Beyond shift left: How "shifting everywhere" with AI agents can improve DevOps processes

Imagine ordering food for a dinner party, but the delivery robot transporting your meal gets stranded because it can’t navigate the uneven sidewalks in your neighborhood. Or because its GPS system isn’t equipped to find detours around a nearby road closure.   

Or worse yet, the robot arrives but your food is missing—cybercriminals hacked the delivery service’s authentication protocols and took your meal (and your personal data).

Without advanced testing and security practices to match today’s software environments and cybersecurity threats, DevOps teams, and the end users who rely on their products, might encounter such problems with greater frequency. Many customers would get frustrated and move to another delivery service (no one likes being unexpectedly hungry), and the business would feel the impact of that frustration in their bottom line.

Agentic AI tools can help the delivery service’s development team avert such issues. For example, the team could use agents to create a comprehensive test suite that identifies flaws and security vulnerabilities during the coding phase, well before delivery robots fetch their first order.

In fact, agentic AI tools can use multi-agent “teams” to create high-fidelity digital twins that simulate real-world challenges the robots might encounter, enabling developers to test code behavior and dependency interactions before they start coding. This constitutes a “shift left,” moving testing and quality assurance practices earlier in the software development lifecycle.

With the complexity of modern software systems, and the demand for greater agility and collaboration, that focus on early detection has evolved into the more comprehensive DevSecOps practice of “shift everywhere.” A shift everywhere approach aims to “automate the integration of security and security practices at every phase of the software development lifecycle.”

This is a big task—practically and culturally—one that has driven many enterprises to more fully explore how they can leverage the capabilities of AI in DevOps practices. Among the newest of those technologies is agentic AI, which can:

• Execute multi-step tasks. AI agents can break down high-level goals into smaller subtasks and carry tasks through multiple stages to completion.

• Adapt in real time. AI agents can adjust their behavior and plans based on new information or changing conditions.

• Collaborate on task and workflow orchestration. Agentic AI systems can coordinate and communicate with other AI agents to achieve shared objectives.

• Improve themselves over time. With features like reinforcement learning, AI agents can learn from experiences, improving their decision-making and adjusting strategies over time.

Agentic AI tools also have autonomous decision-making capabilities, and businesses are excited about the possibilities.

According to the IBM Institute for Business Value (IBM IBV), “86% of executives say that by 2027, AI agents will make process automation and workflow reinvention more effective.” Nearly 80% of senior executives have already adopted some form of agentic AI at their companies, and 19% of businesses are deploying agentic AI at scale.

Intelligent AI agents can now orchestrate software development, deployment, monitoring and upgrades. They can make shift left and shift everywhere practices more manageable for overburdened developers, who might not always have the bandwidth to thoroughly test and secure software before it’s deployed.

“Shifting left” is the strategic practice of moving tasks—such as testing, issue identification and resolution, and security—to earlier stages of the software development lifecycle. It enables teams to discover problems (ideally) during coding, instead of deployment. The term comes from visualizing the development process from left (coding) to right (deployment), so weaving critical activities into the coding phase is tantamount to shifting them left in the lifecycle.

However, shift left approaches can be challenging to implement and maintain, because they shift extra responsibilities to developers that might ordinarily be completed by specialists and subject matter experts.

In this shift, developers and other team members must embrace testing, security, issue management and cross-team collaboration tasks as a regular part of their workload. Adding such responsibilities without reducing workload can reduce the amount of time developers spend writing high-quality code and solving programming problems.

Though agentic AI is still a new technology (with its own adoption challenges), it can help teams address the difficulties associated with shift left implementations, especially those that affect developer productivity.

Moreover, agents can be especially helpful for businesses transitioning to a “shift everywhere” approach. Whereas shift left focuses on integrating security and testing earlier in the development lifecycle, shift everywhere means incorporating security, monitoring and testing into every phase, including coding, building, deployment and runtime. The goal is to secure every app, every technology and every deployment through the lifecycle.

“Shift everywhere resonates more with the complexity of modern software systems and the need for shared responsibility across teams and stages,” says IBM software and DevOps developer Billy O’Connell. “But what we’re really seeing is a hybrid model emerging—one that borrows the best elements from each approach. It’s about using the right tools and mindset for the right context.”

