Today at the Databricks Data + AI Summit, Databricks announced the Unity AI Gateway partner ecosystem allowing integrations across AI security, identity governance, data protection, and threat detection. Noma is proud to be named as a launch partner.
Databricks is where the most data-rich, mission-critical AI in the world runs. Enterprises that spent years building their data platform on Databricks are now building their AI on it too. But deploying AI at scale without runtime security leaves agent behavior unmonitored and ungoverned. The threats are real, active, and target what agents do, not just the infrastructure they run on.
The Runtime Security Gap in Enterprise AI
As organizations move AI to production, a critical gap has emerged: the runtime layer. Governance tools manage models and data assets. Identity systems control who can log in. But neither was built to watch what an AI agent actually does in real time, across every prompt, tool call, and data interaction, and stop it when something goes wrong.
Unity AI Gateway is Databricks’ governance solution for enterprise AI, extending governance to runtime interactions between models, agents, MCP servers, skills, and tools, enabling organizations to apply policies, monitor activity, manage spend, and govern AI consistently across providers and frameworks.
But infrastructure governance alone doesn’t close the security gap. Prompt injection attacks don’t trigger rate limits. Data exfiltration through legitimate-looking tool calls doesn’t show up in a spend dashboard. Behavioral threats require behavioral detection and that’s exactly what Noma brings. Through the Unity AI Gateway partner ecosystem, Noma delivers runtime AI security directly into Databricks environments: detecting and blocking dangerous behavior across the full agent interaction chain, from masking PII and PCI in transit, to stopping prompt injection, and preventing sensitive data exfiltration.
See Every Agent, Model, and MCP
You can’t govern what you can’t see. For most enterprises, the AI estate on Databricks has been growing faster than anyone can map it.
Agents proliferate quickly. Models get connected to production data without formal review. MCP servers expose tools that no one in security has audited. Within months, organizations can go from a handful of known deployments to sprawling, undocumented AI infrastructure.
Noma automatically discovers every agent, model, and MCP server running across the enterprise, including those on Databricks, surfacing each connection in real-time with full context: what each server exposes, which agents connect to it, and where it stands against security policy. With the Unity AI Gateway integration, that discovery pulls directly from the authoritative traffic layer, giving security teams a complete, continuously updated AI risk profile without weeks of manual work.
Control Every Action
AI agents running on Databricks don’t just run queries. They retrieve customer records, write to databases, call external APIs, and send messages. Each action carries risk and the risk isn’t uniform. A read-only analytics tool and a tool that can delete production records don’t belong under the same policy.
Noma Agent Access Control gives security teams enforceable governance over every agent and tool in the Databricks environment. Each connection is assigned one of three states: Approved, Requires Review, or Blocked, applied at the tool level, not just entire systems. Every agent also gets a distinct identity, making access decisions precise and audit trails trustworthy.
This is what Unity AI Gateway enables at the infrastructure level. Noma makes it enforceable at the security layer.
Stop Every Threat, in Real Time
Runtime security is the layer that makes everything else matter.
In agentic AI, the threat surface is the session itself. A prompt injection attack can redirect an agent mid-session. A sequence of individually permitted actions: retrieving a record, summarizing it, routing it to an external endpoint, can constitute a serious breach when viewed as a whole. By the time a traditional security alert fires, the damage is often already done.
Noma monitors prompts, responses, tool calls, MCP interactions, and agent behavior to detect, mask, or block threats in real time. Because Noma’s runtime detection shares context directly with Agent Access Control, the platform understands both what each agent is permitted to do and what it is actually doing, sharpening detections and reducing false positives.
As Niv Braun, Co-Founder & CEO of Noma Security, puts it: “Agent risk lives in behavior, not just prompts. Noma monitors and governs the full interaction chain, from prompts to tool calls to data access and integration points. When legitimate actions combine into dangerous behavior, Noma detects it and enforces security and compliance policies in real time. Agentic AI changes the security model because agents act across systems autonomously, and by the time something looks wrong, the damage is done. By integrating with Unity AI Gateway, Noma brings full-session behavioral detection to Databricks environments, allowing security teams to govern what agents do before they do it.”
The gateway enforces access. Noma enforces intent.
Noma + Databricks: Secure AI Wherever It Runs
Unity AI Gateway governs access and usage. Noma monitors behavior, and acts on it. Together, they close the loop across three dimensions:
- Discover every agent, model, and MCP running on Databricks, automatically, continuously, with no gaps
- Govern every connection and tool call with enforceable, identity-aware access policies
- Detect and stop prompt injection, data exfiltration, and behavioral anomalies in real time, before damage is done
See every agent. Control every connection. Stop every threat.
Learn more about Noma at noma.security
