As we do yearly, we’ve heard from of us across the software program improvement trade who share their ideas on which areas will thrive and which could not survive in 2025 and past. Listed below are a few of their predictions for subsequent 12 months.
Derek Holt, CEO of Digital.ai
Whereas Worth Stream Administration continued to lose steam in 2024, we additionally noticed the quick emergence of Software program Engineering Intelligence (SEI) to take its place. SEI may have a breakout 12 months in 2025 as increasingly companies understand they should measure the end-to-end enterprise means of software program improvement and supply with a purpose to drive steady enchancment, actually ship improved developer experiences and in the end understand the potential positive aspects for an AI-powered Software program Improvement and Supply capabilities. SEI is the important thing to every.
Emily Nakashima, VP of engineering at Honeycomb
Whereas the present AI hype exhibits no indicators of slowing, a lot of the main target in 2024 was on AI code authorship slightly than code possession. Companies in the end spend way more time proudly owning, sustaining, and working software program than authoring it. The present era of AI instruments has proven it may be inconsistently helpful within the upkeep and possession drawback area. As such, 2025 will deliver heightened consciousness of the downsides of proudly owning AI-generated code and working LLMs in manufacturing — what was quick to create in improvement is abruptly sluggish, costly, and unpredictable in manufacturing. I’ll be looking for advances in finest practices for LLM observability and anticipate we’ll see headline-making safety incidents as a result of LLM-generated code.
Dylan Thomas, senior director of product engineering at OpenText Cybersecurity
In 2025, DevSecOps will proceed evolving past the ‘shift-left’ paradigm, embracing a extra mature ‘shift in all places’ strategy. This shift calls on organizations to use the fitting instruments on the proper phases of the DevSecOps cycle, bettering effectivity and effectiveness in safety practices. Light-weight evaluation in IDEs will assist builders catch points early, whereas automation built-in into pull requests and CI/CD pipelines will guarantee a cohesive ‘combine as soon as’ strategy for core features equivalent to SAST, SCA, and more and more DAST, notably for API safety testing.
Jans Aasman, CEO of Franz Inc.
As digital currencies develop, the sophistication of fraud, together with cash laundering and phishing would require extra superior detection strategies. Rising types of AI, equivalent to Neuro-Symbolic AI (NSAI) will mix sample recognition, logical reasoning, and language understanding to establish suspicious transactions throughout decentralized platforms. By analyzing blockchain information, sensible contracts, and transaction histories, NSAI will uncover hidden patterns of fraud, interpret the intent behind transactions, and distinguish professional trades from illicit actions like market manipulation. The distinctive talents of NSAI will have the ability to flag high-risk transactions whereas offering clear, explainable causes for the flags, serving to regulators and trade gamers preserve transparency and compliance.
Alex Merced, Senior Tech Evangelist, Dremio
The competitors to dominate the info catalog area will develop into a high-stakes showdown. As hybrid and multi-cloud ecosystems develop, organizations will demand seamless interoperability, driving fierce innovation in governance, lineage, and user-defined features (UDFs). Apache Iceberg will emerge as a key participant, redefining requirements for open desk codecs with its hybrid catalog capabilities. This race received’t simply reshape information structure—it is going to determine who controls the way forward for information portability.
Jamil Valliani, head of AI product at Atlassian
2025 would be the 12 months of the AI agent. As brokers develop richer in interactivity and begin to attain throughout extra than simply textual content and into audio and visible parts, they may deliver a few highly effective cultural shift in how people collaborate with AI. Brokers are already fairly good at augmenting and accelerating our work — within the subsequent 12 months, they may get even higher at performing extremely particular duties, taking specialised actions, and integrating throughout merchandise, all with people within the loop. I’m most excited to see brokers changing into exponentially extra refined in how they will collaborate with groups to deal with advanced duties. Our relationship with them will evolve, and we’ll see new types of collaboration and communication on groups develop.”
Lucy Beaumont, expertise administration answer lead at SHL
In 2025, main firms will more and more view their workforce as a neighborhood of abilities slightly than as static job roles. This angle permits organizations to harness and deploy abilities fluidly, assembly dynamic enterprise wants whereas supporting worker development. To do that, organizations might want to create skill-based ecosystems the place expertise might be matched with alternatives seamlessly.
Christopher Robinson, chief safety architect at OpenSSF
AI will more and more assist coders, defenders, and attackers speed up their work. By integrating AI with automated tooling and CI/CD pipelines, builders will have the ability to rapidly establish and repair coding flaws. Defenders can leverage AI’s potential to research large quantities of information and establish patterns, accelerating the work of SOC groups and different blue-team operations. Sadly, attackers may additionally use AI to craft refined social engineering assaults, overview public code for vulnerabilities, and make use of different techniques that can complicate cybersecurity within the close to future. We have to discover ways to safe AI earlier than broadly deploying it for safety functions.
Sachin Aggarwal, co-founder and CEO of StackGen
In 2024, 52% of builders who responded to Stacked Up: The IaC Maturity Report shared that they spend greater than 20% of their time on Infrastructure as Code (IaC). In 2025, IaC instruments will evolve to generate infrastructure from code slightly than counting on builders and infrastructure groups to be taught new instruments and programming languages. These instruments will apply safety and governance necessities by default, rising the time builders can spend on writing utility code that delivers enterprise differentiation slightly than losing time struggling to put in writing IaC.
Roshan Kindred, chief range officer at PagerDuty
Tech organizations, with their world workforces and buyer bases, should develop and implement inclusive IDE methods that stretch past Western-centric views. This implies designing localized initiatives tailor-made to the distinctive cultural and regional wants of staff to foster true world belonging. Supporting worker well-being would require regional and cultural alignment to handle the various challenges the world will face over the subsequent 4 years. Growing a world understanding of range should develop into a core management competency.
Arnab Sen, VP of information engineering at Tredence
Decentralization of information possession with information mesh structure will develop into extra prevalent, permitting groups to handle their very own information as merchandise. This shall be notably helpful for big organizations looking for impartial, high-quality information trade.
David A. Wheeler, director of open supply provide chain safety at OpenSSF
Many software program vulnerabilities might be eradicated by utilizing programming languages which can be memory-safe by default. Nevertheless, it’s impractical to rewrite all present software program in C and C++, which aren’t memory-safe by default. I anticipate to see gradual rewrites of small C and C++ modules, together with extra use of them. There may also be longer-term efforts in 2025 that will pan out later. Some are investigating utilizing AI to economically translate C and C++ to a memory-safe language. There’s additionally work to develop a memory-safe variant of C++. These longer-term efforts received’t be prepared for manufacturing use in 2025, however they may give us long-term options.
Tricia Gee, lead developer advocate at Gradle
Flaky assessments will proceed to be a distinguished challenge for dev groups in 2025, particularly as extra firms proceed to undertake microservices. It is because groups might want to do integration testing between microservices, that are inherently flaky. It is going to be important for dev groups to prioritize figuring out and fixing flaky assessments earlier than they trigger toil and frustration for builders, and compromise the standard of delivered software program.