Agentic AI is “an artificial intelligence system that can accomplish a specific goal with limited supervision.” AI agents use large language models (LLMs), natural language processing (NLP) and machine learning (ML) to design their own workflows, perform tasks and execute processes on behalf of users and other systems.

In an agentic AI system, multiple AI agents coordinate their efforts to orchestrate or perform complex tasks and take on bigger goals than any one agent could handle.

AI agents extend automation far beyond predefined scripts. Unlike chatbots and other AI models, which operate within predefined constraints and require human intervention, AI agents and agentic AI are autonomous, context- and goal-driven, and adaptable to changing circumstances. They not only complete tasks but also learn from the past, adapt to the present, and predict the future.

Using agentic AI does require business leaders, product teams and engineers to collaboratively establish high-level objectives and set parameters, so AI agents can’t (and shouldn’t) operate without any human involvement. Rather, AI agents enable human-in-the-loop development practices, where agents work alongside DevOps engineers and teams to help human beings meet goals faster.

In essence, humans define the what and the agents figure out the how by planning and executing the actions necessary to meet those goals within the provided parameters.  

Businesses are increasingly turning to agentic AI systems to manage, streamline and accelerate DevOps processes and improve continuous integration/continuous delivery (CI/CD) pipelines.

Agents can, for example, review code changes for syntax errors, make refactoring suggestions and verify corrections before the changes are integrated with the codebase. They can also accelerate innovation. “[Agents] enable rapid prototyping of ideas I’ve long wanted to implement. Whether for personal productivity or team efficiency, agentic AI helps turn concepts into usable tools, reducing the burden of mundane tasks,” says O’Connell.

Agentic AI is useful for a range of use cases, but let’s discuss four major processes in more detail.

Agentic AI tools continuously scan observability data (such as metrics, logs and traces) and other data streams (such as user feedback signals) from a range of sources in real time.

This process includes querying databases, process logs, historical data and open source dependencies, and connecting to application programming interfaces (APIs) to identify and fill data gaps. Assuming external data is within their parameters, agents also incorporate market and industry data to enrich their context-awareness before forming hypotheses or sending notifications to IT teams.

Using ML capabilities, agents identify data patterns and link structures, learning what constitutes normal system behavior, dynamically tuning themselves over time, and tracking deviations from established baselines.

Agentic AI tools are equipped to detect several types of anomalies, whether they’re individual irregular data points, clusters of abnormal data or contextual anomalies (sudden decreases in e-commerce site traffic on Black Friday, for instance). They can also autonomously adjust baselines as conditions change and identify hidden, multidimensional relationships that might require further investigation.

To complete the same process with a traditional, static AI model, developers would have to manually retrain the AI tool as baselines change, increasing the likelihood that false positives or negatives will occur.

In fact, static models tend to require more human input and tuning across functions.

They rely on predetermined rules and simpler statistical checks that can obscure complex relationships between variables. This ambiguity forces developers to manually correlate data and define relationships. And because static AI models often lack the context sensitivity of agentic AI models, they tend to treat all anomalies equally, leaving developers to triage issues.

Agentic AI testing tools can generate smarter, more customized test cases, expanding test coverage across the environment.

Agentic AI analyzes application source code, user interface (UI) structure, software requirements, user flows, API responses, defect history and existing test artifacts to understand and decide which tests to run. Developers can also create scenarios (“customer adds meal items to cart and checks out,” for example) and have AI agents convert them into actionable test scripts to identify any issues that might arise in the process of executing specific set of actions.

Agentic AI tools continuously adapt software tests in real time, learning from previous tests and implementing test protocols based on previous results and mission criticality. These features help ensure that testing is timely and coverage is targeted (but comprehensive).

When developers change the code logic or update the user interface, for example, agents can detect the changes during test runs and automatically update the relevant tests. If a piece of code has a security vulnerability or uses an unusual code pattern or language construct, agentic AI tools can recommend it for local or unit testing, isolating the code and further testing it to pinpoint the issue. 

In fact, once AI agents understand what an application should do, they can generate test scripts and cases before developers write the code, so development teams can focus on code quality.

Agentic AI-assisted correlation features link related alerts across users, environments and API endpoints, parsing meaningful alerts from superfluous signals, reducing alert volume and alert fatigue for development and operations teams.

