Industry Outlook: SaaS — Week of March 23, 2026

Market Outlook

• AI infra boom shifts to networking and power. Nvidia’s networking business quietly hit $11B last quarter, while startups like Hyperscale Power and Nscale raise multibillion-dollar rounds to re-architect data center power and AI infrastructure. The spend mix is shifting from just GPUs to end‑to‑end AI data center stacks, with massive multi‑year compute deals (e.g., Thinking Machines Lab) locking in capacity. For SaaS, this means higher baseline infra prices, more vendor concentration, and a premium on efficient model usage over raw scale.
• Enterprise AI agents move from demos to operations. AWS launched Amazon Connect Health, an AI agent platform for clinical workflows, while Starling Bank rolled out an agentic financial assistant that executes real actions (payments, goals) from natural language. WordPress.com now lets AI agents write, publish, and manage sites with human-in-the-loop approval. These shifts signal that enterprises are ready for agents that actually change state in production systems, not just chat — raising expectations for SaaS products to embed similar capabilities.
• AI startup funding cools, but infra and security lead. Crunchbase reports that overall deal sizes are smaller, but cybersecurity, privacy, and AI infrastructure remain the most funded categories, and 187 new unicorns in 2025 were largely AI‑driven. Apollo.io’s acquisition of Pocus to build an AI‑native sales OS underscores consolidation around data and signal layers rather than standalone point tools. For SaaS, this points to slower, more selective capital but continued appetite for platforms that sit at critical revenue, security, or infra chokepoints.

Discussion: CTOs should assume AI infra costs and expectations for agentic capabilities will both rise, and plan accordingly: secure capacity, optimize workloads, and decide where you will — and will not — build agents into your product.

Headwinds

• Enterprise software becomes prime zero‑day target. Google reports that half of all zero‑days it tracked in 2025 targeted enterprise tech, particularly security and networking devices, VPNs, and virtualization platforms. As SaaS stacks lean harder on complex infra (reverse proxies, SASE, hybrid cloud), the attack surface and dependency risk increase. For SaaS vendors, a single upstream zero‑day can now cascade into multi‑tenant outages, data exposure, and contractual penalties.
• Regulation tightens on operational resilience and AI. Europe’s DORA regime is already forcing financial institutions to overhaul digital risk management, and most firms are reportedly still not ready a year after enforcement. While DORA is sector‑specific, it’s becoming the reference model for how regulators think about third‑party SaaS, incident reporting, and business continuity. Combined with rising geopolitical and energy shocks, buyers will push much harder on SaaS resilience, data residency, and concentration‑risk controls.
• AI pivot drives layoffs and product pressure. Atlassian cut 10% of staff (~1,600 people) explicitly to refocus capital on AI initiatives, joining a long list of tech layoffs tracked by Crunchbase. This indicates that public and late‑stage private SaaS companies are under pressure to show credible AI roadmaps and margin improvement simultaneously. The risk is organizational whiplash: teams are asked to ship AI features fast while absorbing headcount cuts and reorgs, often without clear business metrics.

Discussion: Defensive priorities this week: tighten third‑party risk and patching discipline, map your exposure to DORA‑style resilience expectations, and ensure AI initiatives are anchored in measurable business outcomes rather than reactive feature theater.

Tailwinds

• Agentic workflows unlock new SaaS value levers. Starling’s AI assistant that actually moves money, and WordPress.com’s agent integration that can publish and manage content, show customers now trust agents with high‑stakes actions given guardrails and approvals. AWS’s Connect Health frames agents as workflow engines, not just chatbots. SaaS products that can safely let agents execute routine tasks (configuration changes, approvals, outreach, reporting) stand to improve NRR via automation‑driven seat expansion and higher perceived ROI.
• Vertical AI platforms open integration and co‑sell paths. Perplexity Health’s integration of Apple Health, wearables, and EHRs, and AWS’s healthcare‑specific agent platform, highlight the rapid rise of vertical AI ecosystems. These platforms need domain‑specific SaaS partners that own workflows (e.g., scheduling, billing, compliance, analytics) rather than just raw data. For SaaS in regulated verticals, integrating as the workflow or data system of record behind these AI front‑ends can drive new distribution and stickier usage.
• AI‑native revenue platforms raise bar for GTM tooling. Apollo.io, nearing $200M ARR, is acquiring Pocus to build an AI‑native operating system for sales, combining intent data, product usage, and workflow automation. This validates product‑led sales as a durable motion and raises expectations that revenue tools will surface prioritized, AI‑ranked opportunities out of the box. SaaS teams with strong product telemetry can build similar signal layers for their own GTM motions or partnerships.

Discussion: To capitalize, CTOs should identify 1–2 high‑friction workflows where agents can safely take action, prioritize deep integrations with emerging vertical AI platforms, and invest in first‑party data infrastructure that can power AI‑driven GTM and product experiences.

Tech Implications

• Build vs. fine‑tune: Mistral pushes custom models. Mistral’s Forge product encourages enterprises to train custom models from scratch on their own data, challenging the dominant fine‑tune/RAG approach of OpenAI and Anthropic. For many SaaS workloads, full custom models are still overkill, but this development will make large buyers more opinionated about model choice, data control, and portability. Architectures need to anticipate a future where customers demand pluggable model backends and clear isolation between app logic and model provider.
• Security must adapt to agentic and multi‑model stacks. Nvidia’s NemoClaw agent platform and rising agent deployments (WordPress, Starling, AWS) create new threat surfaces: prompt injection, cross‑tenant data leakage via tools, and agents with excessive permissions. Coupled with the surge in enterprise zero‑days, traditional perimeter‑centric security is insufficient. SaaS engineering teams must treat AI agents as privileged service accounts with strict scopes, auditable actions, and continuous policy enforcement.
• Infra design shifts toward AI data center constraints. The growth of Nvidia’s networking arm, multi‑gigawatt compute deals, and startups rethinking transformers and power distribution underscore that bandwidth, power density, and locality are emerging bottlenecks. For SaaS, this will manifest as more granular pricing for GPU, network egress, and possibly carbon‑linked SLAs, especially in EU and highly regulated sectors. Architecturally, this favors efficient inference (distillation, caching, hybrid on‑device/server) and regionally aware workload placement.

Discussion: Engineering roadmaps should prioritize model‑abstraction layers, least‑privilege patterns for agents and tools, and infra designs that can flex between providers and regions as AI compute economics and regulatory constraints evolve.

CTO Action Items

This week, reassess your AI architecture with an eye toward modularity: separate application logic, data pipelines, and model providers so you can swap between foundation models, custom models, and vertical AI platforms without a full rewrite. Run a focused threat and resilience review on your AI and integration surfaces — including agents, third‑party APIs, and VPN/virtualization components — and ensure you have rapid patching, incident playbooks, and clear audit trails for agent actions. Identify one or two customer‑visible workflows where an agent can safely execute real actions under human‑in‑the‑loop controls, and spin up a tightly scoped pilot with explicit business metrics (time saved, tickets avoided, conversion uplift). Finally, pressure‑test your infra cost curves under higher GPU and network prices, exploring optimizations like model distillation, retrieval caching, and region‑aware routing to protect gross margins as AI usage scales.