Almost 20% of developers let AI automatically save changes to the project's main code repository without human review.

One in five developers grant AI agents permission for unrestricted file deletion, risking recursive wiping of a project or system.

One in five developers grant AI code agents unrestricted access to perform high-risk actions without human oversight.

68% of organizations in North America and Europe at companies with at least 1,000 employees lack full visibility or governance over AI-generated code contributions (2026).

Code duplication increases from 10.5% to 13.5% when using AI coding assistants.

AI-assisted workflows achieve a 48–58% faster Time-to-Pull Request (PR) on average.

60% of organizations that perform automatic continuous monitoring report remediating critical software vulnerabilities within a day.

Only 24% of organizations have adopted comprehensive strategies to secure AI-generated code.

76% of organizations check AI code for security risks.

95% of surveyed organizations reported using AI tools in software development.

82% of the more than 10,000 Model Context Protocol (MCP) servers interact with sensitive APIs, creating additional vulnerabilities in 2025.

40% of the more than 10,000 Model Context Protocol (MCP) servers created in under a year had no license in 2025.

About 75% of the more than 10,000 Model Context Protocol (MCP) servers were built by individuals without enterprise-grade protections in 2025.

60% of organizations have experienced data breaches or theft in software development, AI, and analytics environments, an 11% increase from the previous year.

Only 36% of organizations involve security at the planning stage of software development.

Speed of software development outpacing security priorities was also a concern for 71%.