Is the Cybersecurity World Heading Toward Its Own SaaSpocalypse?
February 2026: shares of SaaS software vendors collapse on the stock market. Salesforce loses 42% of its value, Adobe 40%, while ServiceNow, SAP and Shopify are hit in turn. More than one trillion dollars vanish within a matter of hours. The crash follows the announcement of Claude Cowork, Anthropic’s agentic offering.
An emblematic SaaS stock, Salesforce is still struggling to recover. At 173 dollars, its share price now sits far below its all-time high in May 2026, when it traded above 290 dollars. Marc Benioff waited until April 19 to react to the SaaSpocalypse in the Wall Street Journal, arguing that investors betting against Salesforce are mistaken and that, on the contrary, AI will make its platform even more relevant…
A threat to the SaaS business model
For analysts, the acceleration of agentic deployments represents a direct threat to the business model of SaaS vendors, which still largely bill customers based on the number of… human users. Replacing humans with agents fundamentally challenges this model, and vendors are beginning to adapt their licensing strategies. During a visit to Paris, Mark Moffat, CEO of ERP vendor IFS, explained that he wants to introduce a new licensing model for customers: “I don’t think the SaaS model is dead. The SaaS business model based on the number of users must change if it is to survive, and now is the time for the industry to respond. Today we announced that we will change the basis of our pricing to rely on a metric other than users: pricing will be based on the number of factories managed, the number of aircraft maintained, the number of warehouses orchestrated by IFS software, rather than on users.”
For now, many vendors, led by Microsoft, have dramatically increased the price of per-user licenses to provide access to AI capabilities. Time will tell who is right.
A systemic threat to the software world
The other threat looming over SaaS applications is existential: if industrial processes, procurement and CRM are handled by agents, the role of the applications themselves may be reduced to that of simple data silos. Pushed to its logical conclusion, if process intelligence moves into the agents, these repositories become interchangeable… a major risk for any software vendor. Romaric Philogène, co-founder of the Qovery platform, sums up this risk: “If a platform interfaced with AI can be replaced, it means it does not provide enough value. Just as with Machine Learning, generative AI works on a Garbage in / Garbage out basis. It must be fed with data at the right level of detail so it can make the right decisions. Platforms that do not own their own data and merely act as intermediaries have no value and will eventually disappear.”
A year ago, during its annual Sapphire 2025 event, giant SAP did everything possible to convince the audience that it did not intend to become a mere repository from which every agentic platform would pull data. SAP intends to be the provider of the agentic platform that hosts the agents. Announcements surrounding the SAP AI Foundation development kit and SAP Agent Hub clearly point in that direction… but the threat remains very real: if a company prefers Microsoft’s or AWS’s agentic platform and merely consumes data through the MCP server, business intelligence shifts toward that third-party platform. Offering its own platform no longer seems sufficient for SAP, since the vendor has just tightened access to its APIs for all third-party AI agents, officially for security and stability reasons.
An impact on cybersecurity that is more positive than apocalyptic
Could what is happening in the world of business applications also happen in cybersecurity, where platformization and SaaS are rapidly becoming the norm? Eric Domage, senior analyst specializing in cybersecurity at PAC Analysts, points out: “SaaS will become the almost exclusive consumption model for cybersecurity applications within ten years. Tomorrow, apart from a few major players such as EDF or banks, nobody will have the means to operate their own security. The use of MSSPs will become universal.”
All major vendors are integrating agentic AI into their solutions. French vendor HarfangLab, for example, already dedicates 10% of its R&D budget to AI. It already offers a personal assistant called Kio and an agent named Ashley to assess the presence of unknown malware in files. Its researchers believe agentic AI can prove relevant in highly specific use cases: a SOC analyst can ask the agent to prioritize the events requiring attention, or help create a whitelist when new workstations or servers are added to the network. Generative AI can also be useful in helping operators handle multiple different tools simultaneously, as is often the case with MSSPs.
