Databricks acquires Panther in third cybersecurity deal to fight AI-driven threats with agents

Databricks acquires cyberattack detection startup Panther

Databricks acquires cyberattack detection startup Panther Databricks Inc. today announced plans to acquire Panther Inc., a startup with an artificial intelligence platform for detecting cyberattacks. The companies didn't disclose the financial terms. Panther received a $1.4 billion valuation in a 2021 funding round that included contributions from Snowflake Ventures, Coatue and other prominent backers. Understanding the scope of a cyberattack requires a reviewing a significant amount of telemetry. However, organizations often have only partial data about breaches because collecting all the necessary information can be prohibitively expensive. Panther's platform includes filters that remove noise from telemetry streams, which reduces costs and thereby makes it possible to collect more high-value breach data. The platform not only gathers telemetry but also organizes it in a format that eases analysis. From there, Panther scans the data for threats using customer-provided detections. A detection is a snippet of code designed to spot a specific type of malicious activity. Some companies have upwards of hundreds of such code snippets. Panther includes an AI tool that enables customers to create detections using natural language prompts. When a detection generates a false positive, another AI module finds the root cause and suggests code changes. Panther implements detections in Python, a relatively simple language that enables developers to quickly make customizations. The platform also supports a second programming syntax called PantherFlow. According to the company, customers can use it to run queries on cybersecurity logs. For example, an administrator investigating a breach that occurred in the past day can write a PantherFlow script that brings up recent access logs from the affected systems. Panther generates a natural language description of each cybersecurity risk that it finds. It enriches the data with external information such as threat intelligence. As a result, the platform can highlight the vulnerabilities that should be fixed first because they're being actively targeted by hackers. Panther offers its software in two flavors. There's a managed version and an edition optimized to run on cloud data platforms such as Databricks. According to Panther, the latter offering enables enterprises to analyze their cybersecurity logs without moving them. Databricks will use the company's technology to expand its breach detection capabilities . In March, the analytics giant introduced a product called Lakewatch that enables enterprises to collect and analyze cybersecurity logs from multiple sources. Databricks says that Panther's software will speed up tasks such as developing breach remediation plans. "With Panther, we enhance and expand our ability to analyze all data and automate SOC workflows," said Databricks co-founder and Chief Executive Officer Ali Ghodsi. Panther is the third cybersecurity startup that the company has acquired since the start of the year. Databricks previously bought data encryption specialist Antimatter Inc. and SiftD Inc., which built a platform for automating breach remediation tasks.

Databricks Makes Third Cyber Acquisition, Acquiring Panther Labs

Databricks has agreed to acquire Panther Labs for an undisclosed price to expand the data company's footprint in cybersecurity. The San Francisco-based company positioned the deal as a step toward competing with larger rivals CrowdStrike and Splunk, Reuters reported. Panther Labs was last valued at $1.4 billion after a $120 million Series B round in 2021. The startup's product pulls security-relevant data streams into a single place so software "agents" can act on threats with minimal human involvement as attack volume rises alongside broader AI adoption. At Databricks' Data + AI Summit in San Francisco, CEO Ali Ghodsi argued that AI has accelerated how quickly attackers can turn software flaws into real intrusions and said older alert-and-log workflows were "dead." "If they're going to attack you with agents, you have to defend with agents," Ghodsi told Reuters. "You have to fight fire with fire." Databricks Is Deal Hungry This is Databricks' third acquisition in the cybersecurity space. In March 2025, the company acquired Antimatter, a security startup that specializes in data protection, authorization, and secure governance for AI agents. The transaction was kept confidential until March 2026, when Databricks launched its AI-powered security product, Lakewatch, That same month, Databricks also bought SiftD.ai, an early-stage security startup focused on agentic AI-human collaboration tools and deep expertise in large-scale detection engineering. Financial terms for either deal were not disclosed. Databricks is reportedly considering a new funding round that could begin within the next month, potentially boosting its valuation to between $165 billion and $175 billion. The new funding round might kick off within the coming month. Despite operating for 13 years, Databricks has repeatedly delayed an IPO, choosing instead to raise private funding and facilitate secondary share sales. The terms of its latest funding round are still being finalized, and it remains unclear whether the new capital will be included in the company's valuation, as per the report. Ghodsi told investors that the company remains on track for an IPO, potentially as early as next year. Photo Courtesy: bluestork on Shutterstock.com This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors. Market News and Data brought to you by Benzinga APIs To add Benzinga News as your preferred source on Google, click here.