Nikesh Arora declares the SaaSpocalypse dead for cybersecurity as Palo Alto uses AI to surface 5-7 years of vulnerabilities in six weeks

SaaSpocalypse called off

Nikesh Arora argues the thesis that AI would cannibalize cybersecurity software is dead — and the logic is straightforward. General-purpose models still carry a 25% false positive rate without proper context and harnesses. In security, getting one in four wrong is not a rounding error. Palo Alto sits at over 125 million enforcement points, and no model is going to displace that infrastructure by running unassisted.

The more pointed argument is that AI actually strengthens the case for incumbents. More AI deployment means more network traffic, and more traffic means more bits to inspect. Palo Alto's business is inspection.

Six weeks, five to seven years of debt

The clearest data point Arora offers is internal: using AI to test its own codebase, Palo Alto surfaced vulnerabilities in six weeks that would have taken five to seven years to find through conventional methods. The company had been patching roughly four or five issues a month. The AI-assisted sweep produced a flood — requiring a larger patch cycle pushed to all customers.

Arora's read is optimistic. The industry is burning through years of accumulated technical debt in a matter of months. Six months from now, he argues, the next model will find far fewer issues because the backlog will largely be cleared. It gets bumpy before it gets better, but the starting point improves.

“We can officially declare the SaaS eclipse dead for cybersecurity. The false positive rate on unaided models is twenty-five percent — in cybersecurity, our business is to get everything right. What we found in the last six weeks would have taken us five to seven years to find. It's bumpy, but it's a better starting point six months from now than it is today.”

The AI attack window

Arora flags a genuine near-term risk. He points to Anthropic's model as an example of a system capable of daisy-chaining vulnerabilities to design attacks — which is why Anthropic was careful about release constraints. But he says that window is closing: six to nine months before capabilities at that level are broadly embedded across frontier models and increasingly difficult to constrain.

The defense response requires a modernized stack and real-time anomaly detection at scale. His framing is that the attack-defense race has always been asymmetric — defenders need to be right every time, attackers only once — and AI doesn't change that structural fact.

Internal AI discipline

Arora is direct about how Palo Alto handles internal AI use. Crown-jewel code never touches external models. The company runs a sequestered open-source model that cannot communicate outside the firewall, accepting that it performs at roughly 85–90% of frontier capability in exchange for zero data exposure. For tasks that don't require high reasoning, smaller or open-source models handle the load.

The larger transformation effort is concentrated in customer support, where a team of 30 is rebuilding the function end-to-end — embedding LLMs, layering in machine learning and new knowledge bases, and targeting false positives in the low single digits. Arora's framing on workforce impact is concrete: with 21,000 employees, lifting the average intelligence of 100 marketing or support staff to 95% of their best performer matters far more than any individual power user.

On the AI psychosis question — employees using models that produce sycophantic, low-value output — Arora says the key discipline is keeping humans in contact with ground truth rather than asking AI to evaluate its own work. He illustrates the point with a direct example: running an earnings script through Gemini's refinement feature produced a version that changed "we simulated a cyber attack completed in 24 minutes" to "we attacked in 24 minutes." Human supervision caught it.

Quantum

Palo Alto has already shipped a product for this. Arora says the company offers a quantum cryptography readiness assessment and can wrap customer traffic with quantum-secure keys today, before customers have upgraded their own infrastructure. The concern he is solving for is nation-states harvesting encrypted data now, with the intention of breaking it once quantum computing becomes viable. His assumption is that nation-states will have quantum capability well before it reaches commercial availability.