Opinion
Claude Code Security didn’t kill cybersecurity. It exposed what’s coming next.
"Anthropic didn’t kill cybersecurity. They validated that Frontier AI is now a real participant in the security market, at the exact moment when software velocity, data-source sprawl, and attacker automation are all accelerating," writes Alon Cinamon, a Principal at Viola Ventures.
Last week, Anthropic launched Claude Code Security, and public cyber stocks sold off hard.
CrowdStrike and Cloudflare fell around 8%. Okta and SailPoint both dropped by about 10%. Israel’s JFrog dropped roughly 25% in a day. Even the cybersecurity ETF slid about 5%.
The easy narrative wrote itself: “AI just killed cyber”.
In my opinion, the reality is almost the opposite. AI just accelerated both sides of the battlefield, and security is about to get harder, not easier.
And no, we are nowhere near the day when AI “solves security”, security teams disappear, and CISOs lose their jobs. If anything, the job gets more demanding as the pace of change increases.
The shift: from slow, human security to fast, machine security
Claude Code Security is code-focused, but the signal is broader than AppSec. A frontier AI company shipped a security workflow that looks less like “rules and alerts” and more like “reasoning and action”.
Security has been built for a world where humans do the thinking and tools do the logging. AI flips that: machines do more of the reasoning, humans do more of the approving, and remediation moves into the workflow, not the backlog.
Once this becomes normal in code security, it spreads. Frontier AI labs won’t sit this out either. Expect OpenAI and others to push into security fast. Cloud, identity, SOC operations, vulnerability management, fraud, and governance all share the same core pain: too many weak signals, too many systems, not enough time.
The attack surface is expanding faster than defenses
Three forces are colliding:
1) Software is changing at a velocity security teams were never built for.
Agentic tools compress development cycles. Code is written and refactored faster, shipped more frequently, and reviewed less consistently. Risk goes up by default.
2) Attacks are accelerating, too.
The same AI that helps defenders find weaknesses can help attackers discover them, chain them, and exploit them faster. When discovery and exploitation compress, the window to detect and respond shrinks.
3) Security data is exploding across sources, and humans can’t keep up.
Signals now span endpoints, cloud logs, identity, SaaS, repos, CI/CD, data platforms, and third parties. The bottleneck isn’t tooling. It’s making sense of all that signal quickly enough to stop real incidents.
That’s why the “AI will make security go away” story is fantasy. AI will change security and raise expectations, but it won’t remove the adversary, complexity, or incentives.
What the market is actually pricing: a reset in where value lives
When “reasoning” becomes cheaper, value shifts away from products that mainly generate alerts, and toward systems that can ingest many sources, correlate reliably, prioritize with evidence, and execute actions with guardrails and auditability.
That’s why the market panicked. Not because cybersecurity disappears, but because parts of the stack get commoditized while new layers become mandatory. AppSec feels it first, but this applies to any category selling “rules + dashboards + triage”.
The reset: the race is on
Security is entering reset mode. Buyer expectations are about to jump: faster outcomes, less noise, more automation, and tighter control. The “old normal” of periodic scanning and endless queues will look irresponsible in an AI-speed environment.
That means the race is on to rebuild security for a world where:
- Software changes continuously
- Attackers move faster
- Decisions must be made across messy, multi-source data
- Humans still own accountability, but machines do more of the work
Some incumbents will adapt. Many won’t. And new winners will emerge by owning the new security operating model, not by shipping another feature.
Bottom line
Anthropic didn’t kill cybersecurity. They validated that Frontier AI is now a real participant in the security market, at the exact moment when software velocity, data-source sprawl, and attacker automation are all accelerating.
That combination makes the challenge more complex than ever, not less.
So no, CISOs aren’t being replaced. They’re being handed a new mandate: run security at machine speed, across more systems, with less tolerance for noise.
And that is exactly why I’m bullish. Resets are when category-defining companies get built.
Alon Cinamon is a Principal at Viola Ventures.
