What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek
None
<p>As 2025 comes to a close, artificial intelligence (AI) is a clear throughline across enterprise organizations. Many teams are still in the thick of implementing AI or deciding where and how to use it. Keeping up with usage trends and developments on top of that has become increasingly difficult. AI innovation moves fast and LLMs permeate core workflows across research, communication, development, finance, and operations. Security teams are left chasing risks that shift as quickly as the technology.Zscaler ThreatLabz publishes annual research to help enterprises make sense of the fast-evolving AI foundation model landscape. The upcoming ThreatLabz 2026 AI Security Report will provide visibility into organizational AI usage, from the most-used LLMs and applications to regional and industry-specific patterns and risk mitigation strategies. What follows is a sneak peek into some of this year’s preliminary findings through November 2025. The full 2026 AI Security Report, including December 2025 data and deeper analysis, will be available next month. The data and categories shared in this preview reflect the current state of our research findings and are subject to be updated, added to, excluded, or recategorized in the final report.OpenAI dominates enterprise AI traffic in 2025Figure 1. Top LLM vendors by AI/ML transactions (January 2025–November 2025) OpenAI has held the top position among LLM vendors by an overwhelming margin to date in 2025, accounting for 113.6 billion AI/ML transactions, more than three times the transaction volume of its nearest competitor. GPT-5’s August release set a new performance bar across coding assistance, multimodal reasoning, and other capabilities that integrate into business functions. Just as importantly, OpenAI’s expanded Enterprise API portfolio (including stricter privacy controls and model-isolation options) has solidified OpenAI and GPT-powered capabilities as the “default engine” behind countless enterprise AI workflows. Everything from internal copilots to automated research agents now lean heavily on OpenAI’s stack, keeping it far ahead of the rest of the field.OpenAI’s dominance carries important implications for enterprise leaders, which will be explored in greater detail in the upcoming report:How vendor concentration impacts risk: The heavy reliance on OpenAI underscores growing vendor dependency within many organizations; transaction flow data shows that businesses may be relying on OpenAI even more than they realize.Hidden AI uses across workflows: Transaction categories reveal that LLM interaction is no longer limited to visible tools like ChatGPT. AI underpins everything from automated meeting summaries in productivity suites to behind-the-scenes copilots in common SaaS platforms.Codeium (Windsurf as of April 2025) emerged as the second-largest source of enterprise LLM traffic in 2025, with strong adoption of its proprietary coding-focused models. As enterprises increased their use of AI in software development, Codeium’s models are a go-to option for engineering teams, especially in secure development environments.Perplexity rose to the #3 position. Not only an AI-powered search assistant, Perplexity is also an LLM provider offering proprietary large language models that power its answer engine.Anthropic and Google currently round out the top five LLM vendors by transaction volume. Despite generating only a fraction of OpenAI’s activity, both LLMs played meaningful and differentiated roles in the 2025 enterprise AI landscape. Anthropic saw expanding adoption of its Claude 3 and 3.5 models over the past year, along with a July launch of Claude for Financial Services that further strengthened its position in compliance-heavy environments. Google also accelerated enterprise adoption through major enhancements to Gemini, including improved multimodal capabilities and security and access controls tailored for corporate deployments. It will be interesting to see how the adoption changes as we head into 2026.Engineering leads AI usage among core enterprise departmentsThreatLabz also mapped AI/ML traffic to a select set of common enterprise departments. Only applications with at least one million transactions and primarily associated with a specific department were included in the following analysis, and percentages reflect usage relative to these departments only, not total enterprise traffic.Distribution of AI usage across these core departments offers a directional view into enterprise AI adoption:Suggesting where AI has become operational, not just experimental.Indicating which business functions generate the highest volume of unique AI activity, signaling deeper integration into day-to-day operations.Highlighting potential areas of risk, as sensitive functions in R&D, engineering, legal, and finance increasingly depend on AI applications and LLM-driven workflows.Within