AI just shook cybersecurity stocks. Here’s who survives (and who gets left behind)
AI just shook cybersecurity stocks. Here’s who survives (and who gets left behind)
Publish Date: 2026-03-02 14:03:00
Source Domain: finimize.com
Using an unordered list, summarize the following article with between 4 and 8 key points. derstand why investors got so nervous, you have to understand what this tool actually represents. For years, AI in security was like having a brighter flashlight – it helped humans spot bugs faster. Claude Code Security is different; it’s an all-in-one autonomous robot repair squad. It finds the hole in your digital fence; it reasons through the problem; and it patches the fence itself.
That raised an uncomfortable question: if AI can automatically fix security problems at the source, why pay millions to specialized cybersecurity vendors? In short, are those firms about to become obsolete?
What threat does AI actually pose to cybersecurity?
AI does pose a real threat – but it’s a threat to certain pricing models and weaker players, not to the existence of cybersecurity itself.
First, there’s the “built-in” threat. If AI coding agents (like Claude Code) can write “perfect” code that fixes its own vulnerabilities, the need for a separate monitoring layer starts to disappear. This is the commoditization risk. If your AI dev tool can scan and patch issues as you build, it’s hard to justify paying a premium for another company whose whole pitch is “we detect threats”.
Then, there’s seat compression. A lot of cybersecurity companies charge per endpoint, per analyst, or per employee. Their revenue scales with the number of human workers interacting with systems. But AI is a labor multiplier. If one AI-augmented Tier 1 security analyst can now do the work of five, ten, or even 20, the number of billable seats declines. Even if the vendor stays in place, the invoice figures shrink.
That said, there’s a massive flip side. While AI disrupts old business models, it creates entirely new demand.
We’re moving into the “agentic era”. For every human online now, there are roughly 82 AI agents (autonomous bots) working away in the background. That creates a massive new attack surface. Hackers can now deploy millions of tiny, sophisticated strikes at once. Humans can’t defend against that manually. The only real counterweight is more AI.
And a build-versus-maintain reality check is happening. Investors feared that companies would use AI to build their own security tools to cut costs. But building a tool is maybe 15% of the work. The other 85% is maintenance – constantly updating for new threats and meeting standards like FedRAMP or SOC 2. AI can generate code, but it doesn’t yet take long-term operational responsibility, navigate regulatory scrutiny, or provide enterprise-grade accountability.
What will separate the winners and losers in the industry?
First and foremost, massive data networks. In the AI age, being a small, single-purpose tool is dangerous. If your product does only one thing – scans code, manages passwords, filters email – that feature may well get built directly into a bigger AI platform. The stronger companies are the ones that see everything. They protect thousands of customers across millions of devices, servers, and cloud systems. And in the process, they collect tons of real-world security data every day – attacks, login attempts, malware patterns, suspicious behavior. AI models are only as good as their data. A company processing billions of events daily can train smarter systems than any enterprise building a defense in-house. That scale advantage is extremely hard to copy.
Second, deep integration. Some security tools live at the surface. Others sit deep inside the operating system or network itself. The deeper a security company is embedded, the harder it is to replace. Software that runs directly on a device’s core system, monitors network traffic in real time, or controls access across a company’s cloud infrastructure becomes part of the plumbing. Swapping it out isn’t as simple as deleting an app – it requires a full-scale system renovation, pulling out all the “piping” and building all over again.
Third, securing the machines themselves. This industry used to be about protecting humans from clicking bad links. Now, it’s about protecting AI systems from making bad decisions. AI agents can access databases, send emails, move money, and execute code on their own. Each one needs an identity, permissions, and oversight. If an AI system gets tricked or manipulated, it can cause damage at machine speed. The next cybersecurity leaders will be the companies that control what these autonomous systems are allowed to do – in real time.
So, what changes does this mean for the cyber basket?
Over the past year, my cybersecurity basket has focused on balancing scale and innovation. Now I’m leaning harder into companies with tougher-to-match advantages and genuine AI resilience.
Here’s how that shakes out.
What I’m keeping:
CrowdStrike: If anything, its edge actually strengthens in the AI era. The company harvests enormous amounts of real-world security data from millions of devices. When one customer gets hit, the system instantly learns from the attack and protects its other customers. That shared intelligence loop is powerful. On top of that, CrowdStrike sits deep in the operating system layer. That kind of engineering takes years to build and can’t easily be recreated by a coding AI.
Microsoft. It owns the environments where both humans and AI agents actually operate – Windows, Office, and Azure. And security is part of that. As AI agents proliferate inside companies, Microsoft is in a unique position: it controls the workplace interface. And whoever controls the interface can embed security everywhere.
Palo Alto Networks. Big companies don’t want 15 separate security tools. They want one unified system that talks to itself. And Palo Alto is all about that: it’s aggressively moving customers away from scattered point tools and onto its single, integrated platform.
Zscaler. In the agentic era, identity is everything. Zscaler acts as a “zero trust” bouncer – ensuring that every AI bot has a legit, verified, digital ID before any data gets moved.
SentinelOne. Its entire system is built around automation. AI-driven attacks happen too fast for a manual, human response. SentinelOne’s approach is to automate detection and response so threats are stopped instantly without waiting for an analyst.
What I’m ditching:
Fortinet. I have to say goodbye to this one. A big chunk of this firm’s strength comes from selling physical firewall hardware. But security is shifting rapidly toward cloud-native, software-first models. As workloads move to the cloud and AI systems operate virtually, on-premise hardware becomes far less important.
Cisco. This firm’s powerful, but it feels like a bundle of acquired tools, not a unified AI-native platform. Even after buying Splunk, Cisco is still stitching pieces together rather than building from a single architectural vision.
And what I’m adding to the mix:
Datadog: As companies put their new AI agents to work, they need visibility into what those systems are actually doing – performance, errors, data handling. Datadog serves as a dashboard for firms, providing that essential observability layer.
Cloudflare. This company is a gateway to the whole internet. Over 20% of the web runs through its servers, so it represents the physical highway system that AI travels on – a huge infrastructure advantage that can’t be automated away.
Here’s an overview of my updated cybersecurity portfolio.
