Governance DAIS 2026

Unity AI Gateway: Unified Governance for Enterprise AI

Unity AI Gateway delivers visibility, cost controls, contextual policies, and AI activity monitoring in one place — extending Unity Catalog to the world of agents and models.

What's new

  • Unified AI cost visibility by user, team, tool, and use case
  • Hard spend caps that automatically stop requests when budgets are exceeded
  • Unity Catalog extended to govern models, MCPs, agents, and skills
  • Contextual Service Policies (Beta) for dynamic runtime controls
  • End-to-end traces of models and MCP tools in a governed layer
Source: Databricks Blog

By the numbers

4 Innovation areas
GA General availability
Multi-modelo Unified governance
AI Spend Dashboard — Unity AI Gateway
LIVE BETA
Monthly Budget (Hard Cap) $500
$100$2,000
Data Science
$340
CAP
Engineering
$210
CAP
Analytics
$95
CAP
Marketing
$55
CAP
Contextual Policy Builder (SQL)
Generated SQL Policy
 
 
 
 
   
  Full analysis   
 
Overview


At Data + AI Summit 2026, Databricks announced major enhancements to Unity AI Gateway, its enterprise AI governance solution. The platform now provides comprehensive oversight of AI costs, assets, interactions, and security across multi-model, multi-agent environments — extending governance beyond data to encompass the entire AI lifecycle.


Unity AI Gateway integrates directly within Unity Catalog, meaning the same teams that govern data can now govern AI models, agents, MCPs, and skills without learning a separate system. Customers like Udemy and First American are already using it in production.


Four Innovation Areas


1. Cost Controls and Intelligent Routing


The gateway provides unified spend visibility across Databricks models, frontier model families, coding agents, and custom applications. Teams can attribute costs granularly by user, team, tool, and use case.


Hard spend caps automatically stop requests when budgets exceed defined thresholds. Intelligent routing recommendations suggest the appropriate model based on task complexity, quality requirements, and cost, enabling portfolio optimization without constant manual intervention.


2. Govern AI Assets and Interactions in One Place


Unity Catalog now extends its reach to govern foundation models, MCP services, agents, and skills. Managed MCP services for Google Drive, Jira, Confluence, Slack, GitHub, and SharePoint are included — all with the same access control policies as data assets.


Contextual Service Policies (Beta) enable dynamic controls based on user, agent, model, or request content. Administrators can define rules to allow, deny, or require approval for specific actions, such as preventing an agent from modifying sensitive folders or exposing PII data.


3. Monitor and Investigate AI Activity


The gateway captures end-to-end traces spanning model interactions and MCP tool activity in a single governed layer. Genie integration enables natural-language exploration of coding agent logs for troubleshooting without writing SQL.


Lakewatch integration — Databricks’ agentic SIEM built on the security lakehouse — detects suspicious activity and investigates policy violations. Lakewatch unifies security telemetry, IT logs, and business data on an open lakehouse (Delta/OCSF), with Genie-powered AI for detection rule creation, threat hunting, and investigation workflows. It provides unified visibility into multi-model, multi-agent workflows that were previously impossible to audit coherently.


4. Open Ecosystem Extension


Databricks announced integrations with 14+ security and identity partners:


Runtime AI Security: Alice, CrowdStrike, Cyera, HiddenLayer, Netskope, Noma, Obsidian, Openlayer, Palo Alto Networks, and Zscaler apply real-time protections against prompt injection, data exposure, and malicious tool use.


Identity and Access: Okta, Ping Identity, SailPoint, and Saviynt extend enterprise identity controls to AI agents, ensuring no non-human identity goes ungoverned.


Key Points


    

  • Unified AI cost visibility by user, team, tool, and use case
    • 

  • Hard spend caps that automatically stop requests when budgets are exceeded
    • 

  • Unity Catalog extended to govern models, MCPs, agents, and skills
    • 

  • Contextual Service Policies (Beta) for dynamic runtime controls
    • 

  • End-to-end traces of models and MCP tools in a governed layer
    • 

  • Genie integration for natural-language exploration of agent logs
    • 

  • Lakewatch for detecting suspicious activity in AI workflows
    • 

  • 10+ security partners for runtime protection integration
    • 

  • 4 identity partners for governing agents as enterprise identity citizens
    • 



Why It Matters


The proliferation of AI in enterprises has created an “AI shadow” similar to shadow IT of the 2010s: models, agents, and tools deployed without central visibility, without cost controls, and without audit trails. Unity AI Gateway directly addresses this.


For data teams and technical leaders, the message is clear: AI governance cannot be a separate system from data governance. If customer data lives in Unity Catalog with its access policies, it makes sense that the policies governing what an agent can do with that data live in the same place, using the same tooling.


The partner ecosystem also sends an important signal: Databricks isn’t trying to solve every AI security problem alone, but rather building a platform where leading tools in each category — threat detection, DLP, identity — integrate natively with the data governance layer.
 
 
  
   Previous   Next   
 
  
   
 
 
  Based on official content from      Databricks   Official source