Adobe’s Security Lakehouse: OCSF, Data Efficiency and Threat Detection at Scale

This session will explore how Adobe uses sophisticated data security architecture, the new Databricks security lakehouse and the Open Cybersecurity Schema Framework (OCSF) for scalable, real-time threat detection across 10 PB+ of security data.

We’ll compare different approaches to OCSF implementation and demonstrate how Adobe processes vast security datasets efficiently — reducing query times by 18%, maintaining 99.4% SLA compliance and supporting 286 security users across 17 teams with 4.53K+ daily queries. By leveraging Databricks’ security lakehouse, serverless scaling and LLM-powered recommendations, Adobe has significantly improved processing efficiency and speed, resulting in major cost savings. We’ll discuss how OCSF enables advanced cross-tool analytics and automation, improving investigative efficiency. Finally, we’ll introduce Databricks’ new open-source OCSF toolkit, which simplifies security data normalization at scale, and invite the community to contribute.