Anthropic’s Claude platform, for example, recently built a clone of the Slack platform in a marathon 30-hour coding session. This means that anyone with sufficient prompt engineering skills can single-handedly create a high-revenue software platform over the weekend. Of course, one still faces all the challenges of sales, distribution, scale, and integration with dozens of other software platforms, but these are present in any new business. The fact remains: subtracting years from the calendar and tens of millions from the engineering costs is a game-changer.

Another example. The tax consultancy KPMG wrote a 100-page prompt to create an agentic AI that provides tax advice much faster than humans could hope to achieve. That’s great news if you are a customer of KPMG, but awful news if you are their (presumably former) supplier of tax software. This type of in-house initiative completely reshuffles the calculus of 'build vs. buy’ for end users. To borrow from Milton Friedman, we are all developers now.

Even the Goliaths may fall. According to a recent Wall Street Journal headline, “Salesforce Has to Prove Software’s Staying Power in AI Age.” This is a potentially watershed moment because Salesforce is widely regarded as the bellwether of enterprise SaaS. They launched in February 2000 with the now ironic tagline, "The End of Software." But have no worries. The CRM leader isn’t being replaced any time soon—not by a long shot—but the cracks in established software markets are beginning to show.

What kinds of software companies are most at risk? The AI coding threat targets at least two distinct vulnerability profiles:

• products replaceable by cloned code and/or low effort on AI platforms, and

• companies that fail to leverage AI to stay ahead of the wave.

In the first category, the software products at risk include graphic design, video production, office productivity, customer service, CRM, business intelligence, and developer tools, among others. The AI scene is sprouting contenders in all of these categories: Nano Banana, Sora, Grammarly, Wonderchat, Fin, Claude, and Replit, to name just a few. And these barely scratch the surface of what’s out there. At the current rate of progress, we’ll be living in a whole new world by the end of the next quarter.

You’ll note that neither security, smart buildings, IoT, nor any other infrastructure platforms are included in this list. The question is: why not? One investment banker I spoke to recently shared his belief that physical security companies have a built-in moat due to their strong connection to the physical world. I would add that many factors make this a rather substantial moat: the need for human technicians, regulatory and licensure requirements, and the extensive body of knowledge embedded in the CPP and similar security practitioner certifications. To borrow a phrase, it takes a village to make security deployments work in the real world. There are no clickable, downloadable solutions, nor any DIY in commercial security.

That said, security technology providers still need to leverage AI to compete against new entrants that are addressing specific pain points that better algorithms can cure. We’re seeing this in the video analytics space, primarily, where platforms like Ambient and Cobalt AI can provide analytics on any video stream—and do a much better job of it than the built-in analytics available on traditional VMS platforms. We’re also seeing the reinvention of the SOC and monitoring platforms with AI-native strategies that will ultimately dominate due to lower acquisition and operational costs.

In the video domain, multimodal large language models trained on billions of publicly available streaming media assets now include object- and situation-specific analytics in their foundation models. This means a small team of developers can build features like tailgating detection in months—a task that previously required a fat wallet and dozens of person-years to accomplish. This is great news for security buyers because it lowers the cost of development, thereby increasing the feature set that their software providers can provide on the platform they already use.

The growth of AI-driven point solutions gives platform companies three choices: acquire, form partnerships, or build it themselves. In recognizing these three pathways, however, we must also note that the boundaries between the old categories (PACS, VMS, Intrusion, Visitor, Identity, etc) are no longer as clearly delineated as they once were. As noted in the 2023 SIA Megatrends report, these boundaries have blurred due to product agnosticism in the face of a growing emphasis on outcomes rather than tools. While the make vs buy decision is existential for software development companies, it doesn’t have to be the mass extinction event for security that it will be for other software sectors.

Regardless of which way individual vendors turn, the integrator channel will benefit immensely from a wealth of new AI-native products and capabilities that put them in a better position to deliver more value to their customers.

Part 3: Man Bites Dog. Coming Soon.