It’s impossible to know what will happen in the future, but we make our best guesses every year around this time anyway!
As 2025 comes into focus, several of the Sonar leaders put pen to paper on what they foresee in the coming year for software development as AI continues to bleed into every element of technology. From code accountability to security, to the role the channel will play… here is what some of our leaders are thinking about for the new year:
Tariq Shaukat, CEO — A “Trust and Verify” Approach Will Bolster Code Quality Assurance in the Age of AI
AI is already transforming the way developers work, streamlining processes and alleviating the repetitive nature of writing code. By 2027, 70% of professional developers will be using AI-powered coding tools. Google’s CEO recently said that already more than a quarter of all new code at Google is generated by AI. However, as adoption grows, a major challenge is emerging: code accountability. AI-generated code must undergo rigorous review to identify potential security vulnerabilities and quality issues early on – before they can lead to costly problems. Yet, the responsibility for ensuring this review often gets overlooked.
In 2025, as AI tools become essential for developers, they'll need to take greater responsibility for code accountability. By integrating a "trust and verify" approach early in the Software Development Life Cycle, developers can save time and increase their capacity to tackle large-scale projects that drive business success. The same level of scrutiny applied to human-written code must be extended to AI-generated code. With human oversight embedded throughout the workflow, development teams can ensure that AI-driven code meets established quality and security standards.
Andrea Malagodi, CIO — Developers Will Embrace Automated Testing Tools to Ensure AI-Generated Code Quality
We should embrace AI innovation to benefit the future trajectory of software development. AI-generated code and testing tools can amplify developers' productivity, enabling them to focus more on projects that align with broader business goals. However, AI is a complement, not a replacement, of developers’ skills, and business leaders must recognize this important distinction. The activity of conceiving, designing, and architecting a system or a feature is not only a coding detail, it is a craft and should not be ignored.
Humans must remain integral to the testing and verification process, whether the code is AI-generated or written by developers. The demand and rising use of AI in the coding process means developers are writing more code, all of which must be tested for security and quality. At a minimum, all code should undergo rigorous testing, with multiple control checks established by developers to trust and verify code at each stage of development.
While AI will continue to boost developer productivity in the coming years, if underlying issues in the code development process aren't addressed, more AI-generated code will only lead to more code to fix. Software teams need to utilize trusted, automated code testing tools and apply a human lens and critical thinking to ensure the delivery of high-quality code they can be confident in.
Johannes Dahse, Head of R&D — “Starting Left” Will Take a “Shift Left” Approach One Step Further
We can’t ignore the importance of teams incorporating early testing and analysis in the development process. Only by catching issues and vulnerabilities quickly from the very beginning can they have confidence in the software they deploy. I believe more organizations will come to this realization next year and we will start to see a real move from a “shift left” approach to “start left” — taking the concept a step further to ensure the security, viability, and longevity of software as code is written and developed.
Especially as AI adoption grows to boost code writing, code quality and detecting vulnerabilities should remain at the top of companies’ priorities for 2025, making a proactive investment in security tools and methods to mitigate business risks. Doing so enables teams to significantly reduce the risk of critical vulnerabilities and save themselves time as well as increase productivity. By adopting robust code quality measures early, companies can prevent vulnerabilities, safeguard data, and maintain compliance, reinforcing AI’s value in the development process.
Jim DeCarlo, VP of Channel, AMERS — Channel Partners Will Provide AI Integration Solutions for Developers
This past year, all the buzz was about AI. Companies are looking to AI for innovation and efficiency. The question is, how do we take advantage of the promise of AI and get measurable business-impacting results? My prediction is that channel partners will bring the answers and the solutions. Especially when it comes to ensuring proper integration of AI in the software development lifecycle — partners have a tremendous opportunity being that they’re so in tune with the industry, what technology problems to solve, and what solutions can address them best. It would be great to see some sort of metric around Return or AI investment, possibly R.O.A.I.I if you will.
Ending where we began, here’s one more prediction from our CEO Tariq to wrap things up.
Tariq Shaukat, CEO — Business Success Will Depend on the C-Suite Putting Software Center Stage
Next year, we will see more executives and boards of directors put “software as a critical business asset” to the top of their agenda. When bad code costs organizations $2.41 trillion in the U.S. alone, it shouldn’t be a question anymore of how important software is to business, but how do we ensure it is a competitive differentiator and doesn’t put our business at risk?
Organizations strive to protect their codebase against risks, yet often, the focus on code security tends to emerge later in the development lifecycle rather than as an initial investment in secure-by-design practices. I believe we will see the C-suite mindset shift to see software in a new strategic light and build software quality into the fabric of the way business is done. Especially as AI-generated software development continues to pick up steam, it is the responsibility of CEOs and boards to put mechanisms in place that uphold and maintain code quality and security during development. The future of digital business depends on it.