SAN JOSE, Calif., Jan 28, 2026, 09:27 PST
- Zscaler reveals that red-team testing found critical vulnerabilities in every enterprise AI system examined, with the median time to first failure hitting only 16 minutes
- The company forecasts 989.3 billion AI and machine-learning transactions in 2025, a 91% increase over 2024
- Zscaler rolled out an AI Security Suite as businesses increasingly integrate chatbots and “agentic” tools into their workflows
On Tuesday, cloud security firm Zscaler dropped its latest ThreatLabz report, revealing that most enterprise AI systems are vulnerable to breaches in just 16 minutes on average. The report also highlights a projected 91% surge in AI and machine-learning activity on Zscaler’s platform by 2025. “AI” is now “a primary vector for autonomous, machine-speed attacks,” said Deepen Desai, Zscaler’s EVP for cybersecurity. 1
The report comes as businesses increasingly feed sensitive information into chatbots, writing assistants, and code generators—often lacking a clear map of which models are in use and where. This blind spot matters because “agentic” AI—systems that operate with little human supervision—can both advance and falter at a rapid pace.
Zscaler researchers ran red-team exercises—simulated cyberattacks—in 25 corporate networks and found AI systems crashed after a median of just 16 minutes. Within 90 minutes, 90% of those systems had already failed. The report also notes that existing corporate security policies stopped roughly 40% of AI transaction attempts. 2
The report flagged problems like biased or off-target answers, privacy leaks, and failures to verify URLs. Zscaler’s first test revealed a critical vulnerability in 72% of instances.
Zscaler revealed it processed 989.3 billion AI/ML transactions on its Zero Trust Exchange in 2025, sourced from around 9,000 organizations. The count of applications involved surged four times, topping 3,400. The U.S. accounted for roughly 38% of this traffic, with India at 14% and Canada trailing at 5%.
Finance and insurance made up 23% of AI traffic for the third consecutive year, Zscaler revealed. Manufacturing followed closely at 20%. Meanwhile, technology and education saw the biggest jumps, with transactions soaring 202% and 184% year-over-year, respectively, the company said.
Data flowing into AI platforms surged dramatically. Zscaler saw transfers to AI/ML applications climb 93%, reaching 18,033 terabytes. On top of that, it recorded 410 million data-loss-prevention (DLP) violations tied to ChatGPT, including efforts to share source code and medical records. These DLP tools flag sensitive data and block it from exiting an organization.
The report states that ChatGPT processed 115 billion enterprise transactions in 2025, while the coding assistant Codeium followed with 42 billion. Zscaler also pointed to “embedded AI” in SaaS products as a blind spot, specifically naming Atlassian as a key player in that embedded usage.
On Tuesday, Zscaler rolled out its AI Security Suite, designed to help companies keep tabs on AI apps and models, control access, and track prompts and data flows using a “zero trust” approach that treats every user and device as potentially risky. “Traditional security approaches were not designed to secure AI,” CEO Jay Chaudhry said. Zeus Kerravala, principal analyst at ZK Research, pointed out that “AI traffic doesn’t behave like traditional web traffic” and warned many organizations are operating “flying blind” without proper visibility. 3
Zscaler competes directly with Palo Alto Networks, Cisco, and Cloudflare in cloud security and secure-access solutions tailored for large enterprises. The company revealed plans to build AI controls aligned with the U.S. NIST AI Risk Management Framework and the EU AI Act. Additionally, it’s pushing forward with integrations involving OpenAI, Anthropic, AWS, Microsoft, and Google services.
That said, Zscaler’s data is drawn from traffic on its own platform and tests in a limited number of corporate environments; results could differ in other contexts. The company also cautioned that improvements depend on seamless integration and how effectively customers adopt the new features.
Zscaler’s shares dipped about 1%, changing hands at $217.30 during the morning session.
Zscaler urged organizations to keep testing their AI systems regularly and maintain strict governance controls, highlighting that AI platforms are now critical for handling corporate data.
