Software Development Trends and Predictions 2025 From Industry InsidersSoftware Development Trends and Predictions 2025 From Industry Insiders

What are the top software development trends for 2025? ITPro Today tech expert Christopher Tozzi has shared six trends — including decreased use of microservices and reduced hype surrounding AI-assisted development — that are set to shape the developer landscape.

Do IT leaders and industry insiders feel the same way about where software development is headed this year? Check out their predictions for 2025 below:

AI Joins the Dev Team

2025 will be the year developer capacities are enhanced by the power of AI, as AI tools are officially integrated into the developer tech stack. Over the course of the next year, we'll see team structure and processes adapt to maximize collaboration between AI and developers, experimenting with AI-augmented workflows and increased automation of demanding responsibilities like on-call shifts to supercharge efficiency and velocity. — Matt Makai, VP of Developer Relations & Experience, LaunchDarkly

Coding Agents Go Pro

Developers are used to seeing coding agents as "toys" or as less efficient than human coding, but that perception will shift in 2025. With companies like Google adopting coding agents for 25% of their code output, it's becoming clear that these tools are "good enough" for top-level performance. Job descriptions, skill expectations, and role evaluations will increasingly emphasize the ability to leverage these tools, not avoid them. Those who fail to embrace coding agents may face challenges in career growth as AI-based efficiency becomes a standard metric. — Claire Vo, chief product & technology officer, LaunchDarkly

Related:What Is a Software Developer and What's the Best Way to Become One?

Embracing Experimentation

Over the years, we've seen the CI/CD pipeline become more automated and sophisticated, enabling faster deployments and higher-quality software. But as we look to the future, the next evolution lies in embedding experimentation directly into the fabric of the development cycle. In 2025, the teams that truly excel will be those that embrace experimentation as a key part of their culture, going beyond traditional A/B testing and feature flagging to integrate experiment-driven development techniques throughout the development lifecycle — from coding and testing to production. Organizations will also maximize the impact of experimentation by building increased visibility and touchpoints for product management, marketing, and data scientist teams to drive better decision-making. — Claire Vo, chief product & technology officer, LaunchDarkly

The Tech Stack Divide of 2025

2025 will see a growing divide between businesses that control their tech stack and those that don't. Companies that rely on fragmented third-party platforms will struggle to keep up with changing customer demands, while those with full-stack ownership will lead the way in innovation, personalization, and efficiency. Owning the stack gives businesses the ability to adapt in real time, harness emerging technologies like AI, and scale without bottlenecks. To achieve this, businesses need to stop treating IT as a short-term fix and start viewing it as a long-term competitive advantage. — Leo Poggiali, co-founder and CEO, Ooodles

Related:7 Trends That Helped Shape Software Development in 2024

AppSec's 2025 Focus: Cutting Through the Noise

Signal through noise will continue to be the name of the game for AppSec in 2025. Organizations are drowning in noise, findings, alerts and notifications. They are in desperate need of context and are looking for tools to not just provide insights around exploitation, exploitability, and reachability for better prioritization, but to take it a step further and move toward remediation and solutions that help not just find, but fix problems. 2024 is another year of record vulnerability and CVE growth, and modern solutions are needed more now than ever. — Chris Hughes, chief security advisor, Endor Labs

Related:Top 10 Software Development Stories of 2024

Growing Convergence of AI, AppSec, and Open Source

We will see the continued intersection of AI, AppSec, and open source — from malicious actors targeting open source models, the communities and platforms that host them, and organizations looking to leverage AI to address code analysis and remediation. Increasingly, we will see widely used OSS AI libraries, projects, models, and more targeted as part of supply chain attacks on the OSS AI community. Commercial AI vendors are not immune either, as they are large consumers of OSS but often aren't transparent with customers and consumers regarding what OSS they use. — Chris Hughes, chief security advisor, Endor Labs

First Major AI-Generated Code Vulnerability

Development teams have eagerly embraced AI, particularly GenAI, to accelerate coding and drive efficiency. While the push for the "10x developer" is transforming software creation, the need for speed can sideline or shortcut traditional practices like code reviews, raising significant security concerns. In the coming year, overconfidence in AI's capabilities could lead to vulnerable or malicious code slipping into production. GenAI is powerful but fallible — it can be tricked with prompts and is prone to hallucinations. This risk is not hypothetical: 78% of security leaders believe AI-generated code will lead to a major security reckoning. The CrowdStrike outage illustrated how quickly unvetted code can escalate into a crisis. With AI-generated code on the rise, organizations must authenticate all code, applications, and workloads by verifying their identity.

Code signing will become an even greater cornerstone in 2025, ensuring code comes from trusted sources, remains unchanged, and is approved for use. Yet, challenges persist: 83% of security leaders report developers already use AI to generate code, and 57% say it's now common practice. Despite this, 72% feel pressured to allow AI to stay competitive, while 63% have considered banning it due to security risks. Balancing innovation with security will be critical moving forward. — Kevin Bocek, chief innovation officer, Venafi, a CyberArk company

AI-Driven APIs: A Wild Frontier

In 2025, the relationship between AI and APIs will enter uncharted territory, reshaping how systems are built and interact. AI will increasingly guide developers in crafting and consuming APIs, introducing new patterns and unpredictable usage scenarios. This shift will demand advanced observability tools to monitor and adapt to evolving behaviors, ensuring systems remain secure and efficient. As AI dynamically composes user experiences in real time, APIs will need to be more robust, resilient, and flexible than ever before. Businesses must embrace this wild frontier with innovation and foresight, as the synergy between AI and APIs transforms digital ecosystems in ways we're only beginning to understand. — Rob Brazier, VP of Product, Apollo GraphQL

AI and APIs: The Backbone of Intelligent Innovation

In 2025, the fusion of AI and APIs will redefine how businesses build and run intelligent systems. APIs will evolve from simple connectors to dynamic engines for innovation, driving experimentation and production at unprecedented scales. As AI applications proliferate, organizations will demand APIs that not only handle the chaos of rapid prototyping but also balance speed with robust security and cost efficiency in production environments. Granular access controls, real-time performance monitoring, and optimized compute environments will become non-negotiable for businesses navigating this new era. APIs will act as the trusted gatekeepers of sensitive data, ensuring that AI-driven systems are both powerful, smart, and secure. This synergy between AI and APIs will empower developers to build smarter, faster, and more resilient applications, setting a new standard for innovation across industries. — Subrata Chakrabarti, VP of Product Marketing, Apollo GraphQL

