Databricks announced plans to acquire Panther as part of its effort to expand the security lakehouse category and advance AI-powered security operations. The company said the combination will help organizations bring together security-related information from multiple sources, improve threat detection, and automate investigations through agent-based workflows. The move represents Databricks’ third announced security acquisition and adds new capabilities to its growing security portfolio.

Panther specializes in AI-driven security operations center technology and is designed to support modern threat detection and response. Its platform includes more than 100 ready-made integrations that connect with cloud infrastructure, identity systems, endpoints, networks, and software applications. The company also offers detection-as-code functionality and automated workflows that support investigation processes. Databricks said these capabilities will help organizations analyze more security information while reducing reliance on traditional security monitoring systems.

The proposed acquisition arrives as organizations face a changing threat landscape shaped by increasingly capable AI-driven attacks. According to Databricks, attackers now use AI agents to identify vulnerabilities and uncover new pathways into cloud, software, and AI environments. At the same time, many existing security information and event management platforms remain constrained by cost, limited visibility, and operational complexity. These limitations can prevent organizations from reviewing the full scope of available security data.

Databricks argues that traditional security operations remain heavily dependent on manual processes. Security teams often manage data ingestion, create detection rules, and review alerts through labor-intensive workflows. The company believes these approaches struggle to keep pace with the volume and speed of emerging threats. Panther’s technology is intended to address those challenges by introducing automated investigation and response capabilities that operate at a scale aligned with modern attack activity.

Earlier this year, Databricks introduced Lakewatch, its security lakehouse platform designed to unify security, information technology, and business data within a governed environment. The addition of Panther is expected to strengthen that vision through embedded AI agents that can triage alerts, gather supporting context, and recommend next actions. Databricks also highlighted Panther’s engineering and security expertise, noting the team’s background in cloud-native operations, open-source security projects, and detection-as-code approaches that support modern security programs.

📊 What This Means (Our Analysis)

The planned acquisition stands out because it brings together two complementary pieces of the same strategy. Databricks has been building a security lakehouse approach centered on consolidating large volumes of data, while Panther contributes operational workflows focused on detection, investigation, and response. The combination reinforces a model that seeks to connect security data management with day-to-day security operations inside a single framework.

The announcement also reflects a broader shift described within the companies’ own messaging: security teams face growing pressure from increasingly automated attacks while still relying on manual processes. By emphasizing AI agents, automated investigations, and broad data coverage, the deal highlights how security platforms are evolving toward faster and more scalable operations. Within Databricks’ security roadmap, Panther appears positioned to accelerate that transition.

📌 Our Take: The proposed transaction underscores how AI-driven security operations are becoming a central pillar of modern data and security platforms.