AI Generated Code Serves Up Serious Security Risks

Software developers are using AI generated code at an amazing pace.

But, security firm Apiiro and Gartner Research warn there is a security trade off in this practice.

Last year, more than 80 percent of developers said their were using AI for writing code and one assumes this number only increased.

But there is a problem. Every line of code that an AI produces should be reviewed and, from the graph below, there is a bit of a gap.

Apiiro says, based on their code testing, that due to the gap above, they detected a 300% surge in repositories containing PII and payment data, a 1000 percent increase in APIs missing authorization and input validation and a growing number of exposed sensitive API endpoints.

Other that that, Mrs. Lincoln, how was the play?

Here is just one chart from Apiiro’s analysis:

You can find more charts at the link.

But as you can see, even with AI, you cannot replace code review and if you do, you are likely to experience what Apiiro is seeing across multiple industries.

If you need assistance, please contact us.

Credit: Cybernews