Diving overview:
- Companies that use AI to write code are creating serious security risks that not all organizations are prepared to address. According to the report Security testing company ProjectDiscovery made the announcement Wednesday.
- ProjectDiscovery research shows that security professionals want audit trails and access restrictions before integrating AI into their processes. “They’re not against technology, but they need technology to get there.”
- This report highlights one of them. the most difficult aspect The AI revolution in the corporate world: Tensions between AI-assisted programmers and those charged with protecting their work.
Dive Insight:
“A flood of AI-generated code is hitting security teams, and the wave is growing faster than most organizations can absorb it,” ProjectDiscovery said in a report. “Engineering teams are shipping at an unprecedented rate, and security teams are standing in the way of that upward trend.”
Only 38% of cybersecurity professionals say they are doing well with the increased amount of code they have to review due to AI, and nearly 60% say the task is becoming increasingly difficult. Security professionals at midsize companies felt this pressure more than those at large companies. This likely reflects the amount of resources large companies have to devote to the task.
This report is based on a survey of 200 cybersecurity professionals from medium to large companies in North America and Western Europe. According to ProjectDiscovery, nearly half of respondents are involved in security architecture, and more than half are involved in “selection or approval of security products.”
Defenders are concerned about some risks These include trade secret leakage (78% of respondents cited this as their top concern), supply chain risks from untrusted dependencies (73%), and “business logic vulnerabilities” (72%), which are flaws in application design that allow hackers to exploit legitimate functionality, all resulting from the use of AI to write code.
In discussing the breach, ProjectDiscovery stated: 2025 National Cybersecurity Alliance Report They found that 43% of employees admitted to entering sensitive company data into an AI tool.
European respondents were more likely than American respondents to cite security breaches as a major concern (87% vs. 72%). This likely reflects the strict privacy requirements of the European Union’s General Data Protection Regulation (GDPR).
