Netskope Threat Labs: Shadow AI Risks Proliferate as GenAI Platforms and AI Agents See Rapid Adoption

Latest research indicates increased adoption of on-premises genAI and AI agents is magnifying security challenges despite enterprises safely enabling SaaS genAI apps on a broader scale. SANTA CLARA, Calif., Aug. 4, 2025 /PRNewswire/ – Netskope, a leader in modern security and networking, today released new research showing a 50% spike in genAI platform usage among enterprise end-users in the three months ended May 2025. Despite an ongoing shift toward safe enablement of SaaS genAI apps and AI agents, the growth of shadow AI—unsanctioned AI applications in use by employees—continues to compound potential security risks, with over half of all current app adoption estimated to be shadow AI. The new data was published within the company's latest Netskope Threat Labs Cloud and Threat Report. It examines the ongoing employee shift to genAI platforms, whether delivered from the cloud or on-premises, amid expansive interest to develop AI apps and autonomous agents, creating a new set of cybersecurity challenges that enterprises must address.

The Rise of genAI Platforms

GenAI platforms, foundational infrastructure tools enabling organizations to build custom AI apps and AI agents, represent the fastest growing category of shadow AI due to their simplicity and flexibility. In the three months ended May 2025, users of these platforms increased by 50%. GenAI platforms expedite direct connection of enterprise data stores to AI applications, creating new enterprise data security risks that emphasize the importance of data loss prevention (DLP) and continuous monitoring. Network traffic tied to genAI platform usage increased 73% over the prior three-month period. In May, 41% of organizations were already using at least one genAI platform. Approximately 29% of organizations utilize Microsoft Azure OpenAI, followed by Amazon Bedrock (22%) and Google Vertex AI (7.2%).

"The rapid growth of shadow AI places the onus on organizations to identify who is creating new AI apps and AI agents using genAI platforms and where they are building and deploying them," said Ray Canzanese, Director of Netskope Threat Labs. "Security teams don't want to hamper employee end users' innovation aspirations, but AI usage is only going to increase. To safeguard this innovation, organizations need to overhaul their AI app controls and evolve their DLP policies to incorporate real-time user coaching elements."

The Many Facets of On-Premises AI Innovation

Organizations are innovating quickly by deploying genAI locally through on-premises GPU sources and developing on-premises tools that interact with SaaS genAI applications or platforms. Large Language Model (LLM) interfaces are increasingly popular:

• 34% of organizations use these interfaces, with Ollama leading adoption at 33%, while LM Studio (0.9%) and Ramalama (0.6%) are emerging.
• Employee end-users rapidly experiment with AI tools and marketplaces, with 67% of organizations downloading resources from Hugging Face.
• AI agents are gaining traction; GitHub Copilot is used in 39% of organizations, and 5.5% have users running agents generated from popular AI agent frameworks on-premises.
• On-premises agents increasingly retrieve data from SaaS services by accessing API endpoints beyond browsers. Two-thirds (66%) of organizations have users making API calls to api.openai.com, and 13% to api.anthropic.com.

The Continuation and Evolution of SaaS AI Use

Netskope tracks over 1,550 distinct genAI SaaS applications, up from 317 in February 2025, highlighting the rapid pace of new app releases and enterprise adoption. Organizations now use approximately 15 genAI apps, up from 13 earlier in the year. Monthly data uploads to genAI apps increased from 7.7 GB to 8.2 GB quarter over quarter.
• Enterprise users are consolidating around purpose-built tools like Gemini and Copilot, as security teams safely enable these apps integrated into productivity suites.
• General-purpose chatbot ChatGPT saw its first enterprise popularity decline since tracking began in 2023.
• Among the top 10 genAI apps, ChatGPT was the only one to decrease since February, while Anthropic Claude, Perplexity AI, Grammarly, and Gamma saw adoption gains.
• Grok entered the top 10 most-used apps for the first time, though it remains among the most-blocked apps. Blockage rates are trending downward as organizations adopt granular controls and monitoring.

Ensuring AI Governance and Usage Monitoring

CISOs and security leaders should take steps to ensure safe, responsible genAI adoption amid accelerated usage:
• Assess the genAI landscape: Identify which genAI tools are in use, who uses them, and how.
• Bolster genAI app controls: Enforce policies allowing only company-approved genAI apps, implement blocking mechanisms, and deploy real-time user coaching.
• Inventory local controls: Review local genAI infrastructure security frameworks such as the OWASP Top 10 for Large Language Model Applications to protect data, users, and networks.
• Continuous monitoring and awareness: Monitor genAI use continuously to detect shadow AI and stay updated on AI ethics, regulations, and adversarial threats.
• Assess emerging risks of agentic shadow AI: Identify leaders in agentic AI adoption and collaborate to develop actionable policies limiting shadow AI.
To learn more, view the Netskope Threat Labs Cloud and Threat Report: Shadow AI and Agentic AI here.

