Enterprise Technology Analysis  ·  shashi.co

The end of clean categories: Databricks and the turf blur era

At Data + AI Summit today in San Francisco, Databricks CEO Ali Ghodsi repeated three words that say more about enterprise software strategy than any analyst report: open source, open integration, lower costs. Behind those words is a company that has quietly made analyst firm categories obsolete.

"Every major enterprise software company is moving up and down the stack simultaneously. Infrastructure, data, security, applications. The lines between them are gone. I call this turf blur."
Shashi Bellamkonda, Principal Research Director, Info-Tech Research Group

What Databricks announced today

In a single day at Data + AI Summit, Databricks crossed five categories that no single analyst framework stitches together:

The turf blur thesis

For years, analyst firms organized the enterprise software market into neat categories: data integration, SIEM, CDP, CRM, infrastructure. Vendors were evaluated within those lanes. Buyers were advised to select best-of-breed per category and integrate.

That model is breaking down. What I am observing across Databricks, Salesforce, ServiceNow, Cisco, and others is what I call turf blur: a structural shift where leading technology companies deliberately expand across adjacent layers of the stack, driven by data gravity and the economics of AI workloads.

The motion is bidirectional. Databricks goes deeper into infrastructure (real-time lakehouse, open table formats) while simultaneously moving into application-layer territory (CDP, agentic coworker, SIEM). This is not feature creep. It is deliberate category expansion anchored in a single architectural bet: that the data lakehouse becomes the substrate for everything.

Why "open" is the competitive weapon

Ghodsi's three-word mantra, open source, open integration, lower costs, is not a philosophy statement. It is a competitive positioning strategy aimed precisely at Snowflake's historically closed ecosystem and at the high-margin lock-in economics of Salesforce and ServiceNow.

When your data lives in open formats (Delta Lake, Apache Iceberg) on your own cloud storage, switching costs flow toward Databricks rather than away. Adding a security layer, a CDP, or an agentic coworker on top of data you already own is a much easier procurement conversation than rearchitecting around a new closed platform.

The Anthropic signal in the Panther deal

One detail in the Panther press release deserves more attention than it is getting. Anthropic, one of the most security-conscious AI labs in the world, was named as a Panther customer, with a quote from Tim Nguyen, Head of Defense at Anthropic, specifically praising detection-as-code and programmable security operations.

Frontier AI labs are becoming reference customers for enterprise security vendors. That is a new dynamic. As I track under my DefenseClaw framework, the security stack for AI-native organizations is being rebuilt from first principles, and the vendors winning those early reference accounts will have significant credibility advantages in mainstream enterprise sales cycles.

What this means for CIOs and CTOs

Three practical implications for technology leaders evaluating their vendor portfolios:

1. Stop evaluating vendors by category alone. Databricks competes with Splunk, Snowflake, Salesforce, and ServiceNow simultaneously. Your procurement and vendor strategy needs to reflect multi-category competition.
2. Data gravity is the new lock-in. Where your data lives increasingly determines what applications you can run cheaply and at speed. Architectural decisions made today in your data layer will constrain or enable your AI and security strategies.
3. Openness is now a procurement criterion. When evaluating platforms, ask specifically: what formats does my data leave in, and what does migration look like? Vendors who cannot answer clearly are building lock-in by design.

About Shashi Bellamkonda

Loading bio…

LinkedIn Profile

Get new posts by email:

Subscribe

Powered by