AI Coding Assistants Have Won. The Security Battle Is Just Beginning.

Among Salt's respondents, 29% pointed to insecure coding patterns as the top risk, while 15% said the primary concern was misalignment with internal security policies . Both fears stem from the same root cause: AI coding assistants are trained on public code, not on any individual organization's security policies, industry frameworks, or compliance requirements .

Security Drift: When No One Notices What's Shipping

The report introduces "security drift" as the mechanism that turns the adoption paradox into real exposure. The idea is straightforward. An organization writes its security rules in wikis, PDFs, and tribal knowledge that the AI assistant has never read. The assistant generates code that is syntactically correct and functionally useful, but which silently violates those internal policies. No one catches it because the review processes can't keep up .

That brings Salt to one of its most actionable — and alarming — findings about governance. 38% of organizations still rely primarily on manual code review to handle the output of AI coding assistants. The volume of AI-generated code has already outpaced what human reviewers can meaningfully inspect, and Salt's projection for 2027 suggests that gap will only widen . Only a small minority of organizations have integrated automated security guardrails into their AI coding workflows .

Roey Eliyahu, Salt Security's CEO, summarized the situation bluntly: governance has failed to keep pace with how AI coding assistants have changed software development . Traditional static and dynamic analysis tools (SAST/DAST) catch problems late in the pipeline, when every fix becomes a rewrite and every rewrite is a delay .

The METR Perception Gap: Slower but Feeling Faster

Security governance isn't the only area where perception and reality have diverged. Salt's report highlights a finding from an outside study that has become a reference point in developer-tooling debates: the METR randomized controlled trial published in July 2025 .

The study put 16 experienced open-source developers through 246 real-world tasks on their own mature repositories — codebases averaging over a million lines and tens of thousands of GitHub stars. Participants were randomly assigned to either use AI tools (primarily Cursor Pro with Claude 3.5/3.7 Sonnet) or work without them .

The headline result has been cited so often it risks becoming background noise, but the numbers remain striking. Developers using AI completed tasks 19% slower than those who worked without any AI assistance. Before the trial, those same developers predicted AI would make them 24% faster. After completing their tasks, they estimated the tools had made them roughly 20% faster — even though objective measurement showed they were slower. The gap between felt and actual productivity exceeded 39 percentage points .

METR's finding does not mean AI tools are useless — context matters heavily. Gains have been observed in onboarding scenarios, routine boilerplate generation, and tasks where developers are less familiar with the codebase. But for experienced engineers working on complex, codebase-dependent tasks, the evidence suggests the tools can introduce friction that developers do not consciously register .

Salt Code: Enforcing Rules at the Prompt, Not the Pipeline

Salt timed its research release alongside a product launch designed to address the very governance gap the report identifies. On June 1, 2026, the company introduced Salt Code, a new component of its broader Agentic Security Platform .

Salt Code's approach is to stop security drift before it starts. Rather than scanning AI-generated code after the fact, it enforces an organization's internal security and compliance rules directly inside the AI coding assistant at the moment of code generation. The product works across the major tools enterprises are standardizing on: Claude Code, Cursor, GitHub Copilot, Windsurf, Codex, and Gemini CLI .

The aim is to make policy-compliant code the default output, not something that requires downstream scanning and rewriting. For security teams, it provides a single policy layer across code creation, pipeline checks, and runtime monitoring — a shift from catching errors to preventing them .

Whether Salt Code or similar tools will close the governance gap at the speed that AI adoption demands remains an open question. But the direction of travel is clear. If the projection holds — that AI will write more than half of all enterprise code within eighteen months — then security policy must move from a review stage to a default setting. The alternative, as Salt's report warns, is security drift at an industrial scale.