AI code security
AI code security is the practice of controlling the risks of AI-generated code and prompts — vulnerabilities, license issues, data leakage, and prompt injection.
As agents write more code, security must cover new surfaces: vulnerabilities and hallucinated dependencies in generated code, sensitive data leaking into prompts, and prompt-injection attacks against agents that read external content and call tools.
The effective controls are mostly about making the safe path the easy path — automated, AI-aware scanning in CI, redaction of secrets and PII at the boundary, scoped tool permissions with audit logs, and private inference where data can’t leave the building.
Compliance plus AI tends to get budget in any environment, which makes this a durable area of investment.