99% of firms report attacks targeting AI applications, services; The agent-first platform is invoked, the report shows
Almost all organizations or 99% reported at least one attack on their artificial intelligence (AI) applications and services last year amid the rapid adoption of business AI, according to the State of Cloud Security Report 2025. The report encourages the adoption of a “first agent” solution to stay ahead of these growing threats.
The study is based on a survey of more than 2,800 security officers and employees in 10 countries, conducted by Palo Alto Networks, a global AI and cybersecurity firm.
“As organizations increase their cloud investments to power AI systems, they are opening up new opportunities for unwitting attacks,” said Elad Koren, vice president of product management for Cortex, an AI platform operated by Palo Alto Networks for security operations.
“Our research confirms that standard cloud protection methods are insufficient, leaving security teams to fight machine-speed threats with disparate tools and slow maintenance cycles.”
He explained that companies need more than just dashboards that show security risks they can’t solve, urging a shift to automated AI platforms that connect software development with a centralized Security Operations Center (SOC) to overcome modern cyber attacks.
A major finding in the report is that GenAI-assisted “vibe coding,” which is used by 99% of firms, is causing security flaws faster than they can be detected. Meanwhile, of the 52% of teams that release code every week, only 18% can fix security risks at that same speed.
The report also noted that attackers are increasingly targeting basic cloud layers such as Application Programming Interfaces (APIs), which are tools that allow different software programs to communicate, to confuse security teams.
Driven by heavy reliance on agent AI, API attacks jumped by 41 percent, making it the first entry point for sophisticated threats.
Identity remains a major risk, with 53% of firms struggling with weak identity controls, while 28% point to unfettered network access within cloud operations as a growing threat.
The report emphasized the growing need for cloud security integration and SOC, which involves combining the tools and teams that protect cloud data with a central hub that monitors and responds to cyber attacks.
It showed that managing an average of 17 different security tools creates “blind spots” and disparate data that slows response times, with 30% of teams taking a day to resolve a single incident.
But, the consensus now shows that 89% of organizations believe that fully integrating cloud security and SOC is a strategic imperative to close these gaps and act at the speed needed to stop AI-driven threats.
To protect against these threats, the report suggests using a unified “agent-first” platform that combines proactive risk mitigation and automated response to protect the entire journey from code to cloud.Edg Adrian A. Eva
