The breakthrough advancements in computing power, deluge of data, and ever-sharpening algorithms have converged to make AI the defining technology of our age.
Across industries and across continents, AI has become the focal point for innovation and disruption, for the very future of how work gets done—now operationalized and embedded into core processes, from customer service and supply chains to product development itself.
“We have to be leaning into AI,” says Steve Rodda, CEO of Ambassador, an API development company that offers solutions to accelerate development, expedite testing, and optimize the delivery of API resources. “AI is drastically improving the quality and speed of development.”
Rodda is one of many CEOs steering their developers towards more AI in everyday practices to stay ahead of the curve. I turned to notable leaders in the space to understand how AI is reshaping developer workflows—from testing to deployment.
AI is speeding up the way developers work
Think about development speed first. AI can analyze code in seconds and quickly find issues that humans might otherwise miss. It can also act as an extra layer, helping catch errors early on. “AI can be great for flagging potential refactors, especially in repetitive code patterns,” Rodda explains, “and for spotting security vulnerabilities early in the pipeline.” It’s not about replacing developers, he stresses. “AI is about augmenting their abilities and making us all more productive and innovative. It’s a tool to make work more enjoyable for developers in the long run.”
And consider developer workload. No one enjoys endless, boring tasks. AI can handle the drudgery. “Developers should let AI do the heavy lifting so they can focus on the important development,” suggests Nick Durkin, Field CTO at Harness, an end-to-end software delivery platform. He believes AI can remove the worst part of developers’ jobs and alleviate some of the most pressing issues like toil and developer burnout.
Durkin uses a restaurant analogy to describe developers’ best use of AI, “they’d want it to handle prep work and cleaning. In the same way, developers should let AI handle the toil so they can focus on the creative and complex aspects of development that require human expertise.”
For teams contending with shorter deadlines and aiming for faster cycles and higher quality, AI in CI/CD pipelines yields efficiency and performance gains. “For teams looking to increase their velocity without sacrificing quality, embedding AI in your CI/CD pipeline is a no-brainer,” Rodda says.
But where is AI already showing its value?
Beyond the code review, AI’s most tangible impact so far is in specific development workflows. Pull request analysis is one standout area. Long, complex pull requests often overwhelm human reviewers. “AI is especially useful for pull requests in the code review process, particularly for longer PRs that human reviewers find overwhelming,” notes Itamar Friedman, CEO & Co-Founder of Qodo. Why is AI so effective here? Because it can process massive codebases to find connections humans simply miss. “AI efficiently processes large codebases and fetches relevant context from multiple sources,” Friedman explains. “Including how changes might impact other repositories, similar to how Google efficiently scans countless websites.” For sprawling, interconnected systems, this ability to perform “large-scale analysis across complex systems” becomes a critical advantage, going far beyond what human teams can manage manually.
Compliance is another specific area showing tangible improvement with AI. In highly regulated industries, code checks are not just best practice – they are mandatory. “AI is great for automating compliance checks in regulated industries,” Friedman states, “validating code changes against requirements while creating audit trails for regulatory standards.” This automation isn’t just about speed. It’s about building quality directly into the process, reducing risk and making audits smoother.
And for developers’ everyday coding tasks outside of just the review, AI offers immediate assistance. “An early win for GenAI is code assistance,” points out Rob Whiteley, CEO at Coder. Think code completion and auto-commenting. For “redundant or mundane code writing,” he explains, “auto-completion can be very helpful.” This isn’t just a minor convenience. It’s about freeing up developer brainpower from routine tasks. Moreover, AI’s analytical abilities extend to finding subtle issues humans might miss, even “edge cases,” as Friedman highlights, those tricky scenarios easily overlooked in complex code.
The human side is always essential for security
Of course, AI can’t do everything. Can it truly replace human reviewers? Most experts believe human oversight is irreplaceable (for now!). Interestingly, AI’s strengths and weaknesses are not always where you might expect. “AI excels at finding edge cases and performing large-scale analysis across complex systems,” Friedman reasons. “But it still can struggle with the straightforward issues that humans are naturally good at.” Surprisingly, he added, “These ‘easy-to-catch’ bugs are where human reviewers will shine.”
Security remains a top concern. “AI-powered code reviews can indeed streamline workflows,” says Josh Jacobson, Director of Professional Services at HackerOne. “But without human-in-the-loop processes, they risk introducing flawed code that is riddled with security and privacy issues.”
Jacobson worries AI could enable less experienced developers to write insecure code, “without the training or best practices needed to secure it.” Removing human review entirely creates major security risks. “Humans are being removed from essential parts of the development loop, which creates gaps in code quality ripe for attackers to exploit,” he warns.
The most advanced AI can make damaging mistakes, Jacobson explains. “Even the best models can still be prone to hallucinations and errors, which could cause more harm than good.” And so, for responsible AI adoption in development, “Organizations adopting AI for development must include human oversight into code review processes,” Jacobson stresses, “to catch security flaws early and ensure applications remain resilient against traditional and emerging threats.”
