Built In, Not Bolted On: What AI-Native Actually Means in Cybersecurity

2026-04-28 · Source: Databricks · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Software Development & Engineering · Depth: Intermediate, medium

Summary

Barracuda, a cybersecurity company, is addressing the paradox of security tool sprawl increasing risk by adopting an "AI-native" product development approach. This strategy, powered by the Databricks enterprise data platform, unifies protection across email, data, networks, applications, and managed XDR. Barracuda uses Databricks Genie to develop features like natural language log search, enabling customers to query billions of security events in plain language while maintaining data isolation. Neal Bradbury, Barracuda's Chief Product Officer, emphasizes building intelligence directly into the data layer, allowing applications to continuously adapt to evolving threats and individual customer risk profiles, rather than adding AI as a superficial interface. This architectural commitment has enabled real-time streaming detection, ML operations via MLflow, and the extension of this platform pattern to other products like WAF-as-a-service and API security.

Key takeaway

For CTOs and VPs of Engineering evaluating product strategies, prioritize building intelligence directly into your application's core architecture rather than layering AI on top. This "AI-native" approach, leveraging a unified data layer, will enable your products to adapt dynamically to customer-specific contexts and evolving threats, creating a defensible competitive advantage that generic SaaS models cannot replicate. Focus on clear outcomes and iterative development to successfully embed AI.

Key insights

AI-native applications embed intelligence into their core architecture, enabling continuous adaptation and leveraging proprietary data for superior defense.

Principles

• AI-native means built-in, not bolted-on.
• Applications must continuously adapt to evolving needs.
• Proprietary data layers are a key differentiator.

Method

Re-architect core products by defining clear outcomes, organizing a normalized data layer, and iterating with small, manageable migrations to embed AI-native features.

In practice

• Use natural language search for security event querying.
• Implement real-time streaming detection with notebooks.
• Align teams around shared, measurable outcomes.

Topics

• AI-native Applications
• Cybersecurity Platform
• Data Layer
• Managed XDR
• BarracudaONE

Best for: CTO, VP of Engineering/Data, AI Architect, Director of AI/ML, AI Product Manager, Executive

Related on AIssential

• Cloud native is now AI-native: Engineering production-ready AI — Production-ready AI requires cloud-native principles, vendor-neutral infrastructure, integrated security, and active community contribution.
• Trusted AI Architectures for Risk and Compliance Leaders - with Dean Alms & Eric Hensley of Aravo — AI-native orchestration transforms fragmented risk data into holistic, exception-based, board-level resilience strategies.
• MCP as the API for AI‑Native Systems: Security, Orchestration, and Scale — MCP is becoming the API for AI-native applications, requiring secure, orchestrated, and scalable deployments.
• What is an AI Native Cloud? — AI-native companies require a specialized cloud infrastructure optimized for rapid iteration and GPU-driven workloads.
• 🔴 LIVE: Meta Cuts 8K Jobs | Modi’s Gulf Power Play & Anthropic’s Cyber Shock | Front Page — AI-driven transformation is reshaping corporate structures, national economic strategies, and cybersecurity paradigms.
• Big Ideas 2026: Part 2 — AI will fundamentally reshape industrial bases, critical infrastructure, and consumer applications by 2026.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Databricks.