The rise of “builder culture” is reshaping how organizations adopt technology, but it is also introducing new security challenges.
As employees increasingly build automations, deploy AI tools, and integrate applications themselves, security teams are facing risks that many existing programs were not designed to address.
According to research from Vanta, builder roles are expanding rapidly across organizations.
Roles such as GTM engineer, marketing engineer, and legal engineer are becoming more common as businesses encourage employees to automate processes and develop custom solutions.
Within Vanta’s customer base of more than 16,000 organizations, builder roles grew 311% year-over-year, including a 1,329% increase in GTM engineer positions and an 850% increase in legal engineer roles.
“Our data shows that builder culture has moved the deploy button out of engineering and into every function,” said James Park, Senior Manager of Data Science at Vanta, in an email to eSecurityPlanet.
James explained, “Security programs weren’t designed for that world. The exposure compounds quietly: new tools, new workflows, and new models are spun up faster than any review process can catch. That’s why security has to run continuously, not in quarterly cycles.”
Key Takeaways from Vanta’s Findings
- Builder roles are growing rapidly across organizations, driving increased adoption of AI tools, automations, and custom workflows outside traditional engineering teams.
- Organizations with builder-focused roles adopt AI vendors 73% more frequently and use 42% more vendors than organizations without them.
- Security teams are seeing a rise in AI-related risks, with nearly half of AI security alerts involving suspicious or untrusted AI models running on virtual machines.
- Shadow AI, no-code platforms, workflow automations, and open-source AI models can introduce security risks that often bypass traditional vendor review processes.
- Security programs need to evolve by extending governance, vendor risk management, and security controls beyond engineering to support the growing builder workforce.
AI Adoption Is Accelerating
Organizations with builder-focused roles are adopting artificial intelligence tools at significantly higher rates than those without them.
Vanta found that builder organizations adopt AI vendors 73% more frequently, with OpenAI, Anthropic, and Cursor among the most widely used platforms.
The growth reflects a broader shift in how work is performed.
Employees are increasingly relying on AI tools and custom automations to streamline business workflows.
While these approaches can improve productivity and reduce development costs, they also create new security considerations that extend beyond conventional software development processes.
Security Teams Are Seeing New Forms of Risk
One of the most notable findings from Vanta’s research is the emergence of a new category of security alerts focused specifically on AI-related risks.
Twelve months ago, the company reported no AI security alerts across its customer base.
Today, hundreds of AI-related alerts are generated each month.
Nearly half of those alerts involve virtual machines running suspicious or untrusted AI models.
These incidents may result from technical teams experimenting with new models or non-technical employees deploying AI tools without fully understanding the associated security implications.
In either scenario, the findings suggest that broader access to infrastructure and AI technologies can increase organizational exposure if proper governance controls are not in place.
Vendor Risk Is Expanding Beyond Traditional Reviews
The increase in builder activity is also driving higher levels of vendor adoption.
Organizations with builder roles use 42% more vendors than organizations without them, according to Vanta’s data.
More than one-third of those vendors are classified as high or critical risk.
The challenge is compounded by the continued growth of Shadow IT and Shadow AI.
Previous Vanta research found that 70% of organizations have Shadow AI and that Shadow IT increased 36% year-over-year.
Because many of these tools are adopted outside formal procurement processes, they often bypass security reviews entirely.
Vanta estimates that 98% of Shadow IT vendors never undergo a security assessment.
The risk extends beyond vendors themselves.
No-code platforms, workflow automations, AI agents, and open-source models downloaded from repositories such as Hugging Face may never appear in traditional vendor management programs, creating additional blind spots for security teams.
Building Security for the Modern Workplace
As organizations continue to embrace builder culture, security programs must evolve alongside them.
Vanta recommends automating vendor reviews based on risk levels, creating approved AI tool registries, auditing OAuth permissions, and extending secure development practices beyond traditional engineering teams.
Additional recommendations include implementing lightweight security reviews for no-code applications and AI-powered workflows, integrating policy-as-code controls into development pipelines, and establishing governance frameworks that cover builder-created applications.
Builder culture is changing how organizations operate, and security teams will need to adapt accordingly.
As more employees gain the ability to deploy automations, AI tools, and custom workflows, organizations that align security processes with modern work practices will be better positioned to manage risk while supporting innovation.