How bad is AI at writing secure code? Only as bad as the humans whose code was used to train it, said OX Security VP of Research Eyal Paz and Security Researcher Nir Zadok in an RSAC 2026 track session Wednesday.Paz and Zadok presented findings from both their own experiments with AI coding assistants and from real-world examples of human-created and AI-generated code from the open-source ecosyste...
AI models' code production shows similar vulnerabilities as those seen in code written by less experienced developers. This raises concerns about the speed and volume at which amateurish, insecure code can be produced and deployed without proper vetting. While AI doesn't create more vulnerabilities than humans, it produces more code in general. To mitigate risks, organizations are advised to adopt AI coding gradually, incorporate highly specific security guidelines in prompts, and use AI respons...