When AI Writes Code, Who Fixes the Flaws?

Veracode's Chris Wysopal on AI's Coding Secret: 45% of Code Has Vulnerabilities Michael Novinson (MichaelNovinson) • November 17, 2025

The promise of generative artificial intelligence in code development comes with an overlooked problem: These tools haven't improved at writing secure code.

See Also: Agentic AI and the Future of Automated Threats

"About 45% of the time, when you ask it [AI] to generate code for you, it puts a vulnerability in that code," said Chris Wysopal, chief security evangelist at Veracode. "The big downside to this is, who's going to fix that? You need to test faster to find it, but then you also need to fix at the speed that's being generated."

The root cause lies in the training data, Wysopal said. Large language models learn from open-source code repositories that contain both good and bad code - from well-managed enterprise projects to hobbyist and student ...