The Composable Revolution Will Take Center Stage

In 2025, composable and modular architectures will redefine how organizations build and manage their technology ecosystems. By enabling businesses to integrate, test, and scale workloads with unprecedented flexibility, composable architectures will empower teams to handle the increasing velocity of data and complexity of operations. This approach will support seamless collaboration across supply chains, optimize performance, and reduce latency, making it an essential strategy for industries ranging from fintech to healthcare. As the demands on systems grow, composability will emerge as the foundation for agility, allowing organizations to innovate faster and be future-ready while maintaining simplicity and control. — Subrata Chakrabarti, VP of Product Marketing, Apollo GraphQL

GPU Demand Soars, but AI Adoption Has Companies Rethink Resource Allocation

As we enter 2025, the AI industry faces an unexpected situation: a huge demand for GPUs worldwide, yet many of these powerful chips aren't being fully used. While companies invested heavily in GPU-based infrastructure, many continue to struggle to apply these chips to AI workloads, instead redirecting them toward non-AI applications. The expected AI-driven boom remains slower than anticipated.

We will continue to see companies be more selective with GPU allocations, as companies focus on areas where the impact of AI in areas like data analytics and cloud computing enhancements — rather than emerging AI initiatives. Additionally, as developers become more resource-conscious, the focus on optimizing algorithms for available hardware, leveraging CPU-bound AI, and adopting hybrid approaches could become central trends. Ultimately, 2025 may be a year that companies will adapt to both the technical and logistical challenges of realizing AI's potential. — Molly Presley, SVP of Global Marketing, Hammerspace

GenAI Challenges for Developers

Developers building with generative AI face several key challenges today: accuracy, speed, and cost. While the underlying AI models are making progress in these dimensions, engineers are looking for developer tools that can augment their tech stacks. On the accuracy front, we will see new, innovative ways for memory management in enterprise AI applications as developers seek to manage AI models' biggest shortcoming — a lack of long-term memory. Speed will continue to emerge as a top challenge for GenAI developers, especially with the rise of AI agents relying on a large number of LLM-dependent iterative loops at every step, which can result in a very poor user experience. Novel techniques such as semantic caching will be a game changer in helping avoid unnecessary inference cycles, increasing speed, and reducing costs. — Manvinder Singh, VP of AI Product Management, Redis

The Growing Demand for 'Security-as-Code'

The ongoing headcount gap for cyber roles — which is largely a result of budget issues — will drive organizations to embed security practices more deeply into their software development and operational processes. The concept of "Security-as-Code" will gain traction, where security configurations, policies, and controls are automatically integrated into infrastructure and application development workflows. By leveraging DevSecOps and Infrastructure-as-Code (IaC) principles, organizations will automate the deployment of secure environments without requiring deep security expertise for every project. The demand for "Security-as-Code" frameworks will increase, enabling teams to build security into software and infrastructure from the ground up. This shift will mitigate the impact of the headcount gap and enable faster, more secure deployments, especially in industries with high compliance requirements, such as finance and healthcare, and for vendors that provide products to those industries. — Kayla Williams, CISO, Devo

No-Code/Pro-Code Analytics Boundaries Will Be Shattered

In 2025, the boundary between no-code and pro-code analytics will dissolve entirely. By empowering product managers to generate 80% of analytics content and enabling developers to fine-tune it, AI-driven platforms will spark a revolution in analytics development, slashing development cycles and maximizing team efficiency. This game-changing approach will redefine how companies integrate analytics, making data-driven decision-making more collaborative and accessible than ever before. — Yigal Edery, SVP Product & Strategy, Sisense

A Growing Community of Diverse Developers

More people than ever before will be writing software. Open source software (OSS) continues to expand at an exponential rate, fostering a broader diversity of thoughts and ideas. As more individuals, especially students and non-professionals, enter the field, this growth offers an excellent opportunity to share established security best practices in software development and management. The OpenSSF and the Linux Foundation provide numerous resources focused on education and training, promoting secure development practices in developers' daily lives and workflows. — Christopher Robinson, chief security architect, OpenSSF

Significant Increase in Software That's Developed Thanks to AI

By January 2023, 92% of U.S.-based developers were using AI coding tools, so software AI generation is already here. Developers are becoming more comfortable with it and will be using it more. However, study after study has found that AI-generated code tends to have more vulnerabilities than human-generated code, which makes sense—it can't fully understand the code, and there's a lot of vulnerable code it's learning from. The most likely solution will be in two parts. First, automation: Projects like the AIxCC competition are working to develop AI tools to find and fix vulnerabilities. Second, we need humans to better understand how to develop secure software so that they can better supervise AI systems. We encourage software developers to take a course, such as our "Developing Secure Software" (LFD121) course, to learn how to develop secure software. — David A. Wheeler, director of open source supply chain security, OpenSSF

Expect a Very Gradual Rise in Memory-Safe Language Use in System Software

Many software vulnerabilities can be eliminated by using programming languages that are memory-safe by default. However, it is impractical to rewrite all existing software in C and C++, which are not memory-safe by default. No one has the trillions of dollars necessary for those rewrites, and their alternatives have their own challenges. For example, Rust has only one production-ready compiler and does not support many CPUs. In 2025, I expect to see gradual rewrites of small C and C++ modules, along with more use of them. There will also be longer-term efforts in 2025 that may pan out later. Some are investigating using AI to economically translate C and C++ to a memory-safe language. There's also work to develop a memory-safe variant of C++. These longer-term efforts won't be ready for production use in 2025, but they might give us long-term alternatives. — David A. Wheeler, director of open source supply chain security, OpenSSF

Expect Increasing Penalties for Egregiously Bad Software Development Practices

Meta recently paid a non-trivial penalty for failing to encrypt passwords. Delta is suing Crowdstrike for failing to test an update fully before releasing it. The Cybersecurity and Infrastructure Security Agency (CISA)  and the FBI have posted a document listing bad practices. It's impossible to develop large-scale software without making mistakes, but some practices will be considered so unacceptable that we'll start to see more penalties for some egregiously bad practices. — David A. Wheeler, director of open source supply chain security, OpenSSF

By the End of 2025, 20% of All Software Code Generated Will Come From AI Agents/Assistants

