Cybersecurity stock selling deepens on AI threat concerns. Why we're not bailing
Investors are running for the exits on cybersecurity stocks as persistent artificial intelligence disruption fears overpower the industry’s strong fundamentals. We are not among them. The steep sell-off began Friday and extended into Monday’s session following Anthropic’s announcement of Claude Code, an AI-powered assistant designed to scan code bases for security vulnerabilities and suggest targeted patches for human review. The tool is currently available in a limited research preview. CrowdStrike fell 8% on Friday and 9% on Monday, while Palo Alto Networks dropped 1.5% Friday and 2.5% Monday. Both names are stocks in the CNBC Investing Club portfolio. During Monday’s Morning Meeting, Jim Cramer pushed back on the narrative driving the selling. “We don’t think there’s anything fundamentally wrong.” Jeff Marks, the Club’s director of portfolio analysis, described the cyber group as “guilty by association.” The association is everything enterprise software, which has been slaughtered of late. Jim and Jeff have said repeatedly that cybersecurity stocks should not be lumped in with broader software names because client companies cannot skimp on protecting their computer systems from AI-powered hackers. Additionally, the rise of AI agents has widened the scope of vulnerability exponentially. Both CrowdStrike and Palo Alto are best-in-class in this new arms race. The market reaction reflects a growing perception that AI tools capable of identifying weak spots could disrupt application security testing and related cybersecurity services. Anthropic isn’t alone. In October , AI startup OpenAI announced an AI-powered security researcher called Aardvark that autonomously finds, validates, and helps fix security holes at scale. Wall Street analysts agree with Jim and Jim’s views that the fear is overdone. JPMorgan analysts called the rotation out of cybersecurity “relatively indiscriminate,” and they said it sees an opportunity emerging within the group, the firm wrote Monday. Analysts called out CrowdStrike and Palo Alto among a select few as “more AI resilient.” That’s because “not all software is subject to the same risk, and this is particularly the case across the Security Software landscape,” analysts said. UBS echoed that view, arguing that “cybersecurity fundamentals are better than application fundamentals, and cyber will still see a net benefit from AI adoption and the growing amount of cybersecurity challenges.” That’s because while these AI companies may introduce more cyber products, it’s likely they won’t develop sophisticated infrastructure controls like endpoint agents, distributed security gateways networks (SASE), or identity authentication platforms — the bread and butter of CrowdStrike and Palo Alto Networks. We put together a cheat sheet of cybersecurity terms to help us better understand all the industry jargon. In further support, TD Cowen said Monday that AI coding assistants can’t disrupt cybersecurity platforms. After meetings with industry and technical experts, analysts believe AI coding assistants improve software quality and developer productivity, but do not replace security platforms or reduce the structural demand for security. The firm concluded that there’s no near-term impact on leading platform providers. CrowdStrike CEO George Kurtz published a LinkedIn post on Sunday, making this point. In the post, he explained how he wrote a prompt to Claude, asking the chatbot to build him a tool to replace CrowdStrike. Claude’s response: “I appreciate the ambition, George, but I have to be straightforward: building a replacement for CrowdStrike isn’t something I can do here, and it wouldn’t be responsible for me to suggest otherwise.” Kurtz went on to explain CrowdStrike’s core competencies include “real-time kernel-level endpoint monitoring across millions of devices, a proprietary threat intelligence graph built from trillions of security events, lightweight agents running on every OS with sub-second detection, automated incident response and remediation, and a 24/7 threat hunting operation.” He said, “That’s not something you can replicate with a script — it’s an infrastructure product.” In fact, AI-enabled tools carry a host of vulnerabilities that could compromise applications and even expose sensitive data. CrowdStrike protects against those threats through its Falcon platform, which includes AI detection and response, among other capabilities. Palo Alto protects against AI threats through its Prisma AI Runtime Security, a platform that provides real-time monitoring to identify vulnerabilities. Bottom line Jim acknowledged the near-term pain. “We’re not oblivious to this. … I recognize that these are dead meat.” In a sell-off like this, Jim explained, a hedge fund might typically avoid it and then come back to it. But that’s not the way the Club manages the portfolio. Instead, we’re long-term investors who invest in fundamentals. Jim also recognizes that the cyber stocks could have further room to fall. While CrowdStrike is the most painful to hold right now, we’re not looking to sell. Once market fears ease and if fundamentals remain intact, that could provide a signal to see what to do next. For now, as Jim put it, “We’re not there yet.” (Jim Cramer’s Charitable Trust is long CRWD, PANW. See here for a full list of the stocks.) As a subscriber to the CNBC Investing Club with Jim Cramer, you will receive a trade alert before Jim makes a trade. Jim waits 45 minutes after sending a trade alert before buying or selling a stock in his charitable trust’s portfolio. If Jim has talked about a stock on CNBC TV, he waits 72 hours after issuing the trade alert before executing the trade. THE ABOVE INVESTING CLUB INFORMATION IS SUBJECT TO OUR TERMS AND CONDITIONS AND PRIVACY POLICY , TOGETHER WITH OUR DISCLAIMER . NO FIDUCIARY OBLIGATION OR DUTY EXISTS, OR IS CREATED, BY VIRTUE OF YOUR RECEIPT OF ANY INFORMATION PROVIDED IN CONNECTION WITH THE INVESTING CLUB. NO SPECIFIC OUTCOME OR PROFIT IS GUARANTEED.
