AI disruption triggers cybersecurity downgrades despite strong demand outlook
Investing.com -- William Blair has downgraded vulnerability management firms including Qualys, Tenable, and Rapid7 to “Market Perform,” citing growing uncertainty around the impact of artificial intelligence on the cybersecurity landscape, even as overall sector demand remains resilient.
The brokerage said the rapid evolution of AI—particularly next-generation models capable of identifying and exploiting vulnerabilities—has begun to reshape investor sentiment and industry dynamics. While cybersecurity budgets remain stable and are even seeing modest growth, companies are now under pressure to demonstrate accelerating growth to justify valuations in what analysts describe as an “AI-disrupted SaaS environment.”
Among cybersecurity names, CrowdStrike was highlighted as a top pick, with analysts pointing to strong demand driven by AI-powered endpoint security and emerging “agentic AI” security operations. The firm is seen gaining market share across cloud, identity, and security operations segments.
Other companies such as Okta, Cloudflare, and Akamai also received positive commentary due to their positioning in identity, edge infrastructure, and platform-based security solutions.
The downgrade of vulnerability management vendors reflects concerns that AI could fundamentally change how vulnerabilities are detected, prioritized, and resolved. Advanced AI models may automate large parts of this process, potentially reducing reliance on traditional tools.
However, William Blair stopped short of a bearish stance, noting that these companies still benefit from sticky customer bases, relatively low valuations, and the possibility that AI could enhance—rather than replace—their platforms over time.
Enterprises are increasingly allocating budgets toward AI initiatives, including data security, identity management, and AI governance. However, this shift is creating pressure on traditional software spending as firms balance rising infrastructure costs with new investment needs.
Despite heightened geopolitical risks, cybersecurity spending has remained steady so far in 2026. Analysts noted no significant slowdown in deal pipelines, although volatility is expected to persist as markets react to rapid AI advancements.