“I’m still confused why the market is treating AI as a threat to cybersecurity,” Nikesh Arora confessed on his company’s earnings call this week…
Arora is the CEO of $120 billion cybersecurity giant Palo Alto Networks (PANW). His company sits as the vanguard of online safety…
But the market didn’t share Arora’s confusion. PANW plunged about 8% the day after the call, adding to a slump that has erased about $38 billion from the company’s market cap since last October. All told, PANW is now down approximately 32% from its all-time high set that same month.
Of course, there’s a broader context to the Palo Alto Networks sell-off… AI does indeed pose a potential threat to the broader software sector.
Think of it this way…
With early computers, tasks had to be accomplished by hand. As computers evolved, programmers realized that these processes could be automated with code.
So, programmers struck a deal with consumers: they would code software applications, and folks would pay them for the convenience. The bottleneck was the coders’ labor and expertise.
Today, these bottlenecks have vanished. With artificial intelligence, users can code their own applications through natural language prompts.
This natural language coding, also known as “vibe coding,” is a major headwind to software companies. It strips away their competitive moat by automating it through AI.
Here’s an example of what I mean. I gave Google’s AI chatbot Gemini the following prompt to simulate the vibe coding experience…
Please code a video game with simple graphics in which the player types into a keyboard and an onscreen AI executes their prompts.
The bot produced some lines of code. And when I opened them in a browser, this was the result…
The green “user” prompts in the image above were from me. The rest was built entirely by Gemini.
This is an on-the-fly example of what a layperson can achieve through vibe coding. With time, you could build a much more complex program… the type of program that could theoretically replace the expensive software offered by companies like Palo Alto.
In this light, it’s easy to see why AI threatens legacy software companies… The barriers to coding have all but vanished.
So, it makes sense that the sector is trending lower ever since OpenAI and Alphabet (GOOGL) released the latest versions of the ChatGPT and Gemini models – which excel at this type of vibe coding – earlier this month.
Over the past month, the iShares Expanded Tech-Software Sector Fund (IGV) – which holds a basket of familiar software names like Palo Alto, Salesforce (CRM), Adobe (ADBE), and more – is down approximately 16.8%.
But Arora contends PANW is collateral damage in the broader software sell-off. In his view, cyber companies like PANW are less vulnerable than other software firms…
And he might well have a point. Let me explain…
Welcome to the Fraudster’s Renaissance
AI introduces two major risks to the cybersecurity landscape…
The first and most visible is AI-enhanced hacking. This is the other side of the vibe coding coin.
Before the advent of AI, cyberattacks were an active process. Human hackers would search out vulnerabilities… gain access to a system… then slowly worm their way deeper until they found sensitive information.
Hacking used to unfold at “human speed.” Cyberattacks only moved as fast as malicious actors could work…
But today, it’s trivially easy to launch a sophisticated cyberattack. Cybercrime-as-a-service companies offer bad actors robust hacking tools at a low monthly price.
Today, these tools are being enhanced by malicious large language models (“LLMs”) such as “WormGPT.” These bots function the same as other language models, except they are “jailbroken” to perform criminal tasks.
Below, you can see WormGPT’s affordable and straightforward pricing page…
WormGPT helps users launch phishing attacks and build malware using the same simple language that built our vibe coding simulator above.
Malicious LLMs make hacking simpler and much more potent. Bad actors can attack devices passively, and at machine speed.
But it’s not just ease of access. AI gives bad actors more sophistication, too…
A major component of hacking is social engineering – tricking people into revealing sensitive information through old-school manipulation.
AI is a major boon to social engineers as well. Deepfake technology lets hackers create convincing digital puppets capable of real-time conversation.
In short, AI strengthens hackers’ offenses.
But at the same time, it also weakens everyone else’s defense. Let me explain…
How PANW Battles AI Security Erosion
Legitimate users of LLM technology tend to deploy it in one of two ways…
Many companies simply graft AI chatbots onto existing applications as an add-on. In this case, folks engage with the bot within a larger app experience. Think of an automated customer service chat.