For now, the HarfangLab platform does not expose an MCP server and cannot be controlled by an external agent. “It’s a real issue,” explains Anouck Teiller, Deputy CEO of HarfangLab. “The issue with agents is the same as the one we already faced with connectors, and on which we worked with Sekoia, Glims and several others to create the OSCP Open XDR standard. For agents, there is MCP, which allows two agents to communicate with each other. A SIEM agent will be able to query the EDR to obtain data and display it within the SIEM. The technology exists, but we still need to define the scope of responsibility for each solution. With our LLM, it is possible to trigger blocking actions. If such functionality is exposed through an MCP server, we must ensure that the action is legitimate. This is clearly one of the points currently slowing down the cybersecurity industry.”
Another vendor active in the cybersecurity market, American company Elastic, is taking a far more aggressive stance toward the shift to agentic AI. It has already deployed agentic capabilities across its three platforms: Search, Cybersecurity and Observability. Yannick Fhima, Director of Enterprise Data Solutions for Southern EMEA, believes this integration enables both faster responses to incoming attacks and the implementation of playbooks and automations. “SOC analysts can now rely on MCP Apps directly from environments such as Claude Cowork or Claude Code and interact with these AIs using natural language. The analyst can ask for the status of the day’s alerts; through MCP, the agent will display the status of alerts reported by the SOC via the MCP server hosted by Elastic.” He adds: “This new approach is not a SaaSpocalypse but rather a paradigm shift. Agentic AI is a new interaction channel with the Elastic stack. It will in no way replace the deployment phase of the platform. However, in ‘Run’ mode, this is already happening, particularly in the Search domain, with agents performing searches. For cybersecurity, this will be a transformation, not a revolution.”
SOAR technologies have already increased SOC automation, notably by eliminating many Level 1 analyst tasks. Agentic AI is now taking over and will push automation even further. Eric Domage adds: “SOC automation, vulnerability detection automation and incident detection automation have relied on AI for a very long time, and there is absolutely nothing new about that, nor is it a threat. What will be radically transformed by agentic AI is the intensity of this automation.”
Will the Mythos shock accelerate the race toward agentic AI?
Whether viewed as an evolution or a rupture from a defensive standpoint, agentic AI represents a massive threat. Mythos demonstrated that intelligent agents can be exploited to discover vulnerabilities at scale, while autonomous agents such as OpenClaw can expose companies to considerable risks of data leakage. “Agentic AI raises the issue of agent autonomy because we have not trained automated systems to detect the actions of these autonomous agents,” adds Eric Domage. “We are beginning to see defensive agents deploying autonomously, but such agents absolutely need to be coordinated with a cybersecurity policy. For analysts, the major challenge regarding automation and platformization lies in the ability to acquire intelligence. It is not the SOC that matters most, but CTI, Cyber Threat Intelligence. Major SOC operators already master automation. What differentiates them today is the value of their CTI and their ability to leverage that intelligence.”
Benjamin Leroux, Chief Marketing Officer at Advens, believes many cybersecurity professions will, in one way or another, be impacted by generative AI. “If we take the SOC as an example, it is likely that the pyramid of Level 1, 2 and 3 analysts will invert, with Level 1 being drastically reduced due to automation, while experts at the upper levels will still be needed. Experts will also be necessary to configure these platforms.” As for AI’s ability to respond in real time to a security incident and apply the remediation measures it is already capable of recommending, the market is clearly not ready to hand over the keys to its security entirely to AI, even though it would react much faster than humans. “Applying remediation measures is technically complex because actions need to be carried out across multiple systems. There are still technical barriers to overcome, and such measures need to be tested before being deployed in production. In certain sectors, this automation will simply be impossible, especially in industrial environments where systems are certified, or in sectors that cannot tolerate the slightest unplanned production interruption.”
AI is not about to remove humans from the loop in operational cybersecurity, but it will profoundly transform the work of IT service companies. Consulting activities are already being disrupted by the rise of generative AI. Whether due to the economic climate or AI itself, demand for junior consultants is weakening. Some GRC and campaign automation tools are progressing rapidly, and CISOs will increasingly become supervisors of agents while relying less on external service providers. “Some of our missions are automatable: AI can already draft a security policy, analyze security events, and conduct penetration tests. Clearly, we now need to rethink how we are going to reinvent ourselves,” concludes Benjamin Leroux.