Software code is one of the most prominent vertical applications of AI agents. As the companies integrate more tools into those agentic workflows and improve validation techniques for the AI-generated code, there's rapid progress in the quality and capabilities of those coding agents. Outcomes: We will see an increase in the productivity of professional software engineers, which will translate into productivity improvements for the software's end users. We will also see a dramatic acceleration in the migration from older legacy code bases to new ones. Last but not least, my mom will write her first software program. — Andrew Filev, CEO & founder, Zencoder

Multi-agentic AI Will Continue to Build Momentum

Looking forward to 2025, multi-agentic AI will continue to build momentum and complete its evolution from "cutting edge" to "routine" regarding GenAI implementation. AI agents can now take action instantly and continuously as they monitor data sources. It is likely that at the pace at which developers augment software and produce code with AI agents, most code will be AI-generated by the end of next year. Rather than threatening the jobs of software developers, AI agents will allow enterprises to deliver high-quality value faster and assist developers in addressing the backlog of work due to the global talent shortage. Additionally, job descriptions will shift from "developer" to "alignment engineer," as they will be directly in the loop, ensuring that the agents operate properly. With the help of AI agents and robust prompt engineering, developers can greatly improve productivity. — Frederic Miskawi, VP and AI Innovation Expert Services lead, CGI

Navigating the Risks and Benefits of Democratized Application Development

Application development is a bit like building a bridge: before construction begins, you must ensure the structure can handle environmental stresses. But with today's democratized development tools, application development doesn't always come with that same foundational rigor. This rapid-access approach to development brings both benefits and risks — on one hand, it speeds up innovation, making it easier to build and launch new applications; on the other, it can sometimes overlook critical durability in favor of speed. The balance lies in empowering developers to innovate quickly while maintaining a level of resilience as their applications scale. — Andrew Davidson, SVP of products, MongoDB

2025 Is the Year to Redefine Productivity

In 2025, companies will redefine the way they measure developer productivity. Rather than measuring only "developer metrics," such as product quality, delivery speed, and organizational performance, companies will need to look at how well teams are delivering value. Google's DORA report found that GenAI has the potential to slow down development, but the hypothesis that many of us are deriving from this is that the work is possibly changing. In the past, development teams split up a project into smaller, digestible pieces (e.g., adding a button to the user interface, integrating that button in the backend, etc.) that each individual contributor would work on. Now, individual developers are taking on much larger pieces of work, using GenAI to support the coding of individual pieces before putting it all together. This means that the developer's release is technically taking longer, because the work unit they are delivering is much larger. However, I truly believe that developers leveraging GenAI are significantly more efficient and will start to highly outperform competitors that are not leveraging it. — Eric Ledyard, VP of enterprise architecture, Coder

GenAI Adoption Changes Low-Code Development and Tackles Technical Debt

Low-code teams will finally get serious about adopting functional testing best practices as they realize that low-code + GenAI can produce sophisticated applications that rival pure code solutions. In addition, as GenAI increases the velocity of code development, companies will begin to tackle more complex projects that were impractical in the past. They will finally address mountains of technical debt and spend more time on user experience improvements that require significant coding to realize. — David Brooks, SVP of evangelism, Copado

Code-to-Cloud Security Set to Redefine Protection from Development to Deployment

The convergence of cloud security and application security will drive code-to-cloud approaches to become standard in cloud security solutions. As cloud environments grow more complex, identifying and fixing security issues at the code level before production becomes essential. This approach integrates security throughout the software lifecycle — from development through runtime. With DevSecOps, CI/CD integration, and automated threat response, code-to-cloud strategies streamline security practices, making it easier to trace vulnerabilities back to their source and resolve them quickly. — Gilad Elyashar, chief product officer, Aqua Security

Pragmatic Vulnerability Management and Proactive Security

Security teams will continue to adopt a more efficient, realistic approach to managing vulnerabilities, which will only grow. This means not only more rigorous prioritization but also the understanding that more proactive shift-left measures are required and that simply accepting that some vulnerabilities cannot be fixed can only be achieved without taking on unacceptable risk if they augment their preventive measures with other controls that mitigate that risk — for example using runtime controls, better detection and response mechanisms, etc. — all of which require a much more holistic view of risk from early stages of development all the way to production. — Rani Osnat, SVP strategy, Aqua Security

AI in Development: The Rise of the 'Developer's Apprentice'

In 2025, AI will become an indispensable "apprentice" in the developer's toolkit, automating bug fixes, testing, and code optimization. According to O'Reilly, 51% of companies were already using AI-assisted development tools by 2023, and this trend will accelerate. AI in development will bridge skill gaps and reduce error rates by 20% or more, helping developers keep pace with the faster release cycles of DevOps. — Ravi Ithal, GVP and CTO, Proofpoint DSPM Group

Testing Will Be a Strategic Priority

Engineering leaders are starting to recognize that testing is fundamental to delivering quality software, particularly automated testing as AI-driven development becomes widely adopted. In fact, 52% of developers are already using automated testing for security measures. In 2025, this trend will continue to grow. — Trisha Gee, lead developer advocate, Gradle

GenAI Will Drive Investment in Build & Testing Infrastructure

As generative AI accelerates both the speed and volume of code production, investing in tools that accelerate build and test cycles will become more critical than ever in 2025. This focus will be crucial for maintaining code quality and effectively managing the large volume of code. — Trisha Gee, lead developer advocate, Gradle

GenAI Will Increase Need for Code Quality Oversight

AI-generated code does not yet match the quality of developer-written code, increasing the need for senior developers to review and manage bloated, sometimes flawed AI codebases. Quality control and new strategies for code management will become a big priority in 2025 as developers require tools to efficiently navigate and troubleshoot code they didn't create. — Trisha Gee, lead developer advocate, Gradle

GenAI Will Cause a Rift Between Junior & Senior Engineers

While senior developers leverage AI as a powerful tool for productivity, its widespread adoption may unintentionally sideline junior developers. As experienced engineers focus on training AI rather than mentoring juniors, organizations risk creating a future talent gap, where today's juniors lack the skills to become tomorrow's senior developers — leaving teams reliant on AI without the expertise needed to guide its evolution. — Trisha Gee, lead developer advocate, Gradle

