Intelligent CISO Issue 99 | Page 30

N concerned about the security risks introduced by AI-generated code, according to new research entitled AI Coding Assistants and the New Security Challenge from Salt Security. The report highlights the growing pressure on organisations to govern AI-assisted software development at scale.
AI-GENERATED CODE RISK

New research reveals 9 in 10 security leaders concerned about AI-generated code risks

ine in 10 security leaders are

N concerned about the security risks introduced by AI-generated code, according to new research entitled AI Coding Assistants and the New Security Challenge from Salt Security. The report highlights the growing pressure on organisations to govern AI-assisted software development at scale.

Among the report’ s key findings:
• 90 % of security leaders have active concerns about AI-generated code
• 67 % say AI coding assistants are now widely adopted across development teams
• 38 % still rely primarily on manual review for AI-generated code
• 29 % identify insecure coding patterns as the leading risk introduced by AI assistants
• 15 % cite misalignment with internal security policies as a major concern
Conducted among IT security leaders across the UK and US, the research found that AI coding assistants are now deeply embedded across enterprise development teams, with 67 % of organisations reporting widespread adoption. Yet despite rapid uptake, many organisations still lack the governance structures needed to secure AI-generated code effectively.
The findings point to a disconnect between engineering velocity and security oversight. While AI coding tools are accelerating software delivery, organisations continue to rely heavily on manual review processes that were not designed for machinespeed development.
The report also found that larger enterprises face greater operational challenges as AI adoption scales. Organisations with more than 500 employees were significantly more likely to report concerns around enforcement consistency, developer overreliance and governance complexity across distributed development environments.
Roey Eliyahu, CEO and Co-Founder, Salt Security, said:“ AI coding assistants are fundamentally changing how software is built, but governance has not kept pace. Most organisations recognise the risks, but many are still trying to manage AI-generated code using security processes designed for a pre-AI world. That approach does not scale.
AI coding assistants are fundamentally changing how software is built, but governance has not kept pace.
Security leaders need visibility, consistency and embedded governance across the AIassisted development lifecycle before code volumes become unmanageable.”
The research warns that manual review alone cannot scale effectively as AI-generated code volumes increase. Reviewer fatigue, inconsistent enforcement and gaps between policy and practice are creating conditions for what Salt Security describes as‘ security drift’ across development environments.
The report outlines five priorities for organisations looking to strengthen governance around AI-assisted development, including improving visibility into AIgenerated code, reducing dependence on manual review, standardising secure development practices and treating AI coding assistants as part of the software supply chain.
The full report, AI Coding Assistants and the New Security Challenge, is available now from Salt Security.
30 WWW. INTELLIGENTCISO. COM