AI will "kill" cybersecurity platforms? Bank of America refutes: It is an enhancer, not a replacer.

AI will "kill" cybersecurity platforms? Bank of America refutes: It is an enhancer, not a replacer.

```

Bank of America points out that the market's concerns about AI disrupting the cybersecurity industry seem to be somewhat overblown.

Last Friday, Anthropic launched a new security feature, Claude Code Security, for its Claude AI model. Investors worried that AI might automate and replace a significant portion of business in the cybersecurity sector, leading to widespread sell-offs. On Monday, cybersecurity concept stocks continued to fall, with CrowdStrike and Zscaler dropping about 10%, Netskope plunging over 12%, and the Global X Cybersecurity ETF reaching its lowest level since November 2023.

According to Wind Trading Desk, a recent research report by Bank of America points out that the market's panic about "AI replacing cybersecurity" is overestimated. The report says, AI tools cannot currently replace comprehensive cybersecurity platforms; their role is as enhancers rather than disruptors. The research notes, AI can indeed improve work efficiency in specific scenarios such as code scanning, but in the three key dimensions of visibility, control, and reliability, current AI capabilities cannot replace a full cybersecurity platform.

The report believes that integrated platform vendors, such as CrowdStrike and Palo Alto Networks, maintain solid moats due to their integrated data foundation and detection & response capabilities. In contrast, independent vendors focusing on application security (AppSec)—such as Checkmarx, Snyk, as well as toolchain companies like GitLab and JFrog—may face greater competitive pressure and must continually prove their technological differentiation and value reconstruction capability in the AI era.

The evolution of code scanning, not a security revolution

The report points out that AI tools represented by Claude have made key breakthroughs in the field of development security. Unlike traditional scanners relying on feature matching, Claude can conduct in-depth reasoning analysis of component interactions, data flows, and business logic vulnerabilities, breaking the boundaries of pattern recognition and significantly improving the accuracy of detecting complex vulnerabilities.

However, the research report clearly defines Claude's capability boundary: its impact is limited to the niche field of pre-production code analysis. This means vendors that rely on application security as their growth engine will face value reassessment pressure and must prove their irreplaceability in the AI era.

AI's obvious shortcomings: fundamental gaps between developer tools and runtime environments

The report points out that the fundamental reason AI struggles to shake the core position of cybersecurity platforms lies in the essential difference between developer tools and runtime security environments.

The report summarizes the characteristics of runtime security as: continuous monitoring, context awareness through integration of multi-source signals (combining signals from endpoints, identities, networks, and cloud environments), and nearly zero margin of error, especially the demand for a detection miss rate controlled within the precise range of 99.99%. Any omission can have serious consequences.

In contrast, reasoning models like Claude are clearly vulnerable: they are highly sensitive to prompt expressions and easily lose context when tasks breach predefined boundaries. Such instability can be tolerated in code reasoning scenarios but is fundamentally incompatible with requirements for autonomous defense.

More importantly, AI tools currently lack real-time data acquisition capabilities from runtime sensors, have no visibility into execution processes, and certainly no control plane permissions. This means they cannot execute key response actions such as blocking processes or isolating endpoints. Given the reliability thresholds required at the security level, these capability gaps form a technical moat that is hard to overcome.

AI reshaping the cybersecurity landscape, platform vendors own the moat

Bank of America Securities believes that AI's reshaping of the cybersecurity industry will follow the historical path of cloud computing. Just as the rise of hyperscale cloud service providers redistributed the value of the software stack and prompted the emergence of next-generation leaders like CrowdStrike and Palo Alto Networks, the AI wave will similarly foster edge replacements , but the ultimate beneficiaries will be integrated platform vendors able to combine massive telemetry data, runtime sensor capabilities, and reproducible workflow systems.

In the field of application security, independent vendors are facing direct impact. Because companies like Checkmarx and Snyk rely heavily on code scanning functionality, their core value faces the risk of being partially replaced by tools like Claude. Even though large vendors have deepened their layouts via acquisitions, such as CrowdStrike acquiring Bionic and Palo Alto Networks successively acquiring Bridgecrew, Cider, and Dig, the research report points out that some of these model capabilities may likewise be diluted by AI. Similar logic applies to cloud security posture management, where some misconfiguration detection functions may be enhanced by AI.

But the report stresses, these capabilities only exist as functional features in larger platforms, not as the core that defines platform value. The reason why integrated vendors are hard to disrupt lies in three structural moats: first, cross-dimension accumulation of telemetry data from endpoints, identities, and cloud workloads; second, continuous monitoring ability of real-time execution behavior; third, reproducible workflow systems integrating multidimensional signals in complex environments. These capabilities collectively constitute competitive barriers that AI tools find hard to surpass.

~~~~~~~~~~~~~~~~~~~~~~~~

The above excellent content is from Wind Trading Desk.

For more detailed interpretation, including real-time analysis and frontline research, please join 【Wind Trading Desk▪Annual Membership

Risk Disclaimer and TermsThe market has risks, investment requires caution. This article does not constitute personal investment advice and does not consider the special investment objectives, financial situation, or needs of individual users. Users should consider whether any opinions, viewpoints, or conclusions in this article are suitable for their specific situation. Invest accordingly at your own risk. ```