As frontier AI models become essential infrastructure for security tooling, Anthropic and OpenAI now hold outsized influence over which startups thrive. Access to their models, and the terms attached, is reshaping the economics of an industry projected to top $200 billion.
Two AI labs have quietly become the most important vendors in cybersecurity, and most of the companies depending on them did not exist five years ago. Anthropic and OpenAI now supply the underlying intelligence for a growing share of security products, from automated threat triage to code vulnerability scanning, putting them in the position of deciding which startups get to compete and on what terms.
The shift is structural. A new generation of security companies builds its core functionality on top of frontier models rather than training their own. That choice makes sense on paper. Training a competitive large language model costs hundreds of millions of dollars and requires talent that two or three companies have largely absorbed. Renting access through an API turns that capital expense into a per-token operating cost. But it also means the value a security startup creates sits on a foundation it does not own.
The business mechanics behind the dependency
Consider the economics. The global cybersecurity market is on track to exceed $200 billion in annual spending, and the fastest-growing segment is AI-assisted detection and response. A startup selling an autonomous security analyst might charge enterprise customers $50,000 to $500,000 a year. A meaningful portion of that revenue flows straight back to whichever model provider powers the product. When a vendor like Anthropic adjusts pricing, rate limits, or usage policies, it directly compresses or expands the margins of every company built on its platform.
That leverage is what makes these labs kingmakers rather than just suppliers. Model access is not commoditized in the way cloud compute became. Performance differences between frontier models and the next tier down are large enough that a security product running on a weaker model produces visibly worse results, more false positives, slower triage, missed exploits. Customers notice. So the choice of model provider becomes a competitive bet, and the providers know it.
Why security is the proving ground
Cybersecurity is an unusually good market for frontier AI for a few reasons. The work is text-heavy and pattern-driven, exactly what current models do well. Analysts spend their days reading logs, correlating alerts, writing detection rules, and summarizing incidents, tasks that map cleanly onto what a capable model can automate or accelerate. The labor shortage is also acute, with hundreds of thousands of unfilled security roles, which gives buyers a strong incentive to adopt tools that reduce headcount pressure.
For Anthropic and OpenAI, security customers are attractive in turn. Enterprises in this space have real budgets, tolerate premium pricing, and operate under compliance regimes that favor established vendors with safety commitments. Anthropic has leaned into that positioning, emphasizing model reliability and its work on reducing harmful outputs, which resonates with buyers who cannot afford an AI system that hallucinates a threat assessment.
The strategic risk for everyone downstream
The arrangement carries concentration risk that the industry is only starting to price in. A security firm that builds its entire detection engine on a single provider faces exposure on three fronts at once. Pricing can change. Access can be restricted, particularly for security use cases that involve analyzing malware or offensive tooling, where providers enforce usage policies that can flag legitimate research. And the provider can ship a competing feature, turning a partner into a rival overnight.
That last risk is not hypothetical. Both labs have shown willingness to move up the stack, releasing agentic products and developer tools that overlap with what their own customers sell. A startup that demonstrates a profitable application built on someone else's model is, in effect, doing market research for the platform owner.
The rational response from downstream companies is to hedge. Some are building abstraction layers that let them swap between Anthropic, OpenAI, and open-weight alternatives like Llama or Mistral depending on cost and performance. Others are fine-tuning smaller open models for narrow tasks where a frontier model is overkill, reserving the expensive API calls for genuinely hard problems. This multi-model approach trades engineering complexity for negotiating leverage and resilience.
What it means for the market
The near-term effect is consolidation of influence at the model layer and continued fragmentation at the application layer. Expect the labs to keep capturing a rising share of security software economics, much the way cloud providers came to sit underneath nearly every SaaS business. The difference is that cloud infrastructure became roughly interchangeable, while frontier model quality remains differentiated enough to confer real bargaining power.
For buyers, the practical question is no longer just which security vendor to choose but which model that vendor depends on and how exposed it is to a single supplier. For investors funding the next wave of AI security startups, model dependency now belongs on the risk page alongside customer concentration and churn. The companies that endure will be the ones that treat frontier access as a strategic relationship to manage rather than a utility to plug in and forget.
Comments
Please log in or register to join the discussion