When organizations shift from traditional DevOps workflows to AI-augmented pipelines, they’re doing more than plugging in a new tool. They’re re-wiring how code is produced, reviewed, tested, and deployed. According to a new report from Enterprise Management Associates (EMA) and sponsored by Perforce Software, “62% of organizations cite security and privacy risks as their top concern with AI in DevOps” (Perforce, 2025).
Developers, once tasked with building features line by line, are increasingly becoming overseers. The study reveals that 57% now spend more time reviewing code, enforcing standards, and auditing outputs than actually writing code. More than half are also involved in validating AI-generated suggestions and monitoring for security or compliance issues. As Jake Hookom, EVP of Products at Perforce, puts it, “Human oversight has become a critical function… we need to focus on applying AI to the interactions between different teams… to connect AI investments to business goals” (PR Newswire, 2025). In practical terms, the developer's primary job is no longer just to write code; it’s increasingly to guide, validate, and oversee AI-generated outputs.
That change is delivering results. Engineering teams report measurable returns: 70% say code quality and defect reduction is the primary benefit, while 62% cite improved productivity. Some are also seeing accelerated delivery timelines: 49% report faster time-to-market and 43% report better onboarding for junior developers. Although AI is elevating how teams learn and scale, the overall ROI picture remains narrowly framed, focusing on internal gains rather than market impact. That signals a gap between operational success and strategic alignment.
Still, these benefits exist alongside growing pains. Developers and leaders alike are confronting what the report calls the “duality of impact.” While AI tools improve formatting, testing, and review consistency, they also introduce new risks. More than half of respondents worry about vulnerabilities or subtle bugs introduced by AI-generated code. Nearly 70% fear overreliance on these tools, while 61% voice concern about “blind faith” in their outputs. Despite the hype, 57% report neutral or even negative experiences when AI-generated suggestions disrupt workflows due to poor code quality or incoherent tests.
As DevOps teams embed AI deeper into CI/CD pipelines, questions pile up: Who is accountable for flawed outputs? How do we validate models? What mechanisms catch edge-case errors that automation might miss? Dan Twing, President of EMA, warns that “tool sprawl, interoperability gaps, and the difficulty of orchestrating AI assistants” are already impeding scalability (PR Newsire, 2025). Without unified oversight, AI’s fragmentation becomes a liability, turning quick wins into systemic debt.
Whereas organizations try to scale these practices, structural issues loom larger than technical ones. Nearly half of survey respondents say they use non-approved AI tools, a clear sign of decentralized experimentation. But this also creates fractured governance, inconsistent quality, and unmanaged risks across teams. Add to that the top requests for AI improvement: real-time vulnerability detection (55%), test generation (53%), and better DevOps orchestration (46%)…. Then the message is quite clear: teams want AI not just to do more, but to do so safely and cohesively.
AI in DevOps requires more than installation: it demands orchestration, accountability, culture shift, and governance. The tools give developers speed; only the organizational systems provide them with scale and safety.