Check Point® Software Technologies Ltd. announced that Infinity XDR/XPR achieved a 100% detection rate in the rigorous 2024 MITRE ATT&CK® Evaluations.
DEVOPSdigest invited experts across the industry — consultants, analysts and vendors — to comment on how AI can support the software development life cycle (SDLC). In Part 17 of this series, experts offer predictions about how AI will impact QA and testing in 2025 and beyond.
MORE CODE TO FIX
Demand for and rising use of AI in the coding process means developers are writing more code, all of which must be tested for security and quality. While AI will continue to boost developer productivity in the coming years, if underlying issues in the code development process aren't addressed, more AI-generated code will only lead to more code to fix. Organizations will need to invest in trusted, automated code-testing tools for their developers. Having the right tools at their fingertips, and applying a human lens and critical thinking, development teams will be better enabled to ensure the delivery of high-quality code.
Andrea Malagodi
CIO, Sonar
FOCUS ON BUILD AND TESTING INFRASTRUCTURE
There will be an increased focus on build & testing infrastructure: As generative AI accelerates both the speed and volume of code production, investing in tools that accelerate build and test cycles will be extremely important for maintaining code quality and effectively managing the large volume of code.
Trisha Gee
Lead Developer Advocate, Gradle
SELF-HEALING PIPELINES
A potential expansion is in the development of self-healing pipelines. While there has been skepticism about data sharing and control within CI pipelines, the concept of AI-driven troubleshooting and resolution outside the pipeline is gaining traction. Imagine an AI within your IDE, like VS Code, that can analyze build failures and provide detailed explanations based on various sources of change. This approach not only feels safer but could also lead to more reliable and efficient development processes by reducing the need for manual debugging and accelerating the identification of issues.
Michael Webster
Principal Software Engineer, CircleCI
AI CODE REVIEWS
AI-driven test generation will transform quality assurance by creating comprehensive test suites covering common and edge cases. The system will analyze requirements documents, code changes, and historical bug patterns to generate relevant test scenarios, automatically maintaining and updating tests as applications evolve. This will ensure consistent test coverage while reducing the manual effort required for test maintenance. AI code review systems will leverage vast databases of code patterns and best practices to provide more thorough and consistent reviews than human reviewers. These systems will identify subtle bugs, security vulnerabilities, and performance issues that might be missed in manual reviews while suggesting optimizations and maintaining coding standards.
Principal Application Security Consultant, GuidePoint Security
We may see AI taking on more quality assurance roles, with tools achieving high accuracy in code reviews — AWS reported 79% of AI-generated code reviews were shipped without additional changes.
Thomas Fou
VP of Compliance Services, BlueAlly
AI DOCUMENTATION AND TEST CASE GENERATION
AI documentation and test case generation will maintain perfect synchronization between code and documentation. These systems will analyze code changes in real time, automatically updating technical documentation and creating relevant test scenarios. The AI will understand complex code relationships and generate comprehensive documentation that includes examples, edge cases, and potential pitfalls.
Tristan Stahnke
Principal Application Security Consultant, GuidePoint Security
MEASURING GENUINE SOFTWRE QUALITY
Organizations will move past superficial metrics to measure software quality. In 2025, organizations will finally start to realize that generating perfect code through AI doesn't guarantee good software. The technical debt accumulated from using AI tools as quality shortcuts will force organizations to treat software quality as a serious budgetary consideration. We'll see a shift away from superficial metrics like code quality scores and deployment frequencies, as these don't prevent software architectural failures or system collapses. Instead, engineering teams will need to implement tool-driven governance that measures how systems evolve in real-time and prevents unnecessary complexity. Organizations continuing to chase quick fixes through AI will watch their systems become unmaintainable, while companies investing in genuine quality will demonstrate measurable business value through resilient, adaptable systems.
Amir Rapson
CTO, CCSO and Co-Founder, vFunction
TESTING BUDGETS GO DOWN
Testing budgets will go down — but that's not a bad thing. The migration away from open source to more intuitive, automated no-code and genAI tools will shift how technical leaders need to think about allocating resources. They'll hire fewer QA engineers, and free up budget to finance other headcount that's more critical to helping their company stay competitive, like full stack, front-end and security.