GenAI Will Increase Software Security Risks & Require Better Tools

Generative AI has the potential to introduce greater security risks and vulnerabilities due to the volume and quality of AI-generated code. For example, cases like the XZ Utilis Backdoor will only become more common, so fast and frequent vulnerability responses will become even more critical. As such, developers will need better tooling to manage and validate AI-generated code to avoid new risks. — Brian Demers, developer advocate, Gradle

Observability into the Toolchain Will Be More Important Than Ever

Observability, already a cornerstone of modern deployment processes, will increasingly extend to software builds and the broader developer toolchain. As distributed systems, microservices, and AI-driven code generation make development environments more complex, pinpointing issues like bottlenecks, test failures, and errors will become more challenging without robust observability tools. Greater visibility into these processes will be critical for maintaining efficiency and quality. — Brian Demers, developer advocate, Gradle

Developers Will Have to Double-down on Testing and Quality Control

With generative AI increasing the volume and pace of code and dependency updates, testing and quality measures like unit testing, static analysis, and secrets detection will be essential to maintaining stable applications. In 2025, automated testing suites and robust tools for impact analysis will be critical, allowing developers to quickly assess how changes affect the system and to prevent unexpected breakages as updates become more frequent. — Brian Demers, developer advocate, Gradle

Human Insight Will Remain the Driver of Low-Code/No-Code Development Success, Not AI

While AI-powered low-code and no-code platforms will undoubtedly empower more individuals to create basic solutions, we must be clear about their limitations — building robust, scalable, and secure applications isn't something you can just offload to an AI. While these tools excel at generating code snippets and automating routine tasks, they can't replace the expertise needed for robust, scalable, and secure enterprise solutions. 2025 will be the year organizations grapple with maintaining and expanding their AI-co-created systems, exposing the limits of their understanding and the gap between development ease and long-term sustainability. The future of low-code and no-code development will be shaped by a symbiotic relationship between human ingenuity and AI automation. Success will come to those who can effectively leverage AI's strengths while complementing them with irreplaceable human insight and expertise. — Tanner Burson, VP of engineering, Prismatic

AI Will Make Huge Strides in Software Development — but Not Where You Think

Despite the hype around AI-generated coding, software development is inherently about building new things that previously did not exist, which AI simply cannot do. In 2025, I expect enterprises to identify new AI use cases for developers, but building applications will mostly remain in the hands of the creative professionals using AI to supplement their work. I think the biggest gains for software developers in 2025 will come in the form of AI-powered search and providing suggestions for where improvements can be made. However, at the end of the day, the actual developers will have to engineer these changes and create the code to ensure a human touch is present throughout the process. — Tobie Morgan Hitchcock, CEO and co-founder, SurrealDB

Enterprises Will Prioritize Developers' Speed to Market Over Spend

In the current economic landscape, enterprises are most focused on optimizing costs and improving speed to market in 2025. However, to compete against AI tools that can build simple applications incredibly quickly, they're prioritizing investment in solutions that cut developer timelines with cost as a secondary factor. I expect to see enterprises bet big on AI in 2025 to make their time to market faster — and by simplifying their database workflows, they'll actually generate cost reductions as well. — Tobie Morgan Hitchcock, CEO and co-founder, SurrealDB

Testing Gets Transformed

Long overdue, one of the biggest bottlenecks in software development and one of the most time-consuming tasks for human team members is software testing. Software testing will finally change for good in 2025. Low code/no code went some way towards this, but it still depended on test scripts being written, and code in this context is always at risk of being fragile: If one small thing changes, then a test breaks. A developer might be presented with 10,000 failed tests: Perhaps something major did go wrong, but maybe it did not in reality. So, it becomes tempting to give up, cut corners, or accept that testing is a bottleneck. The next generation of AI testing changes everything by removing the need to write code. Instead, it will use natural language instructions provided by humans to automatically carry out tests. AI will significantly reduce much of the manual work involved in testing and ultimately eliminate it entirely. Human team members become supervisors of tests rather than executors, freeing up their time for more valuable tasks. For example, if AI processes a loan request and turns it down, a human can interrogate AI and ask for more details about how it reached that conclusion. And testing is just the start: We will continue to see AI completely transform other aspects of IT. — Rod Cope, CTO, Perforce

'Trust and Verify' Approach to Coding with AI

We should embrace AI innovation to benefit the future trajectory of software development. AI-generated code and testing tools can amplify developers' productivity, enabling them to focus more on projects that align with broader business goals. However, AI is a complement, not a replacement, of developers' skills, and business leaders must recognize this important distinction. The activity of conceiving, designing, and architecting a system or a feature is not only a coding detail, it is a craft and should not be ignored. Humans must remain integral to the testing and verification process, whether the code is AI-generated or written by developers. The demand and rising use of AI in the coding process means developers are writing more code, all of which must be tested for security and quality. At a minimum, all code should undergo rigorous testing, with multiple control checks established by developers to trust and verify code at each stage of development. While AI will continue to boost developer productivity in the coming years, if underlying issues in the code development process aren't addressed, more AI-generated code will only lead to more code to fix. Software teams need to utilize trusted, automated code testing tools and apply a human lens and critical thinking to ensure the delivery of high-quality code they can be confident in. — Andrea Malagodi, CIO, Sonar

AI's Rise in Code Development Spurs Organizational Flattening

As AI assumes a larger role in code development, generating and evaluating code, commits, design documents and other development artifacts, organizational hierarchies will likely flatten. This transformation will reduce the need for multiple layers of pure people management, as AI systems take on more of the technical oversight and quality control functions traditionally managed by middle management layers. — Gopi Duddi, SVP of engineering, Couchbase

The Great App Revolution: AI Will Transform Every Enterprise Application

The rapid adoption of AI tools is forcing engineering teams to radically rethink their approach to data management. Within the next few years, the integration of AI across enterprise applications will generate unprecedented volumes of data — not just from AI processing, but from the cascade of automated workflows, interconnected systems and intelligent features that AI enables. To handle this data explosion, engineering teams must abandon traditional monolithic architectures in favor of distributed systems that can scale dynamically. Success will require implementing hybrid solutions that balance data across on-premises and multiple cloud regions, while maintaining strict data sovereignty and privacy controls. Teams must also develop expertise in automated data management and cross-application data flow, as the future enterprise ecosystem will demand seamless data sharing between AI-enhanced applications. — Gopi Duddi, SVP of engineering, Couchbase