This bot might be prone to mistakes. But the user can work around these issues to use the app anyway.
The other way companies deploy AI is in a blocking style. In contrast to an add-on, a blocking LLM exists in the middle of the application and interacts with every action the user takes inside the app.
If this AI malfunctions, your product is as good as broken.
And there are numerous ways an AI can err: hallucinations, bias, toxic training, and hackers can all throw a bot off its mission.
So, the adoption of AI expands existing vulnerabilities even as it strengthens hackers’ hands.
Last December, the IRS reported that financial crimes in 2025 totaled $10.6 billion – up 15.7% from 2024.
But that’s just fraud the IRS knows about. The real figure is likely much higher. According to cybersecurity firm BioCatch, fraudulent online activity surged 168% year over year in the first half of 2025 alone.
In short, broad AI adoption poses a material risk to cybersecurity. The IT industry must execute two interrelated products if it wants to fight it…
The first are security products. This may seem obvious, but in industry parlance, the term means something specific.
Security is a protective layer in your system that detects and responds to threats. When something goes wrong, security programs alert you to the problem so that IT professionals can react appropriately.
The second field is observability. This is the ability to view the entire system from the outside. Observability programs give visibility into a system’s internal technical state.
Because LLMs process human prompts invisibly, observability is becoming more important than ever. AI errors happen within a “black box” that users can’t see into. So, observability helps IT professionals investigate when these systems err.
Palo Alto Networks has a history of building products on both sides of the coin. But today, it’s blending both segments into a single, unified strategy to take on the AI future.
We can see this strategy at work in PANW’s recent acquisitions of Chronosphere and CyberArk. Chronosphere offers enhanced observability. And CyberArk focuses on identity security…
Chronosphere is a purpose-built observability program that can handle the massive scale of data behind LLM chatbots. Palo Alto Networks will integrate Chronosphere into its next-generation security platform, Cortex AgentiX.
CyberArk emphasizes security – specifically identity security.
In the old cybersecurity model, certain users would be “superusers” with special privileges to access sensitive info.
The problem with this is human failure. If a person or team holds the “keys” to an organization, that makes a useful point of attack for bad actors…
CyberArk obviates this problem by holding the keys for organizations – and only loaning out privileges when they’re needed. This lets people access sensitive information as needed – but ensures that identities are tracked across the system.
These acquisitions put Palo Alto Networks in a unique position to dominate security in the AI age. It’s building a security platform specifically for new AI adopters. And the company’s scale and moat that can’t easily be surmounted by startups, no matter how much vibe coding they attempt to do.
The market is betting that AI will upend cybersecurity, same as every other software sector.
But what investors might be forgetting is AI’s margin of error. AI still hallucinates, errs, and sometimes lies outright. And even if this only accounts for 5% of AI interactions, edge cases have always been where fraudsters thrive.
The market is in risk-off mode when it comes to software. Investors are seeking out AI-adjacent software stocks, selling first, and asking questions later.
Palo Alto Networks sits squarely within this universe. But as Arora points out, cybersecurity software might be more essential than the market is pricing today.
In short, PANW is a great stock to add to your watch list. The company is still locked in a downtrend – and it could still have further to go before it reverses.
But the need for cybersecurity will likely grow alongside AI. In this light, PANW is a terrific value.
I don’t encourage you to catch this falling knife. But when the dust from the software crash settles, don’t be surprised if PANW emerges as a star.
Regards,
Sean Cummings
Editor’s Note: If you’re 50 or older… or thinking ahead to retirement… legendary investor Whitney Tilson says this could be your smartest financial move of the entire AI boom.
It’s time to look past Nvidia and the “Magnificent 7.”
Whitney, a retired hedge fund manager once dubbed “The Prophet” by CNBC, is sharing a new AI story.
His brand-new stock system just gave one company a near-perfect grade… and it’s not a name you’ve heard on the news.
The company just signed a huge new AI deal with a key tech partner, and you’ll soon see a massive nationwide rollout.
Whitney’s giving away the name, ticker, and full breakdown for free.
