Cybersecurity was one of the more resilient areas of the technology market in recent years, supported in part by AI tailwinds as the proliferation of large language models contributed to a surge in cyber threats and heightened demand for advanced security solutions. However, as AI disruption fears spread across the broader software sector in recent months, valuations began to reset – with cybersecurity increasingly drawn into the sell-off.
The correction intensified following Anthropic’s release of Claude Code Security and its latest model demonstrating advanced “vibe coding” capabilities, alongside the emergence of new AI agents such as OpenClaw. These developments have increased market concerns over whether AI could meaningfully replace elements of core cybersecurity platforms, rather than simply augment cybersecurity workflows. Recent share price reactions suggest markets are pricing in a disruption scenario, even as underlying fundamentals across much of the sector remain broadly intact.
Explaining Anthropic's Claude Code Security
On 20th February 2026, Anthropic released Claude Code Security, an AI-powered application security tool currently in limited research preview. It scans codebases for vulnerabilities before suggesting fixes to a human reviewer. Human review is an important point to highlight, as Claude Code Security doesn’t automatically deploy patches or operate in live production environments. Its role is to assist security teams in managing growing vulnerability backlogs, not replace them.
However, the ensuing market reaction, that came on top of previous weeks of correction in the space, reflects concerns that AI-driven tools like Claude Code Security could eat into revenues of cybersecurity businesses and bode further disruption of the field. Investors fear that portions of the security stack could face margin pressure or reduced differentiation. These concerns have strongly weighed on the share prices of cybersecurity companies resulting in significant discounts to recent highs observed after the release of ChatGPT in November 2022 (Figure 1).
Figure 1. Latest sell-off, sales growth and valuations of companies in the WisdomTree Cybersecurity strategy.
Source: WisdomTree, Bloomberg. As of 27th February 2026, if not indicated otherwise. “After Anthropic’s release” corresponds to the period from 19th February 2026 to 27th February 2026. Period “since ChatGPT” corresponds to the period from 30th November 2022 to 27th February 2026. You cannot invest directly in an index. Historical performance is not an indication of future performance and any investments may go down in value.
However, it is important to highlight that Claude Code Security, while being a powerful tool showcasing how far AI has come, does not replace endpoint detection and response (EDR), identity and access management (IAM), zero trust network access, cloud security, SIEM/SOC platforms, or resilience infrastructure. These operate at runtime and enforcement layers of the security stack, which require telemetry ingestion, real-time response, infrastructure deployment, and compliance governance beyond code analysis.
Disruption fears vs. enterprise reality
While developments such as vibe coding have fuelled disruption narratives across the software sector, their real-world enterprise impact remains largely untested. Generative models capable of rapidly producing functional code may demonstrate impressive capabilities in controlled environments, but large organisations operate under strict governance, compliance, resilience and audit requirements – particularly in cybersecurity, where tolerance for failure is minimal and trust is foundational.
Enterprise security architectures are built not only on technical performance, but on reliability, explainability, regulatory alignment and accountability. In that context, AI-driven coding advances are more likely to augment existing workflows than to replace the deeply embedded security frameworks that underpin modern digital operations. At the same time, cybersecurity businesses are already integrating artificial intelligence into their offerings, both from the perspective of using AI to enhance cybersecurity capabilities and using cybersecurity to secure AI applications. Hence, they are well positioned to benefit from such AI developments while being AI’s strongest adopters.
Expert view from Team8, WisdomTree’s expert partner on the WisdomTree Team8 Cybersecurity UCITS Index:
"The market's recent reaction to Anthropic’s Claude Code announcement—a 'sell-off' impacting giants like Okta and CrowdStrike – appears to be a significant overreaction that ignores the fundamental architecture of enterprise security. While Claude Code is a powerful 'Shift Left' tool that disrupts manual code-triage by automating vulnerability identification and patching, it is an evolution of the developer's toolkit, not a replacement for a cybersecurity platform.
