The stock market is still in panic about AI. Victim: the cybersecurity market

We continue digesting the red pill… On February 20, 2026, Anthropic launched Claude Code Securitya tool integrated into Claude Code (Enterprise and Team editions) that scans entire code bases for vulnerabilities and generates suggested patches for human review. The market reaction was immediate and surgical: the publicly traded cybersecurity sector lost billions of dollars of capitalization in a single session. It is not an isolated panic, as we have recently commented, but a change of model. It is the latest chapter in a pattern that has been rewriting the technology investment thesis for weeks: AI not only creates value, It also threatens established business models. And institutional investors are betting in real time.

What exactly does Claude Code Security do?

Claude Code Security It is not a traditional static code scanner. Unlike rule-based tools like SonarQube or static analysis engines integrated into CI/CD pipelines (SAST), the system uses the model Close Work 4.6 to reason about code contextually: trace data flows, understand the interaction between components and detects business logic vulnerabilities that escape signature-based engines.

Each finding goes through a multi-stage verification process: the model itself re-examines its results to filter out false positives, assigns severity and confidence ratings, and presents the validated findings on a dashboard from which the human team approves the patches. Nothing is applied without manual approval. During internal testing with Opus 4.6, Anthropic documented more than 500 high-severity vulnerabilities in open source projects in production, many undetected for decades. The problem for the market is not technical. It is strategic: if an AI layer can detect and propose correction of complex vulnerabilities (memory corruption, injection flaws, authentication bypasses, complex logic errors) in an autonomous and scalable way, what happens to the recurring subscription model of enterprise security platforms?

What does this pattern mean for CISOs?

The stock market pressure on CrowdStrike, Okta o Zscaler It does not imply that your products stop having immediate value. CrowdStrike Falcon operates on real-time detection and response (EDR/XDR) with endpoint telemetry at scale; Zscaler Zero Trust Exchange manages conditional access and network microsegmentation. None of these capabilities are covered by Claude Code Securitywhich is limited to advanced static code analysis in the development phase (shift-left).

This is not an extinction but an adjustment and above all a reevaluation of the business model. The market reflects on the Price it is willing to pay for the vulnerability detection layer in code, which until now was the monopoly of SaaS tools with annual renewal. If an LLM integrated into the development environment resolves that use case in greater contextual depth, renewal of contracts for specialized SAST/DAST scanners comes under review in the 2026-2027 budget cycles.

Fortune’s analysis points out that Anthropic has built Claude Code Security on more than a year of work from Frontier Red Teama group of approximately 15 researchers specialized in red teaming and evaluation of offensive AI capabilities, with validation in Capture-the-Flag competitions and collaboration with the Pacific Northwest National Laboratory for critical infrastructure. It is not an improvised product based on a generic model.

The market response was overwhelming. These were the most significant movements in the session on Friday, February 20:

Source: Yahoo Finance / Investing.com, Feb 20 2026. Also picked up by Bloomberg and SiliconAngle.

Dennis Dick, head trader at Triple D Trading, summed it up with surgical precision: the market is nervous and moves out of fear, any sign of disruption is enough to activate massive sales in the affected sector. The logic: If Anthropic can do what CrowdStrike Falcon or Zscaler’s inspection layer does, the valuation premium for security software as a service (SaaS) comes into question.

In these stock market movements, as in the previous ones, there is a bit of confirmation of a real change in model and a bit of unjustified panic. Claude Code Security It is a tool in limited research previewavailable only for Enterprise and Team customers, with waitlist access and usage restrictions (customer-owned code only, no third-party or licensed code). It is not a generally accessible product that can compete at this time with CrowdStrike Falcon, Zscaler Zero Trust Exchange o Okta Identity Engine. However, the market is discounting the next scenarios, not the present, aware that the model changes caused by AI are much faster than those that technology applied to business has so far caused.

Other sectors affected by AI announcements

One of the peculiarities that investors are understanding is that AI can be disruptive on a very large scale in any sector. He AI Scare Trade It started in SaaS but has systematically contaminated sectors that were historically considered safe havens of non-automatable human cognitive work. The chronology is as follows:

1. Week of February 9: Insurance. Falls in large insurance brokers after the launch of an insurance app based on ChatGPT by the Madrid startup Tuio. Recorded by UBS in analyst note.
2. February 11-13: Real estate services. CBRE Group (NYSE: CBRE) fell 12.2% and 8.8% in two consecutive sessions. Jones Lang LaSalle (NYSE: JLL) lost 12.5% ​​and 7.6%. Cushman & Wakefield (NYSE: CWK) plummeted 13.8% and 11.5%. These are the largest falls since COVID-19 according to Bloomberg.
3. February 12-13: Logistics and transportation. C.H. Robinson (NASDAQ: CHRW) y RXO Inc. (NYSE: RXO) They fell more than 20% each in a single session. J.B. Hunt Transport (NASDAQ: JBHT) lost about 9%, and Expeditors International (NASDAQ: EXPD) fell 16.5%. Catalyst: launching SemiCablogistics automation platform Algorhythm Holdings (NASDAQ: RIME)which rose 31% while the sector sank.
4. February 18: Wealth management. Charles Schwab (NYSE:SCHW) gave up more than 7%. Raymond James (NYSE: RJF) y LPL Financial (NASDAQ: LPLA) They lost more than 8% each. In Europe, St. James’s Place (LSE: STJ) It collapsed by 20%.
5. February 20: Cybersecurity. Claude Code Security as a catalyst. See previous table.

Keefe, Bruyette & Woods (KBW) analyst Jade Rahmani described the pattern precisely: The market is scrutinizing high-commission, labor-intensive business models deemed vulnerable to AI disruption. It is not the current deterioration in fundamentals that is discounted: it is the future compression of margins in a scenario of accelerated automation.

What sectors will be next?

The launch of Claude Code Security It is not the cause of the sector’s correction: it is the latest catalyst in a trend that has been compressing enterprise software valuations for weeks. He iShares Expanded Tech-Software Sector ETF (IGV) accumulates close to a 23% drop in 2026 and the Global X Cybersecurity ETF (BUG) has set 15-month lows. What the market is executing is a valuation premium reallocation: annual renewal SaaS models based on human cognitive work are being penalized compared to platforms with proprietary data, integrated agentic capabilities or direct exposure to AI infrastructure.

It is not the end of security software or real estate services or wealth management. It is the beginning of a profound recomposition of what part of that value chain can be replicated by an LLM at zero marginal cost. What it is is the bell that announces that we must evolve and adapt. For B2B technical teams, the practical reading is clear: vendors that integrate agentic AI into their core platforms before the 2026-2027 contract renewal cycle will maintain their position. Those who don’t will face unprecedented price pressure from startups with integrated foundational models. Claude Code Security It is only Anthropic’s first formal notice in this regard.