The cybersecurity market is bouncing back, partly due to the growing demand for AI. As the sector recovers from economic challenges, AI is quickly shifting from a futuristic idea to a key driver of business change. The rise in interest in AI, especially generative AI, has coincided with the sector’s recovery.
This is fueled by strong earnings from major companies like SentinelOne, CrowdStrike, Zscaler, and Palo Alto Networks. But AI’s rise brings both promise and hype that needs a careful look at its true impact. Recent earnings reports from cybersecurity giants seem to show the market is recovering after the past few years’ challenges.
But not all companies are seeing the same growth. While some are quickly gaining market share in the endpoint market, others are seeing slower expansion. SentinelOne CEO Tomer Weingarten stressed that the path of the cybersecurity market depends heavily on infrastructure modernization.
People understand that the enterprise landscape won’t look the same in the next couple of years,” he said. He noted that organizations are already planning for an AI-driven future even if the full productivity gains of AI are not yet being realized. The current AI boom, led by innovations in generative AI, is contributing to the broader recovery of the cybersecurity market.
However, the practical use of AI in cybersecurity is still a work in progress. AI-driven solutions are emerging, but many are still in their early stages. They provide basic capabilities such as automation and threat detection rather than fully autonomous systems.
AI’s real strength in cybersecurity comes from its ability to detect unusual behavior rather than relying on traditional signature-based methods. The market has shifted away from signature-based analysis to solutions that can understand and detect suspicious and malicious behavior. Vendors have taken different approaches to driving this change.
Cylance built a machine learning-based better signature. CrowdStrike took a detection and response approach. SentinelOne went all in on behavioral AI.
“We created something that doesn’t care about the vector or file of attacks,” Weingarten said. “This was novel back in the day—no payloads, no files—that’s where behavioral analysis was boring. But our idea was simple: if you’re a malicious hacker, you can hide all you want but you will exhibit malicious behaviors that will eventually be detected.
While AI is undoubtedly reshaping cybersecurity, the generative AI boom comes with its share of hype.
The current generative AI frenzy is very similar to the dot-com bubble of the late 1990s, where companies rushed to adopt new technology without fully understanding its use cases. Just like organizations bought domains with no idea if or why they needed a website in the early days of the Internet, many organizations are jumping into generative AI without a clear strategy for how it will add value. “There’s big hype and big fear of missing out,” Weingarten said.
“If they’re not doing something with generative AI, organizations feel behind. I would argue you’re delayed if you adopt GenAI now and think that’s your solution.” As Weingarten points out, many current generative AI applications, such as natural language processing tools and chatbots, offer only surface-level enhancements.
Ai-driven trends in cybersecurity
These tools represent the “low-hanging fruit” of AI development. While useful, they are not the peak of what AI can achieve. “Many GenAI apps are super shallow right now.
They’re taking the basic capabilities of large language models and trying to strap on classic applications to make them more user friendly,” he said. SentinelOne is trying a different approach. “When we built Purple AI, we infused it as an automated backbone in all of our platforms.
Instead of a chatbot interface approach, we said, let’s take another approach. PurpleAI is a brain that works on the backend, with you and alongside you—it is autonomous.” And customers are embracing it. In the second quarter, more than 10 percent of subscription licenses sold by SentinelOne also included purchases of PurpleAI.
As the hype around AI begins to settle, organizations are starting to grapple with its longer-term implications. AI, particularly in cybersecurity, is not a magic solution. While AI can automate and enhance many processes, it is not a replacement for human oversight.
AI can suggest and automate actions, but human governance remains crucial. Richard Stiennon, a cybersecurity analyst, shared his thoughts on the intersections of AI and cybersecurity. He mentioned, “There are four completely separate domains of AI security.
The first, that the large vendors are jumping into, is the ability to explain machine outputs in natural language with the use of LLMs. This is only marginally beneficial and will be just another feature/capability. The second is using AI to automate SOC operations.
Only a few startups are working on this agentic model but it will have the biggest impact on cyber defense. The third is what I call DLP for AI. Basically, controlling the types of things employees can upload to an LLM vendor.
And finally, vulnerability management and policy protections for internally deployed LLMs. This is a growing area but it is premature as the threats have not appeared yet.”
The future of AI in cybersecurity lies in refining these technologies to be more autonomous and contextually aware while maintaining a balance between automation and human intervention. As companies modernize their data infrastructure to accommodate AI, they will also need to embed security into every layer of their technology stack.
Hopefully, organizations will take a “secure by design” approach as they embrace AI, ensuring that security is not an afterthought but a fundamental part of their digital transformation strategy. The cybersecurity market is on the upswing, buoyed by AI-driven innovations and a broader market recovery. However, the challenge for organizations will be in separating the real potential of AI from the surrounding hype.
As the dust settles, the organizations that succeed will be those that take a thoughtful, strategic approach to AI, integrating it in ways that add genuine value while maintaining the necessary human oversight to prevent unintended consequences. The future of cybersecurity is undeniably tied to AI, but as Weingarten stressed, it’s only the beginning of what this technology can achieve.
