AI adoption continues to surge across cloud environments, driving innovation but also introducing new security challenges. In our second annual State of AI in the Cloud report, the Wiz Research team analyzed aggregated data from over 150,000 cloud accounts to explore the evolving AI landscape. This year’s findings highlight the rapid growth of self-hosted AI models, the rise of DeepSeek, and the persistent need for stronger security measures. Here’s what you need to know:
Organizations continue to embrace AI in their cloud environments, with 74% now using managed AI services—up from 70% last year – and 85% hosting some sort of AI tech. However, the real shift is happening in self-hosted AI models, where adoption has skyrocketed from 42% to 75% over the past year. That surge is driven in large part by third-party models, a fact that also carries risk implications. Companies are increasingly looking to customize AI implementations while maintaining control over their data and infrastructure.
One of the most striking developments in this year’s report is the meteoric rise of DeepSeek. Adoption of its models tripled in under two weeks following the release of DeepSeek-R1, with 7% of organizations now using its self-hosted AI models. DeepSeek’s rapid ascent highlights the industry’s appetite for cost-effective, innovative AI solutions. However, a major security incident discovered by Wiz—where an exposed DeepSeek database leaked sensitive information—serves as a stark reminder that security must evolve alongside innovation. Additionally, use of the Chinese company’s products has been banned in several countries and organizations due to national security concerns.
OpenAI remains the most widely used AI provider, with 63% of cloud environments leveraging OpenAI or Azure OpenAI SDKs, up from 53% last year. However, open-source AI continues to play a pivotal role, with 8 of the 10 most popular hosted AI technologies linked to open-source projects. The blend of open- and closed-source AI tools reflects a growing trend toward flexibility and vendor diversity in AI deployments.
As AI adoption accelerates, security challenges continue to mount. Over the past year, the Wiz Research team has uncovered multiple high-risk vulnerabilities, including:
-
DeepLeak – An exposed DeepSeek database leaking sensitive chat history and log streams.
-
CVE-2024-0132 – A critical NVIDIA AI vulnerability affecting over 35% of cloud environments.
-
SAPwned – A flaw in SAP AI Core that could allow attackers to take over services and access customer data.
-
Probllama – A remote code execution vulnerability in the open-source AI infrastructure project Ollama.
-
AI PaaS vulnerabilities – Flaws in services provided by Hugging Face, Replicate, and SAP could have allowed attackers to access customer data.
AI is revolutionary technology, but its widespread adoption raises necessary questions about governance, security, and risk. The DeepSeek data exposure incident underscores the urgency of strengthening AI security, starting with visibility into AI deployments to manage risks like Shadow AI, and establishing controls to prevent data exposure and unauthorized use.
Wiz’s AI Security Posture Management (AI-SPM) solution helps teams gain full visibility into AI adoption, mitigate risks, and enable secure innovation. As AI continues to reshape the cloud landscape, proactive security measures will be critical to harnessing its full potential safely.
Want to dive deeper? Read the full State of AI in the Cloud 2025 report to explore the data and insights shaping the future of AI security.