2024 DevOps Predictions - Part 6
December 12, 2023

Industry experts offer thoughtful, insightful, and often controversial predictions on how DevOps and related technologies will evolve and impact business in 2024. Part 6 covers AI's impact on DevOps and development.

Start with: 2024 DevOps Predictions - Part 1

Start with: 2024 DevOps Predictions - Part 2

Start with: 2024 DevOps Predictions - Part 3

Start with: 2024 DevOps Predictions - Part 4

Start with: 2024 DevOps Predictions - Part 5

AI-Generated Vulnerabilities

AI will play a significant role in generating code, allowing for faster development with fewer human resources. But as code inevitably becomes more like open-source software, AI-generated vulnerabilities will become a bigger concern. The speed at which AI-assisted developers work will underscore the importance of enhanced application visibility and security, as developers may lack the full understanding of their AI-generated output.
Shahar Man
Co-Founder & CEO, Backslash Security

According to one Stanford study into developer use of AI tooling, it is likely that unskilled developers using this technology will become dangerous. The study claimed that participants who had access to AI assistants were more likely to introduce security vulnerabilities for the majority of programming tasks, yet also more likely to rate their insecure answers as secure. This poses a significant issue; poor developers will be enabled to introduce security issues faster, and if anything, this will only increase the need for security-skilled developers with the knowledge and expertise to code securely and use AI technology safely.
Matias Madou
Co-Founder and CTO, Secure Code Warrior

Overconfidence in Generative AI code will lead to generated AI vulnerabilities. As more and more developers use generative AI to successfully help build their products, 2024 will see the first big software vulnerabilities attributed to AI generated code. The success of using AI tools to build software will lead to overconfidence in the results and ultimately a breach that will be blamed on the AI itself. This will lead to a redoubling across the industry of previous development practices to ensure that all code, written by both developers and AI, is analyzed, tested, and compliant with quality and security standards.
Phil Nash
Developer Advocate, Sonar

FACING THE CHALLENGES OF AI-ASSISTED CODE DEVELOPMENT

2024 will produce significant challenges to AI-assisted code development. In 2024, we will reach a threshold where we've tampered and experimented enough with AI across the SDLC that there will be an incident, a mistake, that will force enterprises to pay attention to end-to-end governance and the consequences of not having AI policies in place. DevOps teams need guidance on what they are allowed and not allowed to do with the tools they're using, with the guidance standardized into paved paths.
Wing To
GM of Intelligent DevOps, Digital.ai

The risks and challenges that come from bad code that have plagued organizations for years will be a top agenda item for the C-suite and Boards in the new era of AI. The truth is that most organizations are likely unaware of the issues that spin out from bad code … Companies are embracing GenAI so they don't get left behind, but they can't trust AI blindly. While it can speed up and democratize the process of millions — if not billions — more lines of code to be generated, this doesn't come without issues like bugs and errors, lack of readability and maintainability, as well as security and copyright problems. I don't foresee a near-term solution to this in 2024, so it is up to business leaders to ensure their developer teams are creating code that is consistent, intentional, adaptable, and responsible.
Tariq Shaukat
Co-CEO, Sonar

The need for human quality control over code will remain steadfast and grow larger as we find a balance of fast production with quality. I would say that "trust, but verify" is the slogan to live by in the year ahead, as I don't foresee a near-term solution to some of the problems that come with AI, such as hallucinations and lack of understanding of logical flow.
Olivier Gaudin
CEO and Co-Founder, Sonar

Businesses will grapple with the risks inherent in using AI technologies like copyright infringement, IP rights, security threats, and the like. Knowledge attrition is another major concern, particularly for developers who may avail themselves of AI to write code. Since that knowledge will no longer need to be retained, many will become more dependent on AI and the market will favor those who are adept at using it.
Lior Koriat
CEO, Quali

AI WON'T REPLACE NEED FOR CLEAN CODE

As AI-assisted code solutions gain steam in the software development space, those who believe it will replace the need for code quality assurance checks will likely be in for a rude awakening. While it will certainly support developer productivity and will help those greener in the field boost their skills — and even those returning to it — it is not truly functioning at that level yet ... AI-assisted code cannot, and will not, replace the need for developers to clean as they code, ensuring that code is maintainable, reliable, and secure. Human or AI-generated, this approach should be a part of every organization's software development process to ensure all code is fit for the purpose and is continuously clean. With every company's success dependent on the strength of its software, Clean Code should be a top priority if they want to succeed and reduce risk to their business.
Olivier Gaudin
CEO and Co-Founder, Sonar