Securing an organization is vastly more complex than a single developer’s experience. Critical functions like Product Security – which includes architectural threat modeling, cloud infrastructure configuration, and strict regulatory compliance – cannot be solved by a code-level LLM alone. We believe these frontier models will serve as the 'intelligent glue' that reduces the manual workload of security teams, rather than acting as a standalone vendor capable of replacing the identity, governance, and real-time protection layers that market leaders provide. For investors, the current dip likely represents a correction of sentiment rather than a shift in fundamental value, as the industry moves toward a future where AI handles the reasoning and existing platforms provide the enforcement."
– Liran Grinberg, Co-Founder & Managing Partner, Team8.
The other side of the coin: AI expands the attack surface
While markets have focused on AI as a potential disruptor of cybersecurity vendors, the more powerful structural force may be that AI is expanding digital risk itself. AI is accelerating both defenders and attackers: it improves vulnerability detection and secure coding capabilities, but it can also compress attackers’ discovery cycles and speed up exploitation. As software velocity rises, this dynamic strengthens the case for layered, AI-augmented security architectures.
More broadly, AI appears to be increasing the scale and complexity of cyber risk. A January 2026 World Economic Forum report shows that nearly nine in ten organisations view AI-related vulnerabilities as the fastest-growing source of cyber risk. At the same time, 64% now review the security of AI tools before deployment, up from 37% in 2025 – clear evidence that AI adoption is translating into greater demand for security oversight.
As AI models become more capable and autonomous, from advanced vibe coding to agentic workflows, this dynamic is unlikely to slow. If anything, recent breakthroughs may accelerate both innovation and exploitation, reinforcing the need for comprehensive, enterprise-grade cybersecurity rather than diminishing it.
Bottom line: Disrupted or discounted?
The recent sell-off suggests markets might be increasingly pricing in a disruption scenario. Yet with valuations across the cybersecurity universe compressing sharply, as evident by historical valuations of the WisdomTree Cybersecurity strategy (Figure 2), the reset might be driven largely by sentiment, uncertainty around AI’s longer-term impact and liquidity-driven positioning shifts, rather than clear evidence of structural deterioration.
Figure 2. Valuations of the WisdomTree Cybersecurity strategy have just touched historical bottom.
Source: Bloomberg. Period from 2nd November 2020 to 27th February 2026. Valuation multiple is represented by Price-to-Sales ratio. You cannot invest directly in an index. Historical performance is not an indication of future performance and any investments may go down in value.
Periods of elevated macro uncertainty and rapid technological change often amplify short-term trading dynamics, particularly in high-growth areas. Importantly, there is no indication of broad customer rotation or significant slowdown in growth in the latest earnings reports. Given that long-term tailwinds for cybersecurity are being reinforced by AI and leading cybersecurity businesses poised to remain the dominant choice for enterprise adoption, for long-term investors, the current environment may represent a rare opportunity to build exposure to a foundational digital infrastructure theme at historically discounted levels.
Wichtige Informationen
Dieses Material wurde von WisdomTree und seinen verbundenen Unternehmen erstellt und soll nicht für Prognosen, Research oder Anlageberatungen herangezogen werden. Zudem stellt es weder eine Empfehlung noch ein Angebot oder eine Aufforderung zum Kauf bzw. Verkauf von Wertpapieren oder zur Übernahme einer Anlagestrategie dar. Die geäußerten Meinungen wurden am Herstellungsdatum getätigt und können sich je nach den nachfolgenden Bedingungen ändern. Die in diesem Material enthaltenen Informationen und Meinungen wurden aus proprietären und nicht proprietären Quellen abgeleitet. Daher übernehmen WisdomTree und seine verbundenen Unternehmen sowie deren Mitarbeiter, Führungskräfte oder Vertreter weder die Haftung für ihre Richtigkeit oder Zuverlässigkeit noch die Verantwortung für anderweitig auftretende Fehler und Auslassungen (einschließlich Verantwortlichkeiten gegenüber einer Person aufgrund von Fahrlässigkeit). Die Verwendung der in diesem Material enthaltenen Informationen erfolgt nach eigenem Ermessen des Lesers. Wertsteigerungen in der Vergangenheit lassen keinen Schluss auf zukünftige Ergebnisse zu.
]]>