VendorsDryRun Security
DryRun Security
Cybersecurity reports and statistics published by DryRun Security
8 categories1 reports
Research Reports
Reports and publications from DryRun Security
Recent Statistics & Reports
Of three leading coding agents evaluated (Claude, Codex, and Gemini), Codex finishes with the fewest vulnerabilities and demonstrates stronger remediation behavior during development.
5/27/2026•
Application SecurityVulnerability RemediationAI Development
26 of 30 pull requests (87%) introduce at least one vulnerability.
5/27/2026•
Application SecurityVulnerabilitiesAI Development
143 security issues are identified across 38 security scans.
5/27/2026•
Application SecuritySecurity ScanningVulnerabilities
No AI coding agent evaluated (Claude, Codex, and Gemini) produced a fully secure application.
5/27/2026•
Application SecurityAI DevelopmentCoding Agents
Four authentication-related weaknesses appeared in every final codebase: insecure JWT verification and management; lack of application-level brute force protections; exposure to token replay attacks; and insecure defaults for refresh token cookie configurations.
5/27/2026•
AuthenticationApplication SecurityCoding Agents
Anthropic's Claude produced the highest number of unresolved high-severity vulnerabilities in the final applications.
5/27/2026•
Application SecurityHigh-Severity VulnerabilitiesAI Development