TEAM COLLABORATION MAKES BIGGER IMPACT THAN AI-ENABLED PROGRAMMER PRODUCTIVITY

We'll witness a proliferation of AI-enabled tools that promise to improve programmer productivity. Many of them will deliver on the promise but towards the end of the year we'll begin to realize that, in complex and agile software efforts team collaboration has an even bigger impact than individual productivity.
Esko Hannula
SVP, Product Management, Copado

DEMAND FOR SENIOR DEVELOPERS TO KEEP AI IN CHECK

Less experienced developers, unlike more technically astute senior developers, may not be able to spot the shortcomings of code generated by AI-assisted code. I expect we'll see the demand for more senior developers increase, to help keep AI in check/oversee its involvement.
Olivier Gaudin
CEO and Co-Founder, Sonar

DEVOPS FOCUS ON PLANNING AND TESTING

The adoption of GenAI will increase the focus on the planning and Testing phases of DevOps. Planning because a well written requirement is needed for your copilot to generate the proper code. Testing, because reliance on GenAI will require that we verify the resulting code even more thoroughly than today. The tests will likely be generated from the same requirements, so this means planning is even more important.
David Brooks
SVP of Evangelism, Copado

AI Makes Progressive delivery essential

Just as software teams have begun to hone practices for getting reliable, observable, available applications running at scale, generative AI is changing everything we know about these methods thanks to its non-deterministic nature. In other words, 1+1 can equal infinity. Therefore, next year, we'll see developers start to account for infinite change when building, testing, training, retesting, and delivering new features built on AI/ML models. This will make the practice of progressive delivery even more essential for success when delivering applications at scale.
Rob Zuber
CTO, CircleCI

DEVELOPERS ACCOUNTABLE FOR AI SPEND

As AI experimentation continues to increase exponentially, with the AI bill growing alongside it, monitoring and observability tools will become mandatory for every dev team. Developer teams will be required to answer for AI spend; CFOs will not accept unbounded and unpredictable costs for much longer and there will be added pressure to prove the return on investment. So, tools that can provide insights, guardrails, and monitoring for AI deployments, especially in the experimentation phase, are going to be a critical tool in every dev team's AI arsenal.
Rita Kozlov
Senior Product Director, Cloudflare

Go to: 2024 DevOps Predictions - Part 7, covering the impact of AI on DevOps and development.

Share this

Industry News

December 12, 2024

Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.

December 12, 2024

vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.

December 11, 2024

CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.

December 11, 2024

Grid Dynamics announced the launch of its developer portal.

December 10, 2024

LTIMindtree announced a strategic partnership with GitHub.

December 10, 2024

Solace announced the addition of micro-integrations to its event-driven integration and streaming platform, Solace PubSub+ Platform.

December 10, 2024

GitGuardian has unveiled its NHI Security strategy, a transformative approach to securing the explosive growth of NHIs and the secrets they depend on.

December 09, 2024

Linkerd announced the release of Linkerd 2.17, a new version of Linkerd that introduces several major new features to the project: egress traffic visibility and control; rate limiting; and federated services, a powerful new multicluster primitive that combines services running in multiple clusters into a single logical service.

December 05, 2024

Amazon Web Services (AWS) announced new capabilities for Amazon Q Developer, a generative AI assistant for software development, that take the undifferentiated heavy-lifting out of complex and time-consuming application migration and modernization projects, saving customers and partners time and money.

December 05, 2024

OpenText announced a strategic partnership with Secure Code Warrior to integrate its dynamic learning platform into the OpenText Fortify application security product suite.

December 05, 2024

Salesforce announced a series of updates for Heroku, a platform as a service (PaaS) offering that enables teams to build, deploy, and scale modern applications entirely in the cloud.

December 05, 2024

Onapsis announced the expansion of its Control product line to include a new bundle that enhances application security testing capabilities for SAP Business Technology Platform (BTP).

December 04, 2024

Amazon Web Services announced new enhancements to Amazon Q Developer, including agents that automate unit testing, documentation, and code reviews to help developers build faster across the entire software development process, and a capability to help users address operational issues in a fraction of the time.

December 04, 2024

Amazon Web Services (AWS) and GitLab announced an integrated offering that brings together GitLab Duo with Amazon Q.