Security teams are investing in AI defenses that are ineffective. In October 2025, researchers from OpenAI, Anthropic, and Google DeepMind revealed alarming findings that should give every CISO pause during the procurement process. Their study, titled “The Attacker Moves Second: Stronger Adaptive Attacks Bypass Defenses Against Llm Jailbreaks and Prompt Injections,” tested 12 AI defenses, many of which claimed high success rates in preventing attacks. However, the research team managed to bypass these defenses with over 90% success rates. This highlights a critical issue for enterprises: most AI security products are not adequately tested against real-world attacker behaviors.
Security teams are increasingly turning to AI solutions to enhance their defense mechanisms. However, a recent study conducted by researchers from OpenAI, Anthropic, and Google DeepMind has revealed concerning results. The research, published in October 2025, tested 12 AI defenses that claimed high success rates in preventing attacks. Despite these claims, the study found that the majority of these defenses could be bypassed with over 90% success rates. This research underscores a significant challenge for enterprises: many AI security products are not effectively tested against real-world attacker behaviors.
