- What: Red Access's Shadow Builders investigation found 2,000+ corporate apps built with AI vibe-coding platforms (Bolt, Lovable, etc.) sitting on the open internet with sensitive data and no access controls.
- Impact: 380,000 public vibe-coded assets scanned; ~5,000 looked corporate; 2,000+ exposed real CRM, ERP, or BI data — zero exploitation required, just a URL.
- Fix / mitigation: Audit OAuth grants in your IdP for unknown vibe-coding platform connections, survey employees for deployed apps (frame as inventory), scan public subdomains, and establish interim deployment policy while building session-layer controls.
- Who's at risk: Any enterprise where non-developers have access to AI app-building platforms — every major industry and six continents represented in the dataset, including organizations with mature security programs passing audits.
Red Access's Shadow Builders investigation has documented a fundamental shift in enterprise risk: over 2,000 corporate applications built using AI-powered development platforms are sitting on the open internet with sensitive data and no access controls. These aren't proof-of-concept demos. They're production applications connected to CRMs, ERPs, and BI platforms, deployed by employees solving real business problems—and completely invisible to security teams.
The investigation identified more than 380,000 publicly accessible web assets across leading vibe-coding platforms. Roughly 5,000 appeared corporate. Of those, 2,000+ contained sensitive corporate, operational, or personal data. Many granted admin access by default to anyone with the URL. The exposures span six continents and every major industry. Organizations with mature security programs, passing audits, had live exposures during the research period.
Shadow AI Has Evolved Beyond Prompts
Shadow AI used to mean employees pasting sensitive information into ChatGPT. That risk is manageable—DLP can flag it, policies can address it, and the exposure surface is bounded. The new category is fundamentally different. Vibe coding platforms enable non-developers to build functional applications in hours. A marketing manager creates a campaign tracker and connects it to the corporate BI tool. A finance team builds a board-prep dashboard pulling live invoice data. An operations manager deploys a vendor intake form wired into the ticketing system.
These aren't isolated use cases. The artifact has moved from a prompt to a product. The applications connect directly to sanctioned production systems through OAuth integrations and API calls. They handle real corporate data. And they're frequently published to the open internet with whatever access controls the builder configured—often none. The people building these applications aren't malicious actors. They're competent employees solving problems faster than traditional development cycles allow, doing exactly what the platforms were designed to enable.
Shadow IT meant unsanctioned SaaS vendors with at least some governance surface. Shadow Builders invert that model: custom applications, custom data loads, direct integrations to production systems, and public deployment. The platform underneath may be audited. The application built on it isn't.
Why Your Security Stack Isn't Catching This
The immediate CISO response is to audit the stack. EDR deployed. DLP configured. CASB licensed. SSE and firewall in place. Some organizations have added enterprise browsers. Every tool is functioning as designed. The problem is architectural: this category sits in the gaps between security layers.
EDR sees browser processes, not what's happening inside them. To an endpoint agent, someone building an application on a vibe-coding platform generates the same telemetry signature as reading news. Even advanced EDR with deeper visibility only works on managed devices. Personal laptops, contractor machines, BYOD devices, and personal browser tabs remain invisible.
DLP monitors enumerated channels. It can flag a user pasting PII into a known AI chat interface. It cannot see a vibe-coded application connecting programmatically to a sanctioned BI tool via API, moving data cloud-to-cloud without touching the endpoint. The data transfer physically bypasses the inspection point.
CASB was architected for Shadow IT—detecting unsanctioned SaaS vendors with discoverable identities. It struggles to distinguish an unbounded population of custom applications hosted on a platform's subdomains from the platform itself. The entire population typically registers as a single approved SaaS vendor. Firewall and SSE see traffic to the platform's domain but lack application-level business context. Most SASE/SSE deployments remain partial, leaving unmanaged devices outside visibility.
None of these tools is failing. The category generates signal fragments across multiple security layers that never assemble into a governable picture. Traditional tools weren't designed to see applications as business objects created in real-time by non-developers.
The Visibility Gap Lives at the Session Layer
End-to-end, vibe coding is a web session event. The build happens in a browser. The OAuth grant connecting the new application to enterprise systems occurs in the browser. Data moves through the session. The deployment action—publishing the application to a public URL—is a click in the same browser tab. Every step of the build-to-deploy path happens at the session layer, not adjacent to it.
Controls positioned at the session layer see the complete build path: the platform used, corporate systems connected and through what mechanism, data movement in and out, and the publish event putting the application on the open internet. Critically, this visibility is attributable to specific users and application instances regardless of browser choice, network path, or device ownership. Corporate laptop or contractor's personal machine—the session layer sees both.
Immediate Actions for Security Teams
Four steps you can take this week. None requires new technology purchases.
First: start with discovery. Ask employees directly what they've built. Most Shadow Builders are doing valuable work and aren't hiding anything—framing matters. Issue a workforce-wide prompt: 'If you've built a tool using an AI development platform, please tell us about it. We're not auditing, we're inventorying.' Make it safe to come forward. You need to understand what exists before you can secure it.
- Survey employees about AI-built applications they've deployed—frame it as inventory, not audit
- Review OAuth grants in your identity provider for unexpected vibe-coding platform connections
- Audit public-facing subdomains and URLs associated with known AI development platforms
- Establish interim policy on vibe-coded application deployment while building permanent controls
Second: audit OAuth grants in your identity provider. Vibe-coded applications connecting to corporate systems leave authorization artifacts. Review what non-engineering users have granted access to platforms you don't recognize. Third: scan for public-facing assets. Check subdomains and URLs associated with major vibe-coding platforms for anything that looks corporate. Fourth: establish interim policy. You can't retroactively prevent what's already deployed, but you can set expectations for what happens next.
The Strategic Problem
This isn't a temporary problem that resolves as security teams catch up. Vibe coding represents a permanent acceleration in how organizations build software. The traditional model—requirements gathering, sprint planning, development, testing, security review, deployment—compressed from months to hours. That compression isn't going away. The platforms will improve. More employees will use them. The applications will become more sophisticated.
The strategic challenge is building security architecture that operates at the same velocity as AI-enabled development. Legacy approaches assumed centralized development, known deployment paths, and managed infrastructure. Shadow Builders operate in an inverted model: distributed creation, ad-hoc deployment, and hybrid infrastructure spanning managed and unmanaged environments.
Organizations that solve this will gain competitive advantage. The employees building these applications are solving real problems. The correct response isn't prohibition—it's enabling the behavior safely. That requires visibility at the session layer where the entire build-to-deploy lifecycle lives, governance models that work at AI velocity, and architectural thinking beyond the traditional security stack.
Bottom Line
The 2,000 exposed applications in the Shadow Builders report represent a category-level visibility gap, not isolated incidents. Traditional security architecture—EDR, DLP, CASB, SSE—was designed for a world where applications were built by engineering teams through known processes and deployed on managed infrastructure. Vibe coding inverts every assumption. Applications are built by non-developers in hours, deployed to public URLs with a click, and connected directly to production systems through OAuth flows that happen entirely within browser sessions.
Your security stack isn't broken. The problem space has expanded beyond what those tools were architected to see. Session-layer visibility, governance at AI velocity, and architectural adaptation are now table stakes. The organizations that move first will enable their employees to build safely. The ones that wait will keep discovering exposures after they're already exploited.
Questions about your exposure?
RedEye Security provides assessments for organizations that need to understand their real risk.
Talk to us