Apiiro report finds AI code assistants increase developer speed but heighten security risk

A new report out today from application security posture management company Apiiro Ltd. looks at the impact of artificial intelligence code assistants in a Fortune 20 enterprise and highlights a widening gap between development velocity and security risk.

The study tracked more than 7,000 developers across 62,000 repositories, where GitHub Copilot adoption has significantly changed coding patterns.

The findings in the report include that developers using AI tools on average generate three to four times more commits on average, but the contributions were consolidated into fewer, larger pull requests, or proposed code changes. The increased throughput was found to accelerate delivery but also add complexity for application security teams — since traditional review processes are now insufficient to keep up with the scale and intricacy of AI-assisted code.

The report details a tenfold increase in security findings among Copilot users, peaking in mid-2025. Two primary factors were found to be driving the surge: open-source dependencies and secure coding issues.

AI-assisted developers were found to be more prone to design-level flaws versus conventional developers, who were more likely to introduce logic mistakes. The architectural weaknesses are more costly to remediate and harder to catch later on, creating a structural challenge for organizations trying to balance speed with security.

Secrets exposure was also found to diverge between developers. Developers working with Copilot leaked higher volumes of cloud credentials, while non-Copilot users were more likely to expose generic application programming interface tokens. The key takeaway is that AI assistance may inadvertently amplify risks related to cloud identity and credential management.

The report also details how average pull request sizes and commit volumes have sharply increased as AI coding assistance has been adopted. AI-assisted developers were found to produce more code but open fewer pull requests. Larger, more complex code submissions are noted as elevating the risk of shallow reviews and missed vulnerabilities.

Apiiro’s researchers warn that though AI code assistants can drive dramatic improvements in developer productivity, they also introduce new categories of risk that organizations must address.

The researchers argue that the introduction of design-level flaws, secret leakage and expanded review complexity point to a need for modernized security practices. Without updated approaches to code review and risk management, enterprises may find themselves trading long-term resilience for short-term velocity.

Image: SiliconANGLE/Reve

Enjoy the perfect blend of retro charm and modern convenience with the Udreamer Vinyl Record Player. With 9,041 ratings, a 4.3/5-star average, and 400+ units sold in the past month, this player is a fan favorite, available now for just $39.99.

The record player features built-in stereo speakers that deliver retro-style sound while also offering modern functionality. Pair it with your phone via Bluetooth to wirelessly listen to your favorite tracks. Udreamer also provides 24-hour one-on-one service for customer support, ensuring your satisfaction.

Don’t miss out—get yours today for only $39.99 at Amazon!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!