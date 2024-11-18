While tech companies large and small have laid off 460,000 workers since 2022, AI has been a universal growth driver across tech, adding $ billion in valuation to the Magnificent Seven alone. For tech vendors, the race is on to apply machine learning algorithms to deliver products that automate and accelerate work. VC checks slowed down since quantitative tightening but cybersecurity firms built on AI – for example, Hidden Layer, StackLok, and Reken – have raised business formation rounds on the promise of leveraging pattern matching analytics to security teams' work of detecting and remediating against cyber threats and vulnerabilities.

What is the AI Security Overlay?

A tantalizing next stage for AI security is an overlay that automates, tracks, and contextualizes risks across a customer's entire environment. Coined by Tyler Shields, Cybersecurity Strategist Analyst at ESG, as the AI security overlay, the platform supercharges detection, prioritization, and remediation workflows for vulnerabilities, threats, and assets. The end game looks like this: algorithms ingest and analyze threat feeds and vulnerability database details to pattern match against a customer's environment starting with the riskiest threats, as calculated by the platform, to that customer's business. It's an ambitious vision with some coincidental early movers.

Early Movers Build the AI Security Overlay

Several companies' existing businesses give them head starts at completing this security AI overlay. Vendors addressing zero trust, Attack Surface Management (ASM), Continuous Threat Exposure Management (CTEM), and other security issues developed overlapping tools from sharing a common cause in uncovering potential dangers dwelling in a customer's extended environment.

The decade-long platformization of security across different categories are merging these alphabet-soup markets. Existing technologies detect and monitor threats and known vulnerabilities across a customer's IT environment and prioritize remediation. And technologies already exist to pull security data from disparate sources, flag potential compliance violations, and risk score.

Developing AI that Unifies and Contextualizes Security

As Shields summed up, "The future of cybersecurity hinges on a strategic blend of context creation and intelligent data handling." The missing piece for the AI overlay is contextualized intelligence across application, cloud, and infrastructure risks that existing security technologies already track. The Overlay would also calculate risk (probability x loss) for each asset. The end result is the holy grail for security practitioners – prioritize what needs fixing when – if ever. Palo Alto Networks (PANW, +62.7%), CrowdStrike (CRWD, 69.49%), Zscaler (ZS, +12.5%), Tenable (TENB, +11.7%),* and other security leaders with an eye on future proofing their business are well positioned from a combination of homegrown solutions and acquisitions that can be shaped into an AI Overlay.

CrowdStrike's Falcon platform maps cloud attack surface and prioritizes threats while Adaptive Shield, a 2024 acquisition, integrates with over 150 apps, contextualizes at-risk items, automates misconfiguration, and sheds light into human and machine identities to accelerate remediation across hybrid environments.

Palo Alto Networks is using "precision AI" – a combination of machine learning, neural networks and generative artificial intelligence (GenAI) – to ensure 100% accuracy in security decisions for customers by correlating against the 36 billion events and 7.6 petabytes of data its technologies ingest each day across its sector rich customer base.

Tenable's ExposureAI leverages attack surface data to enable "lightning-fast analysis, decision-making and guidance" to help customers make better, faster security decisions that are preventative versus reactive after the damage is done.

Zscaler's acquisition of Avalor provides additional context from data sources to make sense of security specific AI models and integrates a security data fabric to fully automate AI-driven analytics and decision-making in real-time.

Cloud and Data Lake Providers

While pure play security vendors have the security pieces of the Overlay, large cloud and data lake providers like Oracle and Snowflake with a robust data analytics platform can acquire and or develop the security pieces necessary for the Overlay. In particular, Magnificent 7 member Microsoft has a path through its breadth and depth of data access, including code data all the way through to runtime. Not all cloud providers make products that require code level components so they will have to integrate for data access to that data.

The Overlay is the Next Hot Security Market

The security AI overlay could become the biggest security category since zero trust, valued at $32 billion in 2023 and projected to rise to $133 billion in 2032. While several vendors today deliver bits and pieces of the platform, green pasture remains for ambitious founders capable of securing funding to tackle this part of the AI security market.

*Values reflect YoY gains near market close on Nov 8. Writer discloses shares in Microsoft, Snowflake, and Zscaler.