The software sector took a beating in the first half of 2025, dragged down by macroeconomic uncertainty, tariff fears, and a broader rotation out of high-growth technology names. But within the wreckage, a handful of cybersecurity companies are emerging as potential beneficiaries of one of the most powerful secular trends in enterprise technology: the rapid integration of artificial intelligence into corporate infrastructure. As organizations accelerate their AI deployments, the attack surface expands dramatically — and the companies that protect that surface stand to gain enormously.
According to MSN Money, three cybersecurity stocks in particular — CrowdStrike Holdings (CRWD), Palo Alto Networks (PANW), and Zscaler (ZS) — have been identified as names that could see significant tailwinds from AI spending even after being hammered during the broader software sell-off. Each company occupies a distinct but complementary position in the cybersecurity value chain, and each has made substantial investments in AI-native capabilities that align with where enterprise spending is headed.
The Software Sell-Off Created an Unusual Entry Point for Long-Term Investors
The sell-off in software stocks that accelerated through early 2025 was driven by a confluence of factors. Rising interest rates in late 2024 compressed valuations across the growth sector, while concerns about a potential economic slowdown led many enterprises to scrutinize their software budgets more carefully. Tariff announcements from the Trump administration added another layer of uncertainty, particularly for companies with global operations. The result was a broad-based decline that punished even the strongest performers in the cybersecurity space.
CrowdStrike, for example, saw its stock decline meaningfully from its 2024 highs, weighed down not only by the sector-wide sell-off but also by lingering concerns about the July 2024 outage that disrupted millions of Windows machines worldwide. Palo Alto Networks, despite delivering consistently strong quarterly results, traded down in sympathy with the broader software group. Zscaler, which had already been under pressure due to slower-than-expected large deal closures, fell further as investors fled to safer ground. Yet for each of these companies, the fundamental thesis — that cybersecurity spending is non-discretionary and accelerating — remained intact.
Why AI Spending Is a Direct Catalyst for Cybersecurity Demand
The connection between AI adoption and cybersecurity spending is more direct than many investors appreciate. Every new AI model deployed in an enterprise environment creates new vectors for attack. Large language models can be manipulated through prompt injection. AI agents operating autonomously can be exploited if their permissions are not properly managed. Data pipelines feeding AI systems become high-value targets for adversaries seeking to poison training data or exfiltrate sensitive information. The result is that every dollar spent on AI infrastructure generates incremental demand for security tools to protect it.
Gartner has projected that global cybersecurity spending will exceed $215 billion in 2025, a figure that reflects both the baseline growth in security budgets and the incremental spending driven by AI adoption. Enterprises are not simply adding AI capabilities on top of existing infrastructure; they are fundamentally restructuring how data flows through their organizations, which requires a corresponding restructuring of their security posture. This dynamic benefits companies that offer platform-based security solutions capable of protecting workloads across cloud, endpoint, and network environments simultaneously.
CrowdStrike: Recovering From the Outage and Doubling Down on AI
CrowdStrike remains the dominant player in cloud-native endpoint security, and its Falcon platform has become the standard against which competitors are measured. The company’s AI capabilities are not a recent addition; CrowdStrike has been using machine learning models to detect threats since its founding. But the company has significantly expanded its AI investments in recent quarters, introducing Charlotte AI as an assistant that helps security analysts investigate and respond to threats faster. According to MSN Money, CrowdStrike is positioned to benefit as enterprises seek to consolidate their security spending onto fewer platforms — a trend that the company has been actively encouraging through its module adoption strategy.
CEO George Kurtz has repeatedly emphasized that the July 2024 outage, while damaging to the company’s reputation in the short term, did not result in significant customer churn. In the company’s most recent earnings call, Kurtz noted that customer retention rates remained above 97%, and that the incident actually accelerated conversations about the need for more resilient security architectures. CrowdStrike’s annual recurring revenue continues to grow at a pace that outstrips most of its peers, and the company has guided for continued expansion as AI-related workloads drive incremental module adoption.
