Compare
Today, an enterprise that wants what DataDam does has to assemble four vendors: Immuta for database governance, Kong for API proxying, WitnessAI for agent monitoring, and custom code to make them talk. DataDam is one product.
| Capability | API gateway | Immuta | Agent overlays | Databricks | DataDam |
|---|---|---|---|---|---|
| Proxy requests | Yes | No | Observe only | Within Lakehouse | Yes |
| Field-level governance | No | Yes (databases only) | No | Yes (Lakehouse) | Yes (all sources) |
| SaaS API governance | No | No | No | No | Yes |
| Database governance | No | Yes | No | Yes (Lakehouse) | Yes |
| PII masking | No | Yes (databases only) | No | Yes (Lakehouse) | Yes (all sources) |
| Agent-aware policies | No | No | Partial | Yes | Yes |
| MCP support | No | No | No | Yes | Yes (gateway + governed upstreams + stdio shim) |
| LLM egress: outbound prompt scanning (via SDK) | No | No | Partial (text only) | No | Yes (Anthropic, OpenAI, Gemini) |
| LLM egress: image attachment scanning (via SDK) | No | No | No | No | Yes (in-proxy, with redaction back into the request) |
| Consumer AI apps (Claude Desktop, ChatGPT) | No | No | No | No | Roadmap (browser extension + MDM pack) |
| Feeds existing data catalog (Atlan, Collibra, DataHub, OpenMetadata) | No | Limited (database connectors) | No | Unity Catalog only | Yes (OpenLineage push + Catalog API) |
| Agent-level column lineage (which agent read which column) | No | No | No | Pipeline lineage only | Yes (the slice your catalog does not have) |
| REST proxy support | Yes | No | No | No | Yes |
| Real-time enforcement | Rate limits only | Yes (queries) | Post-hoc | Yes | Yes |
| Vendor-neutral | Yes | Partial (databases) | Yes | No | Yes |
Vendor by vendor
None of these products are bad at what they do. They are scoped differently. DataDam is the agent-data proxy specifically.
What they do well: Proxy requests, rate limit, authenticate. Useful for surface-level traffic policy.
Where the gap is: They do not understand what is inside the data. No field-level governance, no PII masking, no agent-aware policies. They govern API traffic, not data content.
What they do well: Field-level access control and PII masking, the closest analog to DataDam in the data-warehouse world.
Where the gap is: Database-only. No support for SaaS APIs (Salesforce, Jira, Slack). No agent awareness. Designed for analysts and BI tools, not AI agents. No MCP support. DataDam is Immuta for AI agents, across all data sources, not just databases.
What they do well: Monitor agent behavior, flag anomalies after the fact. Useful for incident detection.
Where the gap is: They observe, they do not proxy. They watch traffic post-hoc. They can alert "this agent accessed HR data" but cannot prevent it in real time. No data source governance, no field-level masking. On LLM egress via SDK, they cover text-only monitoring; DataDam scans and redacts both prompts and image attachments inline before the vendor sees them. For Claude Desktop, ChatGPT, and other consumer AI apps that connect directly to the vendor, both products defer to a separate path (DataDam ships that as the upcoming managed browser extension plus MDM pack).
What they do well: Governed data access for agents within the Databricks Lakehouse. Strong inside its boundary.
Where the gap is: Lakehouse-only. If your data lives in Salesforce, Jira, or Postgres outside Databricks, Unity Catalog does not help. Vendor-locked.
Free forever for evaluation. Pro for first deployments. Business unlocks the compliance frameworks that the alternatives charge six figures for.