Rubrik CEO: Cybersecurity Cannot Be Vibe Coded
Key insights
- Sinha frames 12 years of enterprise trust as a competitive moat that vibe coding fundamentally cannot replicate, testing whether deep infrastructure companies are truly AI-proof or just slower to disrupt
- Rubrik positions AI as an accelerant rather than a threat, arguing that enterprises need data security more as they deploy AI agents
- Customers are explicitly citing the Iran conflict when placing new cybersecurity orders, signaling that cyber resilience is becoming a national security priority
This is an AI-generated summary. The source video includes demos, visuals and context not covered here. Watch the video โ ยท How our articles are made โ
In Brief
Bipul Sinha, CEO and co-founder of Rubrik (NYSE: RBRK), told CNBC's "Squawk on the Street" that cybersecurity infrastructure "cannot be vibe coded". His argument: 12 years of enterprise customer experience cannot be replicated by AI-powered coding tools. Rubrik reported strong fiscal year results with annual recurring revenue near $1.5 billion and free cash flow above $230 million, even as its stock remains roughly 50% below its 52-week high. Sinha also pointed to the Iran conflict as a direct driver of new cybersecurity orders.
Related reading:
The earnings picture
Rubrik's quarterly results beat expectations, and the company issued upbeat full-year guidance. The key numbers tell a clear story:
| Metric | Value |
|---|---|
| Revenue growth | More than 45% |
| Annual recurring revenue (ARR) | ~$1.5 billion, up 34% |
| Free cash flow | Over $230 million for the fiscal year |
| FCF year-over-year change | 10x increase compared to the prior fiscal year |
The stock is still nearly 50% below its 52-week high, caught up in the broader sell-off that has hit cybersecurity and software companies. But the underlying business is growing fast, and Sinha used the CNBC appearance to address the question investors keep asking: is Rubrik an AI beneficiary, or is AI a threat?
"Rubrik cannot be vibe coded"
CNBC anchor Sarah Eisen asked directly what would stop Anthropic or OpenAI from moving into Rubrik's space. Sinha's answer was blunt.
"Rubrik cannot be vibe coded", he said. Vibe coding is the practice of using AI tools to generate software from natural language descriptions instead of writing it manually. Sinha's point is that mission-critical data infrastructure is fundamentally different from simpler software categories.
He drew a sharp contrast with less critical software. "We are not just a lame marketing automation software", Sinha said. If Rubrik fails, the consequences are immediate: "Banks stop. You can't dole out money. The hospitals can't deliver patient care."
His argument comes down to what he called "soak time," the years it takes for enterprise software to become reliable enough that large organizations trust it with their most sensitive operations. Rubrik has 12 years of customer feedback built into its platform. That kind of accumulated trust, Sinha argues, is not something an AI coding tool can replicate overnight.
"When ransomware hits, vibe code or LLM will not save you", he added.
Rather than positioning AI as a threat, Sinha described Rubrik as an "AI-accelerated company." The pitch: as enterprises deploy more AI agents, they need better data security, not less. Rubrik claims to reduce risk by giving organizations visibility and control over both their core data and their AI systems.
Geopolitical conflict is driving orders
Eisen also asked about the impact of the Iran conflict on cybersecurity demand. Sinha confirmed it is having a direct effect.
Geopolitical military action leads to retaliatory cyber attacks, he explained. He pointed to a pattern where physical conflict triggers digital retaliation targeting economic infrastructure, specifically data centers, AI systems, and digital communication networks.
Sinha said Rubrik is seeing increased orders from customers worried about keeping their businesses operational during a cyber attack. When asked whether customers are citing the war specifically when placing orders, he confirmed they are.
This shifts the framing of cybersecurity spending. It is not just an IT budget line item anymore. For organizations watching geopolitical developments, cyber resilience, the ability to keep operating during and after an attack, is becoming a matter of national and economic security.
Glossary
| Term | Definition |
|---|---|
| Vibe coding | Using AI tools to generate code from natural language descriptions instead of writing it manually. The term became widely used in early 2026. |
| Annual recurring revenue (ARR) | The predictable yearly income from subscriptions. A key metric for evaluating software companies. |
| Free cash flow (FCF) | The cash a company generates after paying its operating expenses and capital investments. Shows how much real money the business produces. |
| Ransomware | Malicious software that encrypts a victim's data and demands payment for the decryption key. |
| Cyber resilience | An organization's ability to continue operating during and after a cyber attack. |
| Soak time | The period of real-world use it takes for enterprise software to become reliable and trusted. Similar to how a new car model improves over multiple production years. |
| State actor | A government or government-backed group that conducts cyber operations against other nations or their infrastructure. |
| Data infrastructure | The foundational systems that store, protect, and manage an organization's data. |
Sources and resources
Want to go deeper? Watch the full video on YouTube โ