AI's Role in Code Accountability

AI is already transforming the way developers work, streamlining processes and alleviating the repetitive nature of writing code. By 2027, 70% of professional developers will be using AI-powered coding tools. Google's CEO recently said that already more than a quarter of all new code at Google is generated by AI. However, as adoption grows, a major challenge is emerging: code accountability. AI-generated code must undergo rigorous review to identify potential security vulnerabilities and quality issues early on — before they can lead to costly problems. Yet, the responsibility for ensuring this review often gets overlooked. In 2025, as AI tools become essential for developers, they'll need to take greater responsibility for code accountability. By integrating a "trust and verify" approach early in the Software Development Life Cycle, developers can save time and increase their capacity to tackle large-scale projects that drive business success. The same level of scrutiny applied to human-written code must be extended to AI-generated code. With human oversight embedded throughout the workflow, development teams can ensure that AI-driven code meets established quality and security standards. — Tariq Shaukat, CEO, Sonar

'Software as a Critical Business Asset' Will Top Agendas

In 2025, we will see more executives and boards of directors put "software as a critical business asset" to the top of their agenda. When bad code costs organizations $2.41 trillion in the U.S. alone, it shouldn't be a question anymore of how important software is to business, but how do we ensure it is a competitive differentiator and doesn't put our business at risk? Organizations strive to protect their codebase against risks, yet often, the focus on code security tends to emerge later in the development lifecycle rather than as an initial investment in secure-by-design practices. I believe we will see the C-suite mindset shift to see software in a new strategic light and build software quality into the fabric of the way business is done. Especially as AI-generated software development continues to pick up steam, it is the responsibility of CEOs and boards to put mechanisms in place that uphold and maintain code quality and security during development. The future of digital business depends on it. — Tariq Shaukat, CEO, Sonar

AI Will Drive Complete Application Rewrites as Companies Move Beyond Bolt-On Solutions

While there is now a surge of companies adding AI capabilities to existing applications, particularly in content generation and marketing, sectors like healthcare with vast amounts of untapped data will need to move beyond simple AI enhancements. Companies will realize that merely using AI to make existing applications better is insufficient, and they'll need to completely rewrite their applications to fully capitalize on AI's potential. The long-term future is a comprehensive transformation where every application — small, medium and large — is going to be revised and rewritten using AI. This sweeping movement will mark a fundamental shift from bolt-on solutions to ground-up redesigns, as organizations recognize the benefits of building truly AI-first applications that can fully harness the technology's capabilities. — Mohan Varthakavi, VP of AI and edge, Couchbase

An Overreliance on AI Will Cause Issues for Developers

We're already seeing consultancies having trouble selling development days. Some are pivoting and selling AI code assistant training instead of traditional development practices. Over the next couple of years, developers will need to make sure that more junior workers entering their teams are not stuck in the trap of being "AI-native." Those that have an overreliance on AI, such as heavily leaning on copilot AI tools to double check their work or even do parts of it for them, could see a huge gap between junior and senior developers who have worked in the industry since before the AI boom. Senior developers will know if the AI hallucinated, how accurate the answer is and possibly re-prompt the assistant to get to a working solution, while junior developers may not fully understand the reasoning behind that solution if an AI tool suggested it. Companies will need to find ways to help junior developers grow without being overreliant on AI tools if they want to become senior developers in the future. They will need to understand, for example, why a chatbot suggested a particular solution so that they know how to solve the problem themselves. Companies will need to invest more in education going forward, especially through hands-on experience. But the beauty of AI is that it can also provide training. Developers might soon start to use AI to offer hands-on, immersive and real-time learning experiences — much like learning a language by immersing yourself in the culture. It can guide developers through coding processes and help them learn on the job. The value of AI might be in how it allows us to work better with what we already have rather than to generate something completely new. — Laurent Doguin, director of developer relations and strategy, Couchbase

A Shift Toward Accessible AI Development

As the open-source community of AI development has widened over the years, in 2025 I expect we'll see a dominant shift to making more pathways, programs, and processes to streamline AI development and technologies. Already, we are witnessing an eagerness in testing new development processes across our community of edge and vision AI users. The ability to develop AI models with ease allows hobbyists and industry experts to deploy models locally, familiarize themselves with the technology and process, and learn to scale their use cases for the enterprise. I anticipate we will see an overall shift towards making development technology more accessible. — Eita Yanagisawa, senior GM of System Solutions Business Division, Sony Semiconductor Solutions, AITRIOS

AI Tools to Revolutionize Developer Productivity

Ongoing trends in AI development between both novice and experienced developers for the next year illustrate how the impact of AI tools we see play out in the next year will be that different developer personas will leverage these tools in distinct ways. For junior developers, AI serves as a virtual pair programmer — but it's not a magic wand that transforms them into senior engineers overnight. Early career developers tend to adopt these tools more readily since they haven't developed years of muscle memory with traditional toolchains. However, they're also more likely to accept AI suggestions without applying the necessary critical evaluation. The real surprise has been watching senior engineers who embrace these tools. They're achieving massive productivity gains by directing AI to handle specific tasks using established patterns. Their deep understanding of software patterns lets them effectively "conduct" the AI, even switching programming languages with remarkable ease. Based on these trends we've seen, what I foresee is that AI will continue to eliminate the "toil" that consumes senior developers' time. Take pull request reviews — by having AI perform initial passes and provide instant feedback to developers, we're significantly reducing cycle times and freeing up senior engineers for higher-value work. — Nate Berent-Spillson SVP, product engineering, NTT DATA

Expect a Shift-Left Evolution in DevSecOps

Reinforcing a shift-left approach, 2025 will see a more integrated DevSecOps pipeline, breaking down silos between development, quality, and security teams. This convergence will enable faster releases and reduce vulnerabilities by embedding testing and security checks early and often throughout the pipeline, aided by AI-driven insights. Additionally taking an integrated approach will also provide greater visibility to stakeholders, allowing the ability to track the overall status of an application including development progress, quality and security in order to make more informed decisions and prioritize accordingly. — Udi Weinberg, director of product management, OpenText

AI Will Transition from a Reactive to Proactive Solution for Software Developers

As AI becomes more proactive, developers will spend more time on complex, strategic tasks than on daily monotonous tasks, which sometimes consume a developer's day and take them away from writing secure code. A key part of proactive AI will focus on mitigating security and privacy risks. There will be a shift in automated testing from AI writing tests to AI managing test suites (including traditional application security testing, AST). This frees developers' time to focus on problem-solving and driving innovation. — David DeSanto, chief product officer, GitLab

