99% of firms report attacks targeting AI apps, services; agentic-first platform urged, report shows

Nearly all organizations or 99% reported at least one attack on their artificial intelligence (AI) applications and services last year amid the rapid adoption of enterprise AI, according to the State of Cloud Security Report 2025. The report urges the adoption of an “agentic-first” solution to stay ahead of these escalating threats.

​The study is based on a survey of over 2,800 security executives and practitioners across 10 countries, conducted by Palo Alto Networks, a global AI and cybersecurity firm.

​”As organizations aggressively scale cloud investments to power AI initiatives, they are inadvertently opening the door to sophisticated new attack vectors,” said Elad Koren, vice president of product management for Cortex, Palo Alto Networks’ AI-driven platform for security operations.

“Our research confirms that traditional approaches to cloud security are inadequate, leaving security teams to fight machine-speed threats with fragmented tools and slow, manual fix cycles.”

​She explained that companies need more than just dashboards showing security risks they cannot resolve, urging a shift toward automated AI platforms that link software development to the central Security Operations Center (SOC) to outpace modern cyberattacks.

​A major finding in the report is that GenAI-assisted “vibe coding,” used by 99% of firms, creates security flaws faster than they can be checked. Meanwhile, of the 52% of teams that release code weekly, only 18% can fix security risks at that same speed.

​The report also noted that attackers are increasingly targeting foundational cloud layers like Application Programming Interfaces (APIs), which are tools that allow different software programs to communicate, to overwhelm security teams.

Driven by a heavy reliance on agentic AI, API attacks have jumped by 41%, turning them into a primary entry point for sophisticated threats.

​Identity remains a significant vulnerability, with 53% of firms struggling with weak identity controls, while 28% pointed to unrestricted network access between cloud workloads as a growing threat.

The report emphasized a growing imperative for the unification of cloud security and the SOC, which involves merging the tools and teams that protect cloud data with the central hub that monitors and responds to cyberattacks.

It showed that managing an average of 17 different security tools creates “blind spots” and fragmented data that slow down response times, with 30% of teams taking over a day to resolve a single incident.

But, the consensus now shows that 89% of organizations believe that fully integrating cloud security with the SOC is a strategic necessity to eliminate these gaps and operate at the speed required to stop AI-driven threats.

​To defend against these threats, the report suggests adopting a unified “agentic-first” platform that merges proactive risk reduction with automated response to protect the entire journey from code to cloud.—Edg Adrian A. Eva