Employees race to build custom AI apps despite security risks

The latest Netskope findings show a 50% increase in GenAI platform usage among enterprise end-users, driven by growing employee demand for tools to develop custom AI applications and agents.

Top LLM interfaces by percentage in organizations (source: Netskope)

Despite an ongoing shift toward safe enablement of SaaS GenAI apps and AI agents, the growth of shadow AI, unsanctioned AI applications in use by employees, continues to compound potential security risks, with over 50% of all current app adoption estimated to be shadow AI.

The rise of GenAI platforms

GenAI platforms, which are foundational infrastructure tools that enable organizations to build custom AI apps and AI agents, represent the fastest growing category of shadow AI given their simplicity and flexibility for users.

GenAI platforms expedite direct connection of enterprise data stores to AI applications with the popularity in usage creating new enterprise data security risks that place added importance on data loss prevention (DLP) and continuous monitoring and awareness. Network traffic tied to GenAI platform usage also increased 73% over the prior three month period. In May, 41% of organizations were already using at least one GenAI platform. Approximately 29% of organizations are utilizing Microsoft Azure OpenAI, followed by Amazon Bedrock (22%), and Google Vertex AI (7.2%) respectively.

“The rapid growth of shadow AI places the onus on organizations to identify who is creating new AI apps and AI agents using GenAI platforms and where they are building and deploying them,” said Ray Canzanese, Director of Netskope Threat Labs. “Security teams don’t want to hamper employee end users’ innovation aspirations, but AI usage is only going to increase. To safeguard this innovation, organizations need to overhaul their AI app controls and evolve their DLP policies to incorporate real-time user coaching elements.”

Growing deployment of on-premises generative AI

From deploying GenAI locally through on-premises GPU sources, to developing on-premises tools that interact with SaaS GenAI applications or GenAI platforms, organizations are evaluating many options to innovate quickly using AI, and, increasingly, they are turning to LLM interfaces.

However, on-premises deployment also means the organization is solely responsible for the security of its GenAI infrastructure.

34% of organizations are using LLM interfaces, with Ollama the current adoption leader, and others such as LM Studio and Ramalama just scratching the surface.

Meanwhile, employee end-users are experimenting with AI tools and visit AI marketplaces. For example, users are downloading resources from Hugging Face at 67% of organizations.

The promise of AI agents is driving this behavior as the data shows there is now a critical mass of users across organizations building AI agents and leveraging agentic AI features of SaaS solutions. GitHub Copilot is now used in 39% of organizations and 5.5% have users running agents generated from popular AI agent frameworks on-premises.

Furthermore, on-premises agents are retrieving more data from SaaS services and are doing so by accessing more API endpoints other than browsers. 66% of organizations have users making API calls to api.openai.com and 13% to api.anthropic.com.

Continuing SaaS GenAI app growth

Netskope is now tracking more than 1,550 distinct GenAI SaaS applications, up from just 317 in February, indicating the pace at which new apps are being released and adopted throughout the enterprise.

Organizations are now using approximately 15 GenAI apps, up from 13 in February. Additionally, the amount of data uploaded to GenAI apps each month has increased from 7.7 GB to 8.2 GB quarter over quarter.

Enterprise users are beginning to consolidate around purpose-built tooling, such as Gemini and Copilot, as more security teams work to safely enable these applications and solutions across their business as these chatbots are now better integrated into their productivity suites.

ChatGPT saw its first decrease in enterprise popularity since Netskope started tracking the popular GenAI app in 2023.

Of the top 10 most popular GenAI apps per organization, ChatGPT was the only one to see a decrease since February, while other popular apps, including Anthropic Claude, Perplexity AI, Grammarly, and Gamma, all saw enterprise adoption gains.

Additionally, Grok’s gain in popularity has seen it enter the top 10 most-used applications for the first time. While it does remain in the top 10 most-blocked apps list, its blockage rates have been trending downward as more organizations evaluate and opt into granular controls and monitoring.