Presented by Outshift by Cisco
Generative AI has been a step-function change for business productivity — and agentic AI is showing a huge amount of promise for software development and developer satisfaction in particular. In a world where software underpins every aspect of our lives, from smartphones to smart cities, the way we develop and secure code is undergoing a seismic shift. Agentic AI is emerging as a powerful force, not just augmenting developers’ capabilities, but fundamentally transforming the entire software development lifecycle.
Unfortunately, a recent GitHub survey reports that developers are spending the bulk of their time on very necessary but still incredibly dull and repetitive issues like bug fixes and waiting around for builds. This is where agentic AI steps in, promising to reshape the landscape of software development.
“In the current landscape we’re trying to minimize the mundane, the routine that every developer has to go through to take their innovative software development problems and deploy them into production,” Vijoy Pandey, SVP of Outshift, told VentureBeat. “Right now, we’re in the world of assistants that provide suggestions, code snippets, security suggestions, remediation code and so on to ease the entirety of the software development life cycle.”
GitHub Copilot is helping their developers write up to 60% of the code they’re producing, and it’s still early days.
It’s a game changer, agreed Mike Hanley, chief security officer and SVP of engineering at GitHub, especially as the ability of these AI agents begins to extend across the whole of the software development process, start to finish. The productivity gains in GitHub have been huge, he added, with GitHub Copilot helping their developers write up to 60% of the code they’re producing, and it’s still early days.
“We’ve really only had generally available AI tools for less than two years, things that you could just swipe a credit card and get,” Hanley said. “We’ve already seen meteoric adoption, certainly inside GitHub. We believe it’s fundamentally transforming how developers are building software.”
Agentic AI: more than just another assistant
Agents are proactive, able to handle complex workflows independently, and they’re also highly specialized for specific domains.
“Think of agentic AI as a collection of tireless, expert colleagues,” Pandey said. “Just as no single human handles the entirety of software development in an enterprise, a collection of AI agents will act as specialized subject matter experts that come together, collaborate, learn and solve larger problems, though humans will always remain in the loop.”
Agentic AI can give DevOps teams the opportunity to hit gate reviews, have a more streamlined CICD process and be more aggressive on their overall go-to-market strategies. Another huge part of the picture: It can help bake in security and privacy by design, from the start, which is exciting for enterprise app development — particularly at a time in which SecOps specialists are thin on the ground.
Security by design
Until now, security value has been added relatively late in the software development life cycle, usually as part of test feedback long after the code’s been written and checked in. The transformation underway now with agentic AI is pretty radical, Hanley said.
“Not only are you going to have somebody right there with you as you bring your idea to code, which many developers have today in the form of Copilot, they’re literally getting secure suggestions from a model that has security expertise they may lack from the outset,” he explained. “This is the cheapest place to have security experience embedded into what a developer is doing. But you’re also getting a more effective outcome from the more traditional place where security is injected, at test time.”
A bug-detecting agent can be integrated all along the workflow along with other agents that are building code or documentation.
For example, Copilot Autofix, which is now generally available, offers natural language explanations of potential issues in real time, and then a one-button fix. It’s an example of how agents work in very particular arenas to solve specific issues, and many times faster than a human can. The time that it takes to resolve a vulnerability is dramatically reduced. A bug-detecting agent can be integrated all along the workflow along with other agents that are building code or documentation and so on. Software development becomes synonymous with security in a way that keeps developers completely productive, and usually even more so, with none of the friction associated with legacy approaches to security.
“That’s the magic you want from a developer experience standpoint,” Hanley added. “If you think about security as one of the bigger risks we have as a society in terms of our dependence on software for everything we do, from driving our cars to keeping our refrigerators at the right temperature, AI will be the thing that transforms software development by preventing vulnerabilities from appearing in code.”
The traditional model today is to say, ‘Here’s your backlog of security vulnerabilities we need to fix.’ Now, with agentic AI, found means fixed. This is a big transformation.
That means helping devs write more securely at the outset while preventing issues from escaping. And agents can even go back to sweep up decades of technical debt in the open-source or legacy software that everything else is built upon.
“There’s no amount of humans we can hire to work on some of those problems, no amount of resources that we can put against them, but AI, particularly with agents that are good at specific things, puts us in a position to succeed with security in a way we’ve never seen before,” he added. “The traditional model today is to say, ‘Here’s your backlog of security vulnerabilities we need to fix.’ Now, with agentic AI, found means fixed. This is a big transformation.”
Agents will also be a huge win for the SecOps and other IT ops teams that collaborate with the DevOps teams — those who monitor on-cloud and on-prem environments, work to secure identities and access, lock down systems and software, clean data and more.
“Agentic workflows, when it comes to security or scale or bias-free development and other IT ops — especially those that use infrastructure-as-code practices to secure and scale their environments — will drive productivity in those domains as well,” Pandey added.
Preparing for agentic workflows in software development
The agentic framework world is relatively new, and we’re still in the world of AI assistants for the most part. The way to prepare for the future of AI agents is to embrace those assistants, start deploying them in smaller use cases, then start scaling them out within your organization. That helps you prepare from a security and responsible AI standpoint, as well as gets your code repositories in a place where they can they be used to train assistants now, and agents in the future.
Sooner rather than later you will see the mundane, rote, time-consuming functions get consumed by AI agents.
“You can’t sink your head in the sand,” Hanley said. “You have to figure out what this means for your business and how you’ll use it to accelerate, otherwise it creates very serious competitive, if not existential risks, for folks who don’t.”
“Sooner rather than later you will see the mundane, rote, time-consuming functions get consumed by AI agents,” Pandey added. “Humans will be left to solve for what we do best, which is higher-order problem-solving.”
For those ready to embrace this change, the future of software development looks brighter than ever. The question now is not if, but when and how quickly organizations will adopt these game-changing AI agents. Are you ready to step into this new era of software development?
Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact