The SaaS market has entered a storm. Since late January, software stocks have shed nearly $1 trillion in value as investors confront an uncomfortable question: if AI agents can replicate the workflows locked inside subscription software, what happens to the seat-based SaaS business model? The answer hasn't been good for SaaS providers or the expectations for the future of enterprise SaaS use.
How bad is it? The S&P 500 software index's 17% correction in early February is flirting with bear-market territory. It continues a trend that began quietly in October 2025, when software stocks peaked before they began decoupling from the broader market. The iShares Expanded Tech-Software ETF (IGV), the best proxy for SaaS market health, has clearly entered bear-market territory, down roughly 23% year-to-date and over 30% from its October highs.
The damage to individual SaaS providers’ future earnings expectations is even more telling: Salesforce, Snowflake, ServiceNow, Workday, and Adobe are all down 40% or more since the fall of 2025. What started as concerns over AI monetization in late 2025 turned into a rush for the exits in late January as investors concluded that AI agents weren't just competing with SaaS—they are eating it.
Management consulting firms, such as Bain & Company, are aligned with market direction and contend that the era of broad SaaS hypergrowth is over. Market revenue has leveled off, with growth now in the high single-digit to low double-digit range, down from 20%-30% annual growth in prior years. BetterCloud and other industry observers note that growth is increasingly shifting toward AI features, agents, and integrated SaaS platforms rather than net‑new standalone apps, which compresses traditional SaaS license growth even as overall spend on software and AI rises.
For CISOs watching enterprise SaaS portfolios shrink from 300 applications to 30, and aiming to cut SaaS spend and consolidate point products into platforms, should they expect their associated security budgets to follow? Unlikely.
Understanding why is key to understanding the nature of the risk transformation underway.
The Attack Surface Isn't Disappearing, It's Concentrating
Justin Dolly, chief security and customer officer at Ory Corp, which manages more than 2 billion identities across deployments, said that a shrinking SaaS footprint is unlikely to eliminate risk for enterprises. Instead, it concentrates it. "Removing dozens of lightly used SaaS tools does reduce sprawl, shadow IT, and forgotten integrations, which is real progress. But what replaces that sprawl is a smaller number of platforms with far deeper privilege, broader APIs, and tighter coupling to core business workflows," Dolly said.
Amit Basu, CIO and CISO at International Seaways, agreed: "You are trading sprawl risk for concentration risk. The attack surface may shrink, but the impact [of incidents] can grow."
The shift is from highly visible application sprawl to less visible machine identity sprawl. "As AI agents replace human users, API tokens, service accounts, and delegated permissions multiply, creating a more abstract and harder-to-govern trust layer," said Melody Kaufmann, cybersecurity author and instructor at O'Reilly Media. "The risk does not disappear. It becomes programmatic, persistent, and far less visible."
That spells trouble for enterprises that already lack an understanding of their attack surface, particularly app-to-app integrations that manage data flow across their ecosystems, said Russell Spitler, co-founder and CEO at Nudge Security. "These machine-to-machine connections operate outside traditional security controls, creating blind spots that attackers can exploit. AI agents and MCP servers will dramatically accelerate this trend.
Anthropic's Model Context Protocol (MCP) and Google's Agent2Agent (A2A) standards enable AI agents to communicate directly with enterprise systems via APIs and service accounts, bypassing the human layer — where traditional security controls often reside.
In fact, in most cloud environments today, non-human identities already outnumber employees—and that gap is widening exponentially as AI agents proliferate. The January 2026 Clawbot incident is illustrative: a viral AI assistant with shell access, plaintext credential storage, and over 1,200 misconfigured instances leaked API keys and exposed enterprise data at scale. These weren't traditional "breaches"—they were architectural failures in which autonomous agents operated with excessive privileges and little, if any, oversight.
These changes in enterprise cybersecurity are already underway. Still, they will accelerate in the months and years ahead as the proliferation of AI agents continues, the consolidation of agentic AI and SaaS risk increases, and the "platformization" of cybersecurity tools hastens.
The Pricing Model Crisis: Seat-Based Licensing Is on Life Support
The "SaaS-pocalypse" is also creating a challenge for cybersecurity vendors and confusion for CISOs. SaaS pricing models are currently designed for a world where humans are the primary consumers of software, but that world won't last much longer. "Seat-based pricing breaks down when software identities outnumber humans," said Kaufmann. "Vendors will have to price security the way cloud providers do: around consumption, transaction volume, and risk-weighted access. The meaningful unit is no longer the user; it's the activity," Kaufmann stressed.
"Pricing should be risk-driven, not seat-driven," agreed Richard Bird, CSO, Singulr AI. "As non-human identities proliferate, vendors need to shift from pure seat or app metrics to metrics that reflect privilege, exposure, and transaction risk," Bird said. He suggests tiered, agent-aware pricing based on agent criticality, data sensitivity, and runtime activity—essentially charging for protected transactions and validated agent identities rather than traditional per-seat licensing.
The bottom line for CISOs and security practitioners is clear: security budgets should follow risk and exposure, not the number of SaaS logos an enterprise has. "A smaller application portfolio does not translate into proportionally lower security risk, and the budget should not automatically follow the app count downward," explained Dolly. "As portfolios shrink, the business impact of failure increases because more value is concentrated in fewer systems. Security effort shifts from managing many isolated environments to protecting shared platforms, identity layers, and runtime control points," he said.
What this means for the cloud security market, enterprise security programs
Many security point tools will be integrated into platforms. And this is likely to occur along predictable lines. For instance, any tools that exist for humans to monitor click activity in SaaS—classic CASB, browser plug-ins, thin SSPM, and "seat-count plus dashboard" tools—are likely living on borrowed time. As work shifts to API calls, service accounts, and autonomous agents, those tools either become API- and identity-native or are absorbed as features within larger security and cloud platforms. Backup, by contrast, becomes increasingly important: as fewer platforms hold more data and logic, the blast radius of a bad change or compromised agent becomes serious, and there needs to be clean, independent rollback paths.
CrowdStrike, Palo Alto, Zscaler, Microsoft, and their peers will continue to benefit in this environment. They already sit at the natural control points—endpoint, network, identity, cloud—and they already price and think in terms of usage and telemetry, not just seats. As security spending consolidates, those platforms will be where identity and data gravitate.
However, CISOs will also face the same pattern of "shadow" AI adoption as they experienced with mobile phones, cloud, and SaaS applications. The platformization of security tools will also exacerbate regulatory and data-sovereignty challenges, as these platforms centralize security data.
Zero trust architectures? They'll need restructuring. The 'never trust, always verify' model was designed for human users accessing discrete applications. When AI agents communicate through APIs at machine speed, traditional authentication models don't scale, and zero trust will have to shift from 'verify the user' to 'verify the API call, the agent's privileges, and what data it's touching, continuously.
This reshuffles their security stack. And identity, data lineage, and runtime behavior become top priorities. In practice CISOs should rationalize toward a small number of platforms that can see human and machine behavior; manage the budget properly as vendor conversations increasingly move away from seat pricing and toward protected activity and risk reduction pricing; and rebuild their programs around the continuous governance of identities, agents, and integrations, not playing whack-a-mole with applications spread throughout the enterprise, or screen swapping to try to trace security events.
The SaaS-pocalypse is real—but, paradoxically, for cybersecurity, it's a risk-expansion event, not a contraction in enterprise risk. Enterprises may cut SaaS usage from 300 applications to 30, but the security budget won't follow suit. Instead, the risk surface is shifting from visible app sprawl to invisible machine identity sprawl, from user-driven workflows to agent-mediated automation, and from configuration management to runtime behavior monitoring.
The meaningful risk metrics: privilege density, breach and event blast radius, identity complexity, and recovery capability—and they're increasing as SaaS portfolios consolidate.
For cybersecurity vendors, rethinking pricing isn't optional: seat-based models break down when non-human identities outnumber employees 10-to-1. The future is consumption-based, risk-weighted, and agent-aware. For CISOs, the move is recognizing how this reshapes risk management.
