William Blair has moved to downgrade multiple vulnerability management firms to Market Perform, singling out Qualys, Tenable and Rapid7 as facing heightened uncertainty from the rapid evolution of artificial intelligence. The brokerage said the developments in next-generation AI - particularly models that can surface and potentially exploit software weaknesses - are changing investor sentiment and competitive dynamics within cybersecurity.
Analysts at the firm noted that, despite the change in tone, overall enterprise spending on cybersecurity has held up. Budgets are largely stable and, in some cases, showing modest growth. Nevertheless, the shift toward AI has increased pressure on vendors to demonstrate accelerating growth to sustain current valuations in what William Blair described as an 'AI-disrupted SaaS environment.'
In a separate note, CrowdStrike was called out as a preferred name. William Blair highlighted strong demand for the firm's AI-enhanced endpoint security solutions and early traction from what it described as emerging 'agentic AI' security operations. The brokerage believes CrowdStrike is positioned to gain share across cloud, identity and security operations segments.
Other vendors that received positive commentary included Okta, Cloudflare and Akamai, with their roles in identity, edge infrastructure and platform-based security solutions cited as supportive of long-term demand dynamics.
The downgrades of the vulnerability-management specialists reflect a specific worry: that advanced AI may transform the way vulnerabilities are detected, prioritized and fixed. William Blair argued that such models could automate substantial portions of those workflows, potentially diminishing reliance on traditional vulnerability tools.
Still, the brokerage stopped short of a broadly negative outlook for the affected vendors. It pointed to features that could constrain downside, including sticky customer relationships, comparatively low valuation levels, and the prospect that AI might ultimately augment existing platforms rather than replace them outright.
Enterprises are increasingly reallocating IT budgets toward AI initiatives, including spending on data security, identity management and AI governance. That reallocation, William Blair observed, is creating tension with conventional software spending, as firms attempt to balance higher infrastructure costs against new AI investments.
Despite elevated geopolitical risks, the firm reported cybersecurity spending has remained steady so far in 2026. Analysts also noted an absence of any major slowdown in deal pipelines, while warning that market volatility may continue as participants respond to rapid AI advances.
Key points
- William Blair downgraded Qualys, Tenable and Rapid7 to Market Perform due to AI-driven uncertainty affecting vulnerability management.
- CrowdStrike, Okta and Cloudflare received favorable mentions for their positioning in AI-powered security and identity/edge infrastructure offerings.
- Overall cybersecurity budgets remain stable and in some cases modestly growing, but firms face pressure to accelerate revenue in an AI-disrupted SaaS landscape.
Risks and uncertainties
- Advanced AI models may automate vulnerability detection and remediation, potentially reducing demand for traditional vulnerability-management tools.
- Reallocation of IT budgets toward AI initiatives could compress spending on legacy software as companies balance rising infrastructure costs with new investments in AI.
- Ongoing market volatility is possible as investors and customers adjust to rapid AI advancements, even though deal pipelines have not slowed significantly.