Lauren Harold
COO, Rainforest QA
HUMANS OVERSIGHT
There will be an increased need for code quality oversight: AI-generated code does not yet match the quality of developer-written code. Therefore, it requires senior developers to review and manage bloated, sometimes flawed AI codebases. Quality control and new strategies for code management will become a big priority in 2025 to help developers efficiently navigate and troubleshoot code they didn't create.
Trisha Gee
Lead Developer Advocate, Gradle
In 2025, organizations and developers will continue to embrace AI innovation to benefit the future trajectory of software development. AI-generated code and testing tools can amplify developers' productivity, enabling them to focus more on projects that align with broader business goals. The activity of conceiving, designing, and architecting a system or a feature is not only a coding detail, though; it is a craft and should not be ignored. This will be vital to development in the coming year. To that end, I predict that humans will remain integral to the testing and verification process, whether the code is AI-generated or written by developers, and organizations will wrap this into their governance use policies.
CIO, Sonar
EVOLVING QA ROLE
QA as we know it is over. The role of QA is changing as no-code and genAI tools grow in popularity. With more intuitive tooling, testing suites will more and more be managed by hybrid testing teams of product and developers, rather than dedicated specialists. The role of the QA engineer will evolve into more of a strategy architect who focuses on coverage and metrics, rather than hands-on maintenance.
Lauren Harold
COO, Rainforest QA
TESTING MOVES BEYOND QA TEAMS
2025 marks a fundamental shift in software testing: Testing is no longer confined to QA teams. Thanks to generative AI, business stakeholders and product owners can translate business requirements into well structured test cases. This is a game-changer for investing in quality from the start. The real breakthrough lies in machine learning-driven test optimization. By analyzing business impact, risk patterns, and historical data, you can determine the optimal test plan for each release. This eliminates both over-testing and under-testing and transforms QA from a technical checkpoint into a strategic business enabler. This isn't just about better testing — it's about smarter business. When your whole team can meaningfully contribute to quality, and you have data driving your test strategy, you are not just shipping faster. You are shipping with confidence. Organizations that embrace this AI-augmented, collaborative approach to testing will gain significant competitive advantages in speed, reliability, and efficiency.
Judy Bossi
VP of Product Management, Idera
Check back Monday for more predictions.
Industry News
CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.
Grid Dynamics announced the launch of its developer portal.
LTIMindtree announced a strategic partnership with GitHub.
Solace announced the addition of micro-integrations to its event-driven integration and streaming platform, Solace PubSub+ Platform.
GitGuardian has unveiled its NHI Security strategy, a transformative approach to securing the explosive growth of NHIs and the secrets they depend on.
Linkerd announced the release of Linkerd 2.17, a new version of Linkerd that introduces several major new features to the project: egress traffic visibility and control; rate limiting; and federated services, a powerful new multicluster primitive that combines services running in multiple clusters into a single logical service.
Amazon Web Services (AWS) announced new capabilities for Amazon Q Developer, a generative AI assistant for software development, that take the undifferentiated heavy-lifting out of complex and time-consuming application migration and modernization projects, saving customers and partners time and money.
OpenText announced a strategic partnership with Secure Code Warrior to integrate its dynamic learning platform into the OpenText Fortify application security product suite.
Salesforce announced a series of updates for Heroku, a platform as a service (PaaS) offering that enables teams to build, deploy, and scale modern applications entirely in the cloud.
Onapsis announced the expansion of its Control product line to include a new bundle that enhances application security testing capabilities for SAP Business Technology Platform (BTP).
Amazon Web Services announced new enhancements to Amazon Q Developer, including agents that automate unit testing, documentation, and code reviews to help developers build faster across the entire software development process, and a capability to help users address operational issues in a fraction of the time.
Amazon Web Services (AWS) and GitLab announced an integrated offering that brings together GitLab Duo with Amazon Q.
Tenable announced the release of Tenable Patch Management, an autonomous patch solution built to quickly and effectively close vulnerability exposures in a unified solution.
SurrealDB announced the launch of Surreal Cloud, a Database-as-a-Service (DBaaS) offering.