BOSTON, Massachusetts – October 1, 2025 – A new survey from Legit Security, a global leader in AI-native application security posture management (ASPM), reveals that almost half of consumers express real concern about AI building their application software and the vulnerabilities that may be present in AI-generated code.
In the survey of 1,000 U.S. consumers, commissioned by Legit Security and conducted by Dynata, 1 in 4 respondents said they would lose trust in their favorite application if they learned it used AI-written code. More than a quarter (26%) of consumers would try to completely avoid all apps built using AI-generated code if they learned it caused a vulnerability in the app they use, while 33% would use more caution when downloading applications.
Released today at the start of National Cybersecurity Awareness Month, the findings underscore the need for transparency and responsibility as AI use accelerates in the software development lifecycle.
“AI itself isn’t a dirty word to consumers. The real issue is whether companies use it responsibly,” says Roni Fuchs, co-founder and CEO at Legit. “Most people don’t reject apps just because they leverage AI-generated code. Many of them understand it's inevitable. The real breaking point comes when AI introduces a vulnerability. At that moment, trust erodes fast, and potentially permanently. As AI adoption accelerates across the software development lifecycle, the mandate is clear: companies must make preventing, detecting, and remediating vulnerabilities in AI-generated code a non-negotiable priority. Anything less risks losing your users' trust.”
Security vulnerabilities (34%), unpredictable app behavior (23%) and data training (21%) are consumers’ top concerns about AI-written code, while official app stores (53%), privacy policies (46%) and well-known brands (45%) are most likely to influence consumer belief that an application is secure.
“There is urgency for engineering teams to ensure that AI-generated code can be safe, secure, and trustworthy,” says Liav Caspi, co-founder and CTO at Legit. “Cybersecurity Awareness Month has traditionally emphasized consumer best practices, but these findings highlight that developer practices matter a lot, too. Users are right to be concerned about how AI is being leveraged in the applications they use daily, and while they will keep downloading apps with AI, visible signals of security and accountability are needed to create this trust.”
The report also revealed generational differences in risk tolerance for AI apps. Over 40% of “Boomers” fear AI vulnerabilities and are two times more likely to lose trust when AI is disclosed. Younger consumers, by contrast, show greater resilience. They are less likely to walk away, and AI even increases trust in an application for 34% of Gen Z consumers.
To explore the survey in detail, including additional key findings and analysis, read our blog post.
For more information about how Legit Security helps organizations secure AI-generated code and strengthen application security, visit www.legitsecurity.com.
About Legit Security
The Legit Security ASPM platform is a new way to manage application security in a world of AI-first development, providing a cleaner way to manage and scale AppSec and address risks. Fast to implement, easy to use, and AI-native, Legit has an unmatched ability to discover and visualize the entire software factory attack surface, including a prioritized view of AppSec data from siloed scanning tools. As a result, organizations have the visibility, context, and automation they need to quickly find, fix, and prevent the application risk that matters most. Spend less time chasing low-risk findings, more time innovating.
Media Contact for Legit Security:
PANBlast for Legit Security