About Netskope

Netskope provides optimized access and real-time, context-based security for people, devices, and data anywhere. Trusted by thousands, including over 30 Fortune 100 companies, the Netskope One platform offers Zero Trust security and the NewEdge network to reduce risk and provide full visibility and control over cloud, AI, SaaS, web, and private applications—delivering security and performance without trade-offs. Learn more at netskope.com, on LinkedIn, and Instagram. Media Contact: press@netskope.com

---

Source: Netskope Threat Labs: Shadow AI Risks Proliferate as GenAI Platforms and AI Agents See Rapid Adoption on prnewswire.com

---

Frequently Asked Questions (FAQ)

Understanding Shadow AI and GenAI Adoption

Q: What is "Shadow AI"? A: Shadow AI refers to the use of unsanctioned AI applications by employees within an organization, often without the knowledge or approval of IT or security departments. Q: What is the significance of the rapid adoption of GenAI platforms and AI agents? A: The rapid adoption signifies a growing reliance on AI technologies for innovation and productivity. However, it also introduces significant security challenges, particularly when these tools are used without proper oversight, leading to the proliferation of Shadow AI. Q: What are the primary security risks associated with Shadow AI? A: Key risks include data loss, unauthorized access to sensitive information, compliance violations, and increased exposure to cyber threats due to the use of unvetted AI applications. Q: How does on-premises GenAI adoption contribute to security challenges? A: While on-premises solutions can offer more control, their rapid deployment and integration with existing data stores can create new vulnerabilities if not secured properly. This is compounded when these on-premises tools also interact with SaaS AI applications. Q: What are "AI Agents" in the context of this research? A: AI Agents are autonomous or semi-autonomous AI programs designed to perform specific tasks, often by interacting with various systems and data sources, including retrieving data via APIs.

GenAI Platforms and Data Security

Q: Why are GenAI platforms considered the fastest-growing category of shadow AI? A: Their simplicity, flexibility, and ability to quickly integrate enterprise data with AI applications make them attractive for rapid adoption, often bypassing traditional security review processes. Q: What specific data security risks do GenAI platforms introduce? A: GenAI platforms can increase risks related to data loss prevention (DLP) and necessitate continuous monitoring, as they directly connect enterprise data stores to AI applications, potentially exposing sensitive information. Q: Which GenAI platforms are seeing the highest adoption rates among enterprises? A: Microsoft Azure OpenAI, Amazon Bedrock, and Google Vertex AI are among the leading platforms being adopted by enterprises.

On-Premises AI and Agentic AI

Q: What are some popular on-premises LLM interfaces being used by organizations? A: Ollama is leading adoption, with LM Studio and Ramalama also emerging as popular choices for on-premises LLM interfaces. Q: Where are employees downloading AI resources from, according to the research? A: A significant majority of organizations (67%) have employees downloading resources from Hugging Face, indicating a trend towards utilizing shared AI model repositories. Q: How are on-premises AI agents accessing SaaS services? A: On-premises agents are increasingly accessing SaaS services by making API calls directly to service endpoints, bypassing traditional browser-based interactions. Examples include calls to api.openai.com and api.anthropic.com.

SaaS AI Usage Trends

Q: How has the number of tracked GenAI SaaS applications changed recently? A: The number of tracked GenAI SaaS applications has surged, increasing from 317 in February 2025 to over 1,550, reflecting the rapid pace of new releases and adoption. Q: Which general-purpose chatbot has seen a decline in enterprise popularity? A: ChatGPT has experienced its first enterprise popularity decline since tracking began in 2023. Q: Which GenAI applications have seen adoption gains? A: Anthropic Claude, Perplexity AI, Grammarly, and Gamma have all seen increases in enterprise adoption.

AI Governance and Security Best Practices

Q: What are the key recommendations for organizations to ensure safe GenAI adoption? A: Organizations should assess their GenAI landscape, bolster app controls with policies and user coaching, inventory local controls using frameworks like the OWASP Top 10 for LLMs, and engage in continuous monitoring and awareness. Q: What is the importance of real-time user coaching in GenAI security? A: Real-time user coaching can help guide employees to use approved AI tools safely and compliantly, mitigating risks associated with shadow AI. Q: What role do DLP policies play in managing GenAI risks? A: Evolving DLP policies to incorporate real-time coaching and specific controls for AI applications is crucial for safeguarding enterprise data as GenAI usage grows.

---

Crypto Market AI's Take

The proliferation of "Shadow AI" and the rapid adoption of GenAI platforms and AI agents, as highlighted by Netskope's research, present a dual-edged sword for the technology landscape. While these advancements promise increased productivity and innovation, they simultaneously introduce significant security and governance challenges, particularly concerning data handling and potential misuse. In the cryptocurrency space, the integration of AI agents and sophisticated LLMs is already transforming trading strategies, market analysis, and even the creation of decentralized applications. Our platform, Crypto Market AI, is built on the foundation of harnessing AI for these very purposes, aiming to provide secure, transparent, and intelligent solutions. We understand the critical need for robust security and compliance, especially when dealing with sensitive financial data. Therefore, our approach to AI integration focuses on empowering users with advanced tools for market intelligence and automated trading, while rigorously adhering to the highest security standards. Understanding and mitigating the risks associated with AI, akin to the challenges Netskope outlines, is paramount for building trust and ensuring the responsible growth of AI in finance. Our commitment lies in providing a platform where these powerful AI capabilities can be leveraged effectively and safely.

More to Read:

• AI Agents Capabilities, Risks, and Growing Role
• AI-Driven Crypto Scams Surge 456%, Experts Warn No One Is Safe
• Turbocharged Cyberattacks Are Coming Under Empowered AI Agents
• The Rise of AI Agents in Cryptocurrency Trading