More AI Models Will Come from Open Source Projects

Open source projects and organizations have been contributing AI models that meet the needs of the industry, making AI available to everyone, not just to organizations that can afford to pay for it. There will be more companies that offer both commercial and open source offerings. No one approach will win, just as open source and commercial software models have coexisted in the traditional software world for decades. — David DeSanto, chief product officer, GitLab

ModelOps Will Become a Critical Component of Software Development Lifecycle

While many data scientists and data engineers operate outside the traditional DevSecOps workflow, this disconnect will increasingly hinder their effectiveness. As AI becomes more deeply integrated into software development, ModelOps will emerge as a critical component of the SDLC. By combining DataOps, which focuses on preparing and managing data, with MLOps, which handles the development, training, deployment, and versioning of AI models, ModelOps will provide a comprehensive framework for ensuring the successful integration of AI into the SDLC. — David DeSanto, chief product officer, GitLab

Embedded Systems Development Will Become a Major Focus Next Year

As IoT and embedded software growth outpaces traditional server-based development, there will be increased attention on adapting DevSecOps principles and tools for embedded systems. This will address unique challenges like hardware-in-the-loop testing and integrating software updates with diverse and constrained hardware environments. — Brian Wald, head of global, field CTO, GitLab

GenAI Is Poised to Make Large-Scale Application Modernization Economically Viable

While "app modernization" has become a buzzword, the real barrier has always been cost. Organizations have historically avoided modernizing smaller operational systems — such as internal portals and back-office tools — because the return on investment wasn't worth the expense. Managing inefficiencies and risks was easier than overhauling these legacy systems. GenAI changes this by lowering the cost and complexity of modernizing these applications, making it feasible to see meaningful ROI within 1-3 years. This shift finally makes large-scale modernization practical for the overlooked systems that keep organizations running, unlocking efficiencies and reducing security risks across the board. — Brian Wald, head of global, field CTO, GitLab

Platform Engineering Will Unburden Developers

Soon, we will see a significant shift: Everything beyond application development will be abstracted to the portfolio level through centralized platforms. This marks the decoupling of "Dev" from "Everything else." Integrating Dev, Ops, and Sec was necessary to reduce the siloed teams, but doing so at the application development level has introduced significant complexity. The "shift left" movement correctly identified the need for earlier involvement in critical processes but also unnecessarily burdened engineers. Developers are now overextended, taking on invisible tasks that consume significant time but remain unseen by the broader organization. These include orchestrating and maintaining tools, processes, and fast-changing requirements. To overcome this challenge, we must shift towards platforms that handle these operational and security responsibilities at the portfolio level, allowing developers to focus solely on building high-quality applications. This will improve efficiency, enhance quality, and restore the velocity lost in the current approach. — Brian Wald, head of global, field CTO, GitLab

AI Will Drive Efficiencies for Platform Engineers

The proliferation of pattern recognition in AI technologies is expected to reduce the friction of automating software releases into production. By creating reusable building blocks that encapsulate common functionalities for software delivery, platform engineers will help empower non-technical team members to easily assemble delivery pipelines using intuitive low-code techniques for testing, environment management, and release orchestration. This movement will lead to a rise in application development driven by AI-assisted tools, enabling organizations to meet specific needs more efficiently. — Lee Faus, global field CTO, GitLab

AI Will Drive Microservices Sprawl, Requiring Teams to Implement Development Guardrails

The speed of AI code generation will make it significantly easier to create new microservices, potentially leading to microservices sprawl and increased complexity. AI makes writing single-function services, which is the typical microservices approach, much easier. In the past when developers had to write services manually, they would spend more time researching whether similar functionality already existed elsewhere in the system. But with AI tools rapidly generating code, teams can quickly spin up new services without thoroughly checking for duplicates. Software teams will lean into development guardrails like architecture governance to combat microservices sprawl and ensure system integrity and manageability. Architecture governance, which involves setting rules for individual services and service groups, will allow teams to move fast while upholding design intent and data access principles. — Moti Rafalin, CEO and co-founder, vFunction

Organizations Will Move Past Superficial Metrics to Measure Software Quality

In 2025, organizations will finally start to realize that generating perfect code through AI doesn't guarantee good software. The technical debt accumulated from using AI tools as quality shortcuts will force organizations to treat software quality as a serious budgetary consideration. We'll see a shift away from superficial metrics like code quality scores and deployment frequencies, as these don't prevent software architectural failures or system collapses. Instead, engineering teams will need to implement tool-driven governance that measures how systems evolve in real-time and prevents unnecessary complexity. Organizations continuing to chase quick fixes through AI will watch their systems become unmaintainable, while companies investing in genuine quality will demonstrate measurable business value through resilient, adaptable systems. — Amir Rapson, CTO, CCSO, and co-founder, vFunction

Software Success Will Hinge on Quality, Not Architectural Trends

2025 will bring a fundamental shift in how organizations think about software architecture. You can have good software that is microservices-based, and you can have really bad software that's microservices-based. You can have really bad software that is a monolith and excellent software running in a monolith. It's not about the architectural patterns, it's about building good software. When you think about building good software, structures like a modular monolith can give you more control and impose fewer difficulties in certain areas — it's easier to deploy, easier to develop, easier to test, easier to have multiple environments that are exactly the same. Successful organizations will be those that focus on real software quality and engineering excellence, using tool-based governance to understand and improve their architectures. Without that deep understanding of what's actually going on, which very few organizations have, software quality will not drastically improve. — Amir Rapson, CTO, CCSO, and co-founder, vFunction

Fast AI Code Today Will End in System Gridlock Tomorrow

While AI makes writing code faster, engineering teams will be challenged in 2025 and beyond to take control of their software architecture as thousands of AI-generated components interact. Teams rushing AI development will spend more time untangling messy code than writing new features. Software fixes that once took days will stretch into weeks as developers wade through AI-generated functions with hidden dependencies. Bad architecture carries many costs: skyrocketing cloud bills, increased carbon emissions, engineering teams burnout, and more. Traditional monitoring approaches will prove inadequate as design patterns silently break down, system boundaries blur, and unexpected performance issues surface. Forward-thinking engineering teams will shift focus from code generation to deep architectural understanding, implementing new tools that monitor how AI-generated code impacts how systems evolve and detecting application design problems before they cascade. New capabilities and methodologies will be required to deal with the mass of generated code which will come with its share of AI hallucinations. Success with GenAI isn't about writing more code faster, but about maintaining architectural integrity across application ecosystems.

