13 years, Databricks has repeatedly delayed an IPO, choosing instead to raise private funding and facilitate secondary share sales. The terms of its latest funding round are still being finalized, and it remains unclear whether the new capital will be included in the company's valuation, as per the report. Ghodsi told investors that the company remains on track for an IPO, potentially as early as next year. Photo Courtesy: bluestork on Shutterstock.com This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors. Market News and Data brought to you by Benzinga APIs To add Benzinga News as your preferred source on Google, click here.
Share
Copy Link
Databricks has acquired cybersecurity startup Panther Labs, valued at $1.4 billion in 2021, marking its third security acquisition this year. The $134 billion data-and-AI company is building a security lakehouse to combat AI-driven attacks with automated agent-based defense, directly challenging legacy players like Splunk and CrowdStrike in the rapidly evolving cybersecurity market.
Databricks has announced its acquisition of Panther Labs, a cybersecurity startup specializing in AI-powered threat detection, though financial terms remain undisclosed
1
2
. Panther Labs was last valued at $1.4 billion after raising $120 million in a 2021 Series B round backed by Snowflake Ventures and Coatue1
3
. This Databricks acquisition represents the company's third cybersecurity deal since the start of the year, signaling an aggressive push into a market dominated by established players like Splunk and CrowdStrike1
.
Source: Benzinga
The acquisition comes as AI cybersecurity threats accelerate at unprecedented speed. Ali Ghodsi, Databricks chief executive, explained the stark reality facing organizations: AI has dramatically reduced the time attackers need to identify and exploit software vulnerabilities across cloud and SaaS systems
1
. "If they're going to attack you with agents, you have to defend with agents," Ghodsi told Reuters, declaring that traditional security alert management is "dead"1
3
. Panther Labs addresses this challenge by consolidating security data into a unified platform where AI agents can automatically triage alerts and investigate threats without constant human intervention . The platform already defends AI-native environments and counts Anthropic among its customers1
.Databricks is positioning the combined technology as a security lakehouse, directly targeting legacy SIEM tools that companies like Splunk have sold for years
1
. The company launched Lakewatch in March 2025, its own AI-powered security product that enables enterprises to collect and analyze cybersecurity logs from multiple sources2
3
. Panther's technology will enhance these breach detection capabilities by speeding up tasks such as developing remediation plans and automating security operations center workflows2
.Panther Labs tackles a critical challenge in cyberattack detection: organizations often have incomplete breach data because collecting comprehensive telemetry is prohibitively expensive
2
. The platform includes filters that remove noise from telemetry streams, reducing costs while enabling collection of more high-value breach data2
. Panther scans organized data for threats using customer-provided detections—code snippets designed to spot specific malicious activities2
. An AI tool enables customers to create these detections using natural language prompts, while another AI module identifies root causes of false positives and suggests code changes2
. The platform implements detections in Python and supports PantherFlow, a programming syntax for querying cybersecurity logs2
.Related Stories
This deal follows Databricks' acquisition of Antimatter, a data encryption specialist focused on data protection and secure governance for AI agents, and SiftD.ai, which built tools for automating breach remediation tasks and agentic AI-human collaboration
2
3
. The pattern reveals Databricks is systematically buying its way into one vertical after another, with AI-driven security as the latest focus1
. There's history between the companies: Ghodsi met Panther founder Jack Naglieri in 2021, took him to dinner, and pitched an acquisition, but Naglieri declined to keep building1
. "That was a good idea for him," Ghodsi acknowledged, "because his valuation has been going up since then"1
. Five years later, with Databricks' own valuation soaring to $134 billion and an IPO in view, the company finally secured the deal1
.Databricks is reportedly considering a new funding round within the next month that could push its valuation to between $165 billion and $175 billion
3
. Despite operating for 13 years, the company has repeatedly delayed its IPO, opting instead for private funding rounds and secondary share sales3
. Ghodsi told investors the company remains on track for an IPO, potentially as early as next year3
. The Panther Labs deal remains subject to regulatory clearance1
. As AI agents proliferate inside enterprises, the rush to secure these environments intensifies, positioning Databricks to compete directly with established cybersecurity vendors in a market where speed and automation now determine survival.Summarized by
Navi
[1]
[2]
25 Mar 2026•Technology

30 Sept 2025•Technology

19 Aug 2025•Business and Economy

1
Technology

2
Policy and Regulation

3
Policy and Regulation
