A rapidly emerging cybersecurity risk is coming from an unexpected source: employees independently building full-scale applications using AI-powered “vibe coding” platforms and deploying them directly to the internet—often without IT or security oversight.
According to findings highlighted in The Shadow Builders research report, analysts identified more than 380,000 publicly accessible web assets created through leading AI application-building platforms. Among them, approximately 5,000 appeared to be enterprise-related applications, and over 2,000 exposed sensitive corporate, operational, or personal data without proper access controls.
Many of these applications were found to be openly accessible online, sometimes even granting administrative-level access by default, with no authentication required.
From “Shadow AI” to “Shadow Applications”
What began as employees using generative AI tools for productivity has evolved into something far more complex: the creation of fully functional business applications outside traditional development pipelines.
These “vibe-coded” apps allow non-developers to build working software simply by describing what they want. Tasks that once required engineering teams can now be completed in hours by business users.
Examples include:
- Marketing teams building campaign tracking dashboards linked to corporate analytics systems
- Operations teams creating vendor intake tools connected to ticketing platforms
- Finance teams generating board reporting dashboards pulling live ERP data
While these tools improve efficiency, they often integrate directly with core enterprise systems such as CRMs, ERPs, and business intelligence platforms—sometimes without proper authentication or governance.
Why Traditional Security Tools Are Missing the Risk
Despite mature cybersecurity investments across enterprises, including endpoint detection (EDR), data loss prevention (DLP), cloud access security brokers (CASB), and secure web gateways (SSE), these tools were not designed to monitor AI-generated applications built and deployed by end users.
Security analysts note several key gaps:
- Endpoint tools (EDR) only observe browser activity, not what users build within AI platforms. Unmanaged devices and personal laptops often remain invisible.
- DLP systems monitor data movement from endpoints but cannot track cloud-to-cloud transfers between AI apps and enterprise systems via APIs.
- CASB solutions struggle to distinguish individual custom-built apps from the broader AI platform they run on.
- Network security tools (firewalls/SSE) detect traffic but lack visibility into the application logic or data context.
As a result, these applications often operate in a blind spot between security layers, leaving organizations unaware of how data is being accessed or shared.
The Core Issue: Security Gaps Between Layers
Unlike traditional shadow IT—where unsanctioned SaaS tools still exist within identifiable vendor ecosystems—AI-built applications blur those boundaries.
These apps:
- Are custom-built by employees
- Connect directly to production systems
- Use APIs and OAuth integrations
- Can be publicly deployed with a single click
Most critically, they are often accessible via public URLs, meaning sensitive enterprise data can be exposed without any exploitation or hacking involved.
Why Current Architectures Fall Short
Security infrastructure is typically layered across devices, networks, and cloud services. However, AI-generated applications operate across all these layers simultaneously.
Each security system sees only fragments:
- A login event here
- A data transfer there
- A browser session in isolation
But none of them sees the full lifecycle of the application—from creation to deployment to data exposure.
This fragmentation prevents organizations from forming a complete, real-time understanding of risk.
Shifting Security Toward the Session Layer
Experts suggest that meaningful visibility must occur at the session level, where all activity related to AI application creation takes place.
Within a single browser session, users:
- Build the application
- Connect enterprise systems
- Transfer data
- Publish apps publicly
Capturing activity at this layer would allow organizations to see the full chain of events, including system integrations, data flows, and public deployment actions—regardless of device type or network location.
What Organizations Can Do Now
Security researchers recommend immediate, practical steps rather than new tool deployments:
1. Discover existing AI-built applications
Encourage employees to report tools they have created using AI platforms. Many of these applications are built with legitimate business intent.
2. Map system integrations
Identify which enterprise systems are connected to these applications and how data is being accessed or transferred.
3. Define approved usage policies
Establish clear guidelines on which AI development platforms are permitted and what types of corporate data can be used.
4. Monitor continuously
Treat AI-built applications as a continuously evolving ecosystem rather than a one-time audit issue.
A Growing Enterprise Security Challenge
As AI-driven development becomes more accessible, the number of unsanctioned applications is expected to grow rapidly. Organizations that fail to adapt their governance models risk expanding their exposure without realizing it.
The core challenge is no longer just preventing unauthorized software use—it is understanding and controlling software that employees can now build themselves in minutes.