Organizations must invest in next-generation observability capabilities that track architectural drift, identify service dependencies, and protect system boundaries, or risk their AI-accelerated development leading to complex, tangled systems. The winners in 2025 won't be the fastest coders — they'll be teams who found ways to keep AI's speed while preventing it from turning their systems into puzzles. — Ori Saporta, VP of engineering and co-founder, vFunction

Software Complexity Will Become the Bottom Line: Enterprises Must Fix Bad Architecture or Pay the Price

Far too many organizations run bloated, complex Frankenstein systems they barely understand and can no longer sustain. The mounting pressure to increase reliability and prevent costly outages will drive companies to gain a deeper understanding of their applications and put a critical focus on optimizing their software architecture. Bad architecture carries many costs: skyrocketing cloud bills, increased carbon emissions, engineering team burnout, and more. In the next year, to optimize applications, teams will need to have complete visibility of their software architecture to evaluate necessary services, eliminate redundancies, reduce cost and cognitive load on teams, and build applications for longevity. 2025 will be about architecting for sustainability as AI changes the course of software. — Ori Saporta, VP of engineering and co-founder, vFunction

Developers Will Transition to Managing AI Agents with GenAI-Powered Low-Code Tools

Developers will shift from writing traditional code to orchestrating and managing AI agents. Powered by GenAI-embedded low-code tools, these AI-driven agent systems will become the gold standard for developing and managing enterprise applications. As this transformation unfolds, CIOs and their teams will need to prioritize transactional transparency, robust monitoring, and strong governance to effectively manage these AI agents and applications. With the projected shortage of half a million developers by 2030, and the massive demand for a billion new apps, the role of developers will become even more critical. AI agents and GenAI-powered applications won't just be a competitive advantage—they'll be a necessity for meeting rising expectations and demand. — Jithin Bhasker, GM and VP of App Engine, ServiceNow

Low-Code Platforms Will Revolutionize ERP Systems

Low-code applications will become the driving force behind the replacement of outdated and inefficient legacy EPR systems, enabling organizations to build custom, agile applications that streamline operations. For decades, Enterprise Resource Management (ERP) has been plagued by time-consuming, manual processes, siloed data, and clunky interfaces that slow down decision making and hinder operational efficiency. By 2025, we'll see widespread adoption of low-code platforms specifically designed to integrate with and enhance legacy ERP systems. These ERP-aware low-code solutions will allow businesses to adopt a process-centric approach to orchestrate and automate ERP functions, reducing manual entry, eliminating data silos, and providing real-time visibility across the enterprise. As a result, businesses will be able to adapt more quickly to changing market conditions, reduce costs, and improve overall performance. — Jithin Bhasker, GM and VP of App Engine, ServiceNow

Injection Attacks Resurface as AI-Generated Code Opens New Vulnerabilities

As AI-driven coding tools become mainstream in 2025, injection attacks are set to make a strong comeback. While AI accelerates development, it frequently generates code with security weaknesses, especially in input validation, creating new vulnerabilities across software systems. This resurgence of injection risks marks a step back to familiar threats, as AI-based tools produce code that may overlook best practices. Organizations must stay vigilant, reinforcing security protocols and validating AI-generated code to mitigate the threat of injection attacks in an increasingly AI-powered development environment. — Randall Degges, head of developer and security relations, Snyk

The Operational Bill Comes Due After a Decade of Third-Party API-Fueled Innovation

A decade of rapid innovation fueled by third-party APIs and services has transformed how modern production applications are built and delivered. These critical integrations unlocked new features and enabled faster time to market, but they came with operational trade-offs: lack of visibility, reliability impacts, cost implications and security risks. Now, in an AI-driven era of increased scrutiny, these hidden challenges have accrued to a breaking point, demanding immediate attention. In 2025, platform teams and SREs will be forced to reckon with the sprawl of external dependencies embedded in their stacks. Many will uncover untracked APIs, single points of failure and inefficiencies driving up cloud costs. Troubleshooting time and unmet SLAs will reveal the hidden operational burden of these integrations, while reliance on institutional knowledge leaves critical systems vulnerable. — Tyler Flint, CEO and co-founder, Qpoint

The Road to ZeroOps

Over the next year, enterprises will need to make heavy investments to reduce their levels of complexity. Besides the efforts, we won't overcome this in 2025 and not even in 2026. Some companies will focus on moving to SaaS and PaaS platforms, however there will need to maintain certain critical workloads running on legacy systems, until they figure out the best way to migrate. ZeroOps won't happen overnight; to make it possible we need to build our applications resilient by design, trying to apply ZeroOps to a complex existing environment requires an enormous amount of effort and it is not always justified. I believe that in 2025, the use of AI will be so common that we won't need to call it explicitly, the term "AIOps" will then become obsolete over the next 2 years. In 2025 we are going to experience the first wave of AI Agents, as early adopters will start deploying intelligent components in their landscape able to reason and take care of tasks with an elevated level of autonomy. — Efrain Ruh, Field CTO of Europe, Digitate

AI Management and Optimization for Developers

2025 will be the year we see the challenges of securing AI, from a technology perspective but also business risk management, forcing industry, and governments to address them. Currently, the industry has a baseline understanding of how to use AI safely. In the coming year, we'll need to gain a deeper understanding of AI/ML engines and their journey in production usage, like an organization's most vulnerable risk that could be exploited. I see the control of the AI development process as the most critical aspect of AI security — meaning you set up AI hacking tools to steal data from ML models and corrupt them which can have widespread implications. Data management, retention policies and conflicting challenges of using personal data to empower AI, while protecting people's assets can no longer be avoided. On the utilitarian side, code generation via AI tools will become more reliable as we optimize models. Long-term, coding will evolve from writing code to explaining business problems to AI agents so it can generate the right coding solution. Checking results of the code before releasing it to be integrated will be an important step forward in bringing Dev(Sec)Ops teams out of siloes and into day-to-day business decisions. — Paul Davis, field CISO, JFrog

