Databricks ran its summit this week. Every headline announcement pointed at the same place.
Unity AI Gateway, governing MCP traffic and model calls and outside agents. Access control on what an agent can reach. Agent Bricks pulling context from the catalog over MCP. Managed agent memory in Lakebase. ABAC going GA so permissions follow attributes instead of a list of roles nobody has cleaned up since 2021.
Take the product names off and read what’s underneath. Moving data from one place to another stopped being the job. Governing the intelligence that reads the data became the job.
That’s the bet we made when we started Datris.
So I’m not going to pretend I’m annoyed. I’m validated. When the biggest company in the space rebuilds its summit around a problem you’ve been heads-down on for two years, the debate about whether the problem is real is finished. Twelve months ago I was arguing that a governance layer between connectors and agents should exist at all. Databricks just made that argument for me, in front of a much larger room than I’ll ever book.
Their gateway reaches out. Their gravity pulls in.
The gateway governs external MCP servers. Fine. But the context comes from Unity Catalog. The memory sits in Lakebase. The agent traces get stored and governed right next to all the data you already loaded into the lakehouse.
Govern everything in one place, they say. Read it again. Govern everything in their place.
There’s a line in their own post about keeping agent data in the lakehouse rather than siloed off in some other vendor. That line isn’t there by accident. The more of your context and memory and traces live inside their walls, the harder it gets to govern anything that lives outside them.
I’ve watched this movie before. I spent thirty years inside large financial institutions, and the pattern never changes. Somebody solves a real problem in a way that only works if you’re already all in. It works. Then renewal comes around and you learn what “all in” actually costs.
What we built instead
Datris governs the stack you already have. Whatever warehouses you run. Whatever connectors feed them. Whatever framework your agents live in. No migration, and no rule that the data and the agents touching it have to belong to the same company.
That’s not a feature gap between us and them. It’s a different answer to one question. Who should hold the keys?
When a single vendor owns the data, the catalog, the agent platform, and the layer governing all of it, you’ve handed that vendor the ability to see everything, meter everything, and decide what your agents are allowed to do. Convenient, until the day it isn’t. Anyone who’s lived through one lock-in cycle can already see where it goes.
Open source moves the leverage back to you. Neutral means it doesn’t care which warehouse you bought or which model you’re calling this quarter. It governs the traffic. It doesn’t try to own the ground underneath it.
The category is settled. The question changed.
For a long time the question was whether this layer earned the right to exist. Databricks answered that one this week.
The new question is who you trust with the keys. A vendor whose whole model depends on you moving everything into its lakehouse, or an open, neutral layer that governs what you already run, where it already runs.
I know which one I’m building. Databricks just helped me sell it.
Datris. Open source. Neutral by design.
Todd Fearn is the founder and CEO of Datris, an open-source, agent-native data platform built on the Model Context Protocol. He also runs IData Corporation, the data engineering consultancy Datris grew out of. Before all this he spent thirty years building production data infrastructure inside financial institutions, among them Goldman Sachs, Bridgewater, Deutsche Bank, Salomon Brothers, and Freddie Mac. He has founded several venture-backed startups.