Human reviews bring irreplaceable value beyond just finding bugs. “But human PR reviews often feel like an exercise in marking off a checklist,” says Sean Falconer, AI Entrepreneur in Residence at Confluent, a data streaming platform. Engineers often prefer coding to reviewing. “They’d rather build than review, and no one gets promoted for great PR feedback.”
But even if some human reviews are basic, AI can still miss important context, business logic, and subtleties. AI “can outperform shallow human reviews, catching issues faster and more consistently,” he notes. Yet, “even a 1% failure rate can be costly.” Therefore, “keeping humans in the loop is still good practice.” Human reviewers excel at: “pattern matching, understanding team preferences, and focusing on what matters most – where things could go seriously wrong,” Friedman adds. Human oversight “will remain necessary even as AI-driven analysis becomes more sophisticated,” he believes, because: “Software failures are a ‘death by 1000 cuts’ – they come from many different types of issues, that require multiple approaches to catch them all.”
Trusting AI: Technique, task, and human control
How much should we trust AI? It depends on the AI and the task, says Toffer Winslow, CEO at Diffblue. AI assistance can be leveraged throughout the software development lifecycle (SDLC). It’s about understanding the AI’s strengths and weaknesses. Large language models (LLMs) are widely applicable but have limitations. “LLMs have broad applicability across the entire development process, but their intrinsic probabilistic nature leaves them vulnerable to imprecision and even hallucination,” Winslow explains. This imprecision means LLMs require human oversight, meaning they can’t be fully trusted without considerable human oversight.
For tasks that require high accuracy, AI types besides LLMs might be more suitable. “AI techniques, such as reinforcement learning, have an important role to play – either instead of in partnership with LLMs – when precision and accuracy are important,” Winslow points out. Smart AI adoption means being technically informed and adjusting human involvement as needed.
In the realm of ensuring the highest software quality, Friedman argues that AI must be integrated at multiple stages of the development life cycle. He emphasizes that AI must be, “- in IDEs where code is written, in code reviews, in CI/CD pipelines, and when code is actually running.” AI’s power comes from its ability to do things humans can’t. “What makes AI particularly powerful is its ability to perform parallel analysis that would be impossible for humans in a reasonable timeframe – running UX/UI tests, checking integration between microservices, and performing specialized unit tests simultaneously,” he notes.
Friedman stresses that this multi-phased AI approach is simply good. “No single workflow or simple AI can catch all potential issues…Instead, connecting AI with traditional algorithms like mutation testing and static code analysis across the entire development process creates a safety net that catches more issues before they reach production.”
Developers in the driver’s seat
So, is AI replacing humans? No. Consider AI’s speed, precision, and scope with human expertise and judgment. AI handles routine work and flags potential problems. And humans provide crucial context, security oversight, and decision-making.
“Human developers should maintain control over approvals and final decisions, with AI serving to augment rather than replace human judgment and domain expertise,” Friedman asserts. Humans “must retain ‘the driving wheel‘ to determine which alerts, tests, and suggestions are truly relevant.” The future isn’t AI taking over, but “giving them significant computing and intelligence power to focus on critical decisions rather than edge cases they don’t have time to address anyway,” he believes.
AI supplements developers, not replaces them. For developers concerned about AI, Ambassador Rodda offers a broader perspective: “People in the past have thought the same thing about the internet, Google, and any kind of major technological advancement. So, for teams looking to increase their velocity without sacrificing quality, using AI where appropriate is great. For example, we use it to generate code in our tool, Blackbird, but we also understand it can’t and should not be responsible for the entire development workflow.”
In the end, I think we should all see AI as a means to amplify our capabilities. “If you see yourself as someone using tools to complete your vision, then AI tools just mean you can do more and expand your vision,” Rodda encourages. Focus on the business problems and challenges, and you’ll be fine. If you focus solely on the programming, you’ll be in trouble. It’s no different with AI.”
AI can also improve developer jobs overall. “AI can remove the worst part of developers’ jobs and alleviate some of the most pressing issues in the space, like cognitive overload and developer burnout,” Durkin believes. Let AI handle the “toil”—”prep work and cleaning.” Then developers can focus on “what they love: coding!” Maybe AI isn’t about replacing human reviewers at all. Maybe it’s about making them – and all developers – more effective, more creative, and even happier in their work. “This allows people to focus on what they’re best at,” he notes. “Instead of requiring all developers to be generalists, AI can handle tasks people may not enjoy, allowing specialists to focus on their strengths.”
The path forward
Looking further ahead, AI could even change what “developer” means. “GenAI’s real benefit will be expanding the definition of a developer,” says Whiteley. “No-code tools enable those in any role to act as software developers, prototyping and generating applications. Within a year, anyone with a business problem will be able to create a working application to solve it.” AI could democratize development itself—a change that’s as exciting as it is unnerving.
“AI is fundamentally reshaping code review because it’s changing how software is built and how developers work. And yes, human oversight remains very important, especially for security and complex, nuanced problems. But AI is undeniably a powerful tool. Used comprehensively across the SDLC, it can make code review faster, catch more issues, reduce developer toil, and free up developers to focus on higher-level, strategic work,” Rodda concludes.
The future of code review isn’t AI or humans—it’s humans and AI, working together for better code, better security, and better developer experiences.
