Agentic AI Expansion Across SDLC – Building Trust in AI

Analyst(s): Mitch Ashley
Publication Date: October 14, 2025

AI in software development is rapidly moving beyond code generation to become an active participant across the entire software lifecycle. Microsoft, GitHub, Pulumi, ServiceNow, Splunk, Dynatrace, and other vendors are embedding agentic AI that can plan work, enforce security, and operate infrastructure, shifting from AI assistants to functional digital team members while raising the stakes for transparency, governance, and built-in security.

Key Points:

• AI in software development is quickly expanding beyond code generation.
• Recent announcements from major vendors show AI is expanding beyond coding assistants and into broader work across the software development lifecycle (SDLC).
• AI is shifting from a conversational assistant to an agent that acts as a team member.
• This new generation of AI agents can plan work, enforce security guardrails, and operate infrastructure.

Overview:

Artificial intelligence in software development is rapidly evolving beyond code generation to become a full partner in the SDLC. After two years of headlines about tools such as GitHub Copilot and Claude Code accelerating coding, major vendors now signal a deeper disruption: AI is shifting from conversational helper to autonomous agent. These new “agentic” systems plan work, enforce security, and operate infrastructure, acting as true team members rather than passive assistants.

Three forces drive this shift. First, large language models and multi-model platforms have matured enough to support early production-grade agents. Second, economic pressure pushes organizations to use AI to reduce operational toil and cost, not just speed coding. Third, developer and operations teams, fatigued by alert overload and system complexity, are eager for AI that simplifies and secures their work.

Figure 1: Organizations Are Counting on AI’s Benefits

Recent product launches illustrate the trend. Docker released Compose Agents and an MCP Gateway, enabling YAML-defined agentic AI and orchestration through the open Model Context Protocol (MCP). Microsoft introduced Agentic DevOps at Build 2025, where Copilot Agent Mode autonomously fixes bugs, reviews code, and deploys applications. GitHub’s Copilot Agent upgrades create pull requests and handle multi-file edits. GitLab’s Duo Agent Platform refactors code, generates tests, and optimizes CI/CD pipelines, while GitHub Actions now triages issues and generates release notes automatically.

“AI, agents, and early agentic AI are appearing in software organizations beyond developer IDEs and command line tools. We are seeing a rapid rise in vendors releasing AI solutions for planning work, building agents, fixing software issues, AI model flexibility, infrastructure management, and operational monitoring and troubleshooting”, said Mitch Ashley, VP and Practice Lead, Software Lifecycle Engineering at Futurum.

ServiceNow’s Zurich release adds a Build Agent and an AI Control Tower for governing agents. Pulumi’s Neo agent executes and governs cloud infrastructure. Observability vendors such as Splunk and Dynatrace unveiled troubleshooting and remediation agents, while BMC, Datadog, and others are embedding AI into monitoring and AIOps.

AI is also becoming a built-in workflow layer rather than a bolt-on chatbot. Microsoft’s Agentic DevOps integrates agents directly in IDEs such as VS Code and JetBrains. GitHub’s multi-model ecosystem lets teams choose among leading LLMs, and Azure AI Foundry now routes tasks to the best model. Atlassian’s Jira AI automatically breaks down epics into subtasks and adds data-loss safeguards. These integrations mark a shift to native automation surfaces that simplify and secure development work.

Security is evolving toward “found means fixed.” Vendors such as GitHub, Docker, Splunk, Dynatrace, Perforce/Delphix, and CrowdStrike are embedding AI to automate detection and, in some cases, remediation of vulnerabilities and secrets. This proactive approach addresses both escalating cyber threats and the fatigue of manual alert response.

Entering the Trust Building Phase

To compete, vendors must innovate quickly while earning user trust. That requires transparency, explainability, audit trails, and human-in-the-loop controls so users can oversee and, when needed, override autonomous actions.

Those who focus on SDLC-wide outcomes, embrace open standards such as MCP and Agent-to-Agent protocols, and build security and governance into their solutions will win customers. Early production use of agentic pipelines, broader “auto-fix” capabilities, and enterprise AI governance dashboards will be key signals to watch as agentic AI moves from pilot to mainstream.

The full report is available via subscription to Futurum Intelligence’s Software Lifecycle Engineering IQ service—click here for inquiry and access.

Futurum clients can read more about it in the Futurum Intelligence Platform, and non-clients can learn more here: Software Lifecycle Engineering Practice.

About the Futurum Software Lifecycle Engineering Practice

The Futurum Software Lifecycle Engineering Practice provides actionable, objective insights for market leaders and their teams so they can respond to emerging opportunities and innovate. Public access to our coverage can be seen here. Follow news and updates from the Futurum Practice on LinkedIn and X. Visit the Futurum Newsroom for more information and insights.