CISO Role and Bridging the Gap Between Developers and Security

As we enter 2025, security teams will recognize that striking a balance between developing software securely and focusing on protecting the technologies, while necessary, is no longer sufficient; they must also prioritize business metrics such as brand reputation, productivity, and security resilience as success factors. The modern day CISO will need to be a strategist, a businessperson, a marketer, a technologist, a data scientist, and a translator/change agent. CISOs have to convince other teams and groups in our organizations that our default response is not "NO." The security leader needs to present their team's work as an enabler that works with the businesses, developers, and IT. The need to work together is still critical as security bridges the gap and delivers services to determine how "we" can remove or reduce the issue while managing the need to keep risk at an acceptable level. Discussions around building brand reputation and security resilience in tandem will become more prevalent as teams seek to address overarching security issues rather than individual symptoms, such as fixing a singular vulnerability. — Paul Davis, field CISO, JFrog

Adapting to AI-Driven Development in 2025

The industry has seen an influx of developers relying on coding assistants, but most lack proper security guardrails. With staffing shortages and tight deadlines, developers, especially newer ones, often prioritize speed over security, leading to vulnerabilities being introduced into applications. As AI tools reshape the developer experience beyond code generation, organizations must implement tailored LLMs and reinforce security training to ensure speed and safety go hand in hand. — Danny Allan, CTO, Snyk

Continuous Everything Will Transform DevOps

The future of software development will be defined by Continuous Everything, fundamentally reshaping the CI/CD model. By integrating continuous testing, monitoring, security, and optimization across the entire software lifecycle, businesses will achieve unprecedented levels of automation and efficiency. This shift will streamline processes, enabling faster, more reliable, and secure releases. As a result, teams will be empowered to innovate while automating routine tasks, ensuring that software is not only delivered quickly but also with enhanced security and performance. Continuous Everything will become the cornerstone of DevOps practices, driving agility, resilience, and speed in an increasingly complex technology landscape. — Shankar Mishra, head of DevOps, Talentica Software

GenAI Will Redefine the Challenge of Measuring Software Developer Productivity

As traditional productivity metrics often fall short in capturing the complexities of coding, GenAI will introduce advanced tools capable of assessing code efficiency, quality, and developer contributions with unprecedented accuracy. By leveraging AI-driven code analysis and pattern recognition, organizations will gain deeper, data-backed insights into individual and team performance. This shift will enable technology leaders to provide constructive feedback to individuals, find out the right areas of improvement and monitor the progress to improve the productivity continuously. — Aniket Shaligram, VP Technology, Talentica Software

AI-Based Code Assistants Go from Early Adopter to Standardized

While 2023 and 2024 saw a lot of experimentation with coding co-pilots with expanded adoption in startup companies and various forward-leaning enterprises, 2025 will be marked as the year coding co-pilots become a standard. Like all new technology adoption, this will have pros and cons.  Expect to see more code developed more quickly, but keep an eye out for challenges with re-use, quality, security, and technical debt. — Derek Holt, CEO, Digital.ai

New Bottlenecks Emerge in Software Delivery

While AI-assisted development will drive increased code creation and ultimately drive individual developer productivity gains, new bottlenecks will quickly emerge across the broader software delivery lifecycle. Organizations that have not invested in test automation, built in security, release orchestration, code scanning and more will struggle to translate more productive developers into faster time to market. — Derek Holt, CEO, Digital.ai

Software Engineering Intelligence Steps into Spotlight

While Value Stream Management continued to lose steam in 2024, we also saw the fast emergence of Software Engineering Intelligence (SEI) to take its place. SEI will have a breakout year in 2025 as more and more businesses realize they need to measure the end-to-end business process of software development and delivery in order to drive continuous improvement, truly deliver improved developer experiences and ultimately realize the potential gains for an AI-powered Software Development and Delivery capabilities.  SEI is the key to each. — Derek Holt, CEO, Digital.ai

Enterprise Software Development Leaders Will Make Choices That Come Back to Bite Them

Success in 2025 will mean not just having AI in place but having it ready to scale and deliver consistent results. This will position organizations ahead in their industries through enhanced decision-making, operational efficiencies, and adaptive strategies driven by data-backed insights. But setting up AI without a way to measure it will be indefensible, and someone will pay the price of wasted efforts. — Adam Kentosh, field CTO, Digital.ai

Organizations Will Prioritize Measurement

Organizations will refine their software engineering processes to ensure AI can be effectively integrated, managed, iterated upon, and measured. The adoption of Software Engineering Intelligence (SEI) platforms will become critical to gaining the necessary insights to govern development, align with business goals, and monitor performance across production environments. — Adam Kentosh, field CTO, Digital.ai

Prioritizing Observability-Driven Development

We need to shift observability left, the way we have with security and many other areas of IT, so that it's actually being done as part of the design of an application. Right now, engineers aren't thinking about the metrics, data, and observability that they need as they're building things — it's almost always retrofitted afterwards. We've done test-driven development; why not observability-driven development? — Jacob Rosenberg, senior leader for infrastructure and platform engineering, Chronosphere

Moving Beyond 'Hero' IT and Dev Teams to Control Costs and Scale Effectively

Stop building heroes: In the coming year, organizations are going to start paying even more attention to costs and work to control costs as they scale their environments. As they do this, organizations need to stop building heroes in IT and dev teams. Why? There's always one person in an organization who winds up solving all the problems — they are the developers who know the code so well that they get called in every time there's a problem. This is a huge risk for organizations as they scale. Organizations that don't have the appropriate observability practices in place are forces to continue to build these hero environments where they are depending on the same people all the time. — Bill Hineline, field CTO, Chronosphere

AI-Driven Testing Will Change Software Development

Testing gets transformed — helped by AI — and will go way beyond the achievements of low-code techniques, ultimately removing the need to write test scripts at all. Consequently, the bottlenecks that testing has traditionally created in software development lifecycles will be removed, and teams will be able to focus their attention on a higher level, such as deciding what the test coverage should be. — Jim Cassens, CEO, Perforce

Revolutionizing Developer Productivity

AI is about to change software development forever. Beyond automating code, AI will act as a real-time partner, automating entire workflows, minimizing technical debt, and enabling teams to develop, test, and deploy faster than ever. This will empower every engineer to be more than just a coder—they'll be orchestrators of intelligent workflows, transforming how they build, iterate, and scale projects. — Priya Shivakumar, COO, Lightning AI