Palo Alto Networks: The Platform Consolidation Play
Palo Alto Networks has arguably done more than any other cybersecurity company to position itself as a platform consolidation winner. Under CEO Nikesh Arora, the company has pursued an aggressive strategy of acquiring and integrating best-of-breed security capabilities across network security, cloud security, and security operations. The company’s “platformization” strategy — which encourages customers to consolidate their security spending onto Palo Alto’s integrated platform — has been a central theme in its investor communications for the past two years.
The AI angle for Palo Alto is twofold. First, the company has embedded AI capabilities throughout its product portfolio, including its Cortex XSIAM platform, which uses machine learning to automate security operations center (SOC) workflows. Second, and perhaps more importantly, Palo Alto is benefiting from the fact that AI deployments are overwhelmingly cloud-based, which drives demand for the company’s Prisma Cloud offering. As enterprises move more workloads to public cloud environments to support AI initiatives, they need cloud security posture management tools to ensure those environments are properly configured and protected. Palo Alto’s ability to offer network, cloud, and endpoint security from a single vendor makes it an attractive option for CISOs looking to simplify their security stack.
Zscaler: The Zero Trust Architecture Leader Faces a Pivotal Moment
Zscaler occupies a unique position in the cybersecurity market as the leading provider of zero trust network access (ZTNA) solutions. The company’s cloud-based security platform routes all enterprise traffic through its global network of data centers, inspecting it for threats before allowing it to reach its destination. This architecture is particularly well-suited to the AI era, where data is constantly moving between cloud environments, SaaS applications, and AI inference endpoints.
However, Zscaler has faced more headwinds than its larger peers. The company’s growth rate has decelerated in recent quarters, and its stock has underperformed relative to CrowdStrike and Palo Alto Networks. CEO Jay Chaudhry has acknowledged that the company needs to improve its go-to-market execution, particularly in closing large enterprise deals. Despite these challenges, MSN Money identified Zscaler as a company that could see meaningful acceleration from AI-driven demand, given that zero trust architectures are increasingly viewed as a prerequisite for secure AI deployment.
The Broader Investment Case: Cybersecurity as Non-Discretionary Spending
What distinguishes cybersecurity from other areas of enterprise software spending is its non-discretionary nature. Companies can delay a CRM upgrade or push back an ERP migration, but they cannot afford to reduce their security posture in an environment where threat actors are increasingly sophisticated and regulatory requirements are becoming more stringent. The proliferation of AI tools — both as defensive capabilities and as weapons in the hands of adversaries — only reinforces this dynamic.
Nation-state actors and criminal organizations are already using AI to generate more convincing phishing emails, to automate the discovery of software vulnerabilities, and to develop malware that can evade traditional detection methods. This arms race between attackers and defenders ensures that cybersecurity budgets will continue to grow regardless of the broader economic environment. For investors willing to look past the near-term volatility in software stocks, the three companies highlighted here represent some of the most compelling opportunities in the sector.
Valuation and Risk Considerations for the Road Ahead
None of these stocks are cheap by traditional valuation metrics. CrowdStrike trades at a significant premium to the broader software sector, reflecting its market leadership and growth trajectory. Palo Alto Networks commands a premium valuation as well, though its profitability and free cash flow generation provide some justification. Zscaler, despite its recent underperformance, still trades at elevated multiples relative to its growth rate, which creates risk if the company fails to reaccelerate revenue growth in the coming quarters.
The key risk for all three companies is a prolonged downturn in enterprise IT spending that forces even cybersecurity budgets to contract. While this scenario is unlikely given the current threat environment, it cannot be entirely ruled out. Additionally, increased competition from hyperscale cloud providers — Amazon Web Services, Microsoft Azure, and Google Cloud — who are building their own native security capabilities represents a long-term structural risk that investors should monitor closely. Still, for those with a multi-year investment horizon, the intersection of AI adoption and cybersecurity spending represents one of the most durable growth themes in technology today.