this scoped view, Engineering accounts for 47.6% of transactions to date, making it the largest driver of enterprise AI activity among the departments analyzed by ThreatLabz. IT follows at 33.1%. Usage among these teams adds up quickly; everyday tasks like coding, testing, configuration, and system analysis lend themselves to repeated AI interactions. Engineering teams in particular integrate AI into daily build cycles, where even small efficiency gains compound quickly across releases. Marketing ranks third in AI usage among core enterprise departments, with Customer Support, HR, Legal, Sales, and Finance collectively accounting for the remaining share. Regardless of the variance, AI now clearly spans the entire enterprise, driving new efficiencies in workflows and productivity—even as it introduces new security requirements. High-volume applications demand the highest security attention2025 has been another year marked by the push-and-pull between rapid AI adoption and the need for more deliberate oversight. Accordingly, the rise in AI transactions has not translated neatly into unrestricted use. In many case, the applications responsible for the growth in LLM activity are also the ones triggering the most blocks by enterprises.This trend has played out across many categories of applications, including popular general AI tools like Grammarly and more specialized function-specific tools like GitHub Copilot. These are just two examples of applications appearing at the top of both transaction volume and block lists. Their proximity to sensitive content (whether business communications or proprietary source code) make them natural flashpoints for security controls.The upcoming ThreatLabz 2026 AI Security Report will feature further analysis on blocking trends.AI threats and vulnerabilities evolve alongside enterprise adoptionAs enterprises expand their use of GenAI applications and security teams block more AI traffic, the threat landscape is moving just as quickly. ThreatLabz continues to analyze how AI-driven threats are scaling alongside enterprise adoption. In addition to amplifying familiar techniques like social engineering and malvertising, attackers are beginning to operationalize agentic AI and autonomous attack workflows and exploit weaknesses in the AI model supply chain itself. The upcoming report will cover AI threats and risks in more detail, along with actionable guidance for enterprise leaders on how to effectively secure usage and stop AI-powered threats.Coming soon: ThreatLabz 2026 AI Security Report The findings shared here are just the start. The full ThreatLabz 2026 AI Security Report will be released in late January and offer comprehensive analysis of the enterprise AI landscape, including: AI data transfer trendsDLP violations and sensitive data exposureIndustry and regional adoption patternsBest practices for securing AIAI is now a fundamental aspect of how almost every business operates. ThreatLabz remains committed to helping enterprises innovate securely and stay ahead of emerging risks. Join us next month for the full report release and get the insights needed to secure your AI-driven future. </p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/12/whats-powering-enterprise-ai-in-2025-threatlabz-report-sneak-peek/" data-a2a-title="What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fwhats-powering-enterprise-ai-in-2025-threatlabz-report-sneak-peek%2F&linkname=What%E2%80%99s%20Powering%20Enterprise%20AI%20in%202025%3A%20ThreatLabz%20Report%20Sneak%20Peek" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fwhats-powering-enterprise-ai-in-2025-threatlabz-report-sneak-peek%2F&linkname=What%E2%80%99s%20Powering%20Enterprise%20AI%20in%202025%3A%20ThreatLabz%20Report%20Sneak%20Peek" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fwhats-powering-enterprise-ai-in-2025-threatlabz-report-sneak-peek%2F&linkname=What%E2%80%99s%20Powering%20Enterprise%20AI%20in%202025%3A%20ThreatLabz%20Report%20Sneak%20Peek" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fwhats-powering-enterprise-ai-in-2025-threatlabz-report-sneak-peek%2F&linkname=What%E2%80%99s%20Powering%20Enterprise%20AI%20in%202025%3A%20ThreatLabz%20Report%20Sneak%20Peek" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F12%2Fwhats-powering-enterprise-ai-in-2025-threatlabz-report-sneak-peek%2F&linkname=What%E2%80%99s%20Powering%20Enterprise%20AI%20in%202025%3A%20ThreatLabz%20Report%20Sneak%20Peek" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.zscaler.com/blogs/feeds/security-research">Security Research | Blog</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Deepak Shanker (Zscaler)">Deepak Shanker (Zscaler)</a>. Read the original post at: <a href="https://www.zscaler.com/blogs/security-research/whats-powering-enterprise-ai-2025-threatlabz-report-sneak-peek">https://www.zscaler.com/blogs/security-research/whats-powering-enterprise-ai-2025-threatlabz-report-sneak-peek</a> </p>