A key component of shifting left in alert correlation is embedding intelligence at the source, that is, using agents to analyze raw data streams as the data arrives. This approach enables real-time correlation and helps teams move from a reactive position to a proactive correlation and remediation strategy.

Agentic AI systems use sophisticated ML algorithms to analyze historical and real-time alert data, correlating data points based on timing, source, event type, affected systems and behavioral patterns, among other attributes.

Agents dynamically gather context—including IP addresses, user IDs and device status—around each alert. With the enriched data, agents can map incidents and identify commonalities. For example, if the agent notices a failed login attempt at an unusual hour and irregular file access from the same account, it can correlate the data points and indicate a potential breach attempt.

Once a set of alerts is grouped, the agent presents them as one unit. An event that might have generated two separate alerts—one for the login attempt and one for the file access—will only create and send one alert (for the breach) to the developer. And instead of fielding and triaging exhaustive notifications from individual events, IT teams can trigger actions and remediation workflows against the entire signal group.

Furthermore, AI agents can construct entire incident stories. If a feature crashes, agents can trace root causes and feature performance over time, creating a comprehensive report that IT staff can use to address the issue. The agents can also “remember” the crash details, enabling developers to simulate the conditions in future testing rounds and find code flaws in new iterations or applications.

Agentic AI systems help automate vulnerability detection, exploitability testing, root cause analysis and threat resolution during the coding process, so developers can worry less about manual code reviews.

AI agents don’t wait for security alerts. Rather, they continuously hunt for suspicious behaviors by analyzing security logs, network traffic, source code and threat intelligence feeds in real time. They can then generate hypotheses about potential threats, test the hypotheses against logs and escalate only credible threats, refining their understanding over time.

Unlike static AI models that flag issues based only on preset rules, AI agents evaluate the severity and exploitability of security vulnerabilities by looking at context (asset value, network exposure, known attack patterns, possible attack vectors, among other metrics).

When a vulnerability is found, agents can automatically prioritize it based on runtime, business impact and compliance context, and autonomously initiate playbooks to fix the issue.

Using predictive analytics and supervised learning, agentic AI tools can also simulate attacks in sandboxed environments to test whether vulnerabilities are exploitable.

Multi-agent systems can analyze vulnerability descriptions and corresponding source code to generate proof-of-concept attacks that demonstrate the actual risk of exploitation. When they locate a problematic code fragment, the agents can create an attack that triggers the vulnerability, enabling developers to see exactly where the problem occurred, why it occurred, and how it affects software performance.

Take the food delivery robot example. An agentic AI-powered approach would enable developers to simulate a cyberattack during—or even before—coding, discover that a particular code fragment is vulnerable to man-in-the-middle authentication attacks, and correct the code before the robot is released into a live environment. 

Agentic AI is becoming a transformative tool for many businesses and DevOps teams, but it’s still a new technology that presents new and evolving challenges. While many business leaders remain optimistic, Gartner anticipates that rising costs, insufficient risk management and unclear ROI will cause businesses to cancel more than 40% of all agentic AI projects by 2027.

Much of the concern revolves around security issues and agent trust. It’s true that agentic AI can streamline and improve software and network security, but it also poses significant security risks.

Agentic AI enables developers to build and deploy autonomous custom agents that operate independently across systems and processes. Many of these agents are created and run without formal IT, security or governance visibility. This unchecked, decentralized proliferation of agents can create "shadow AI" within organizations and DevSecOps pipelines.

With agents acting autonomously, enterprises can also struggle to maintain human-in-the-loop controls. If AI agents are allowed to operate without clear accountability, it can become extremely difficult to assess their intent, validate their actions or apply security policies effectively, especially as environments expand. After all, who’s responsible when an autonomous tool makes a mistake or violates its parameters?

Some argue that the creators—and the organizations that empower them—are at fault for poor training data, insufficient testing or lack of safeguards. But realistically, the picture can be much murkier.

Agentic AI tools also rely heavily on APIs to access data, deploy workflows and connect with external services, and every API integration is a potential entry point for attackers. Because agents don't always follow predictable API usage patterns (they’re autonomous, after all), they can inadvertently expose sensitive or proprietary data through legitimate operations (including personal information in log files, for example) and significantly expand the attack surface.

A single compromised or misconfigured API endpoint can grant access to multiple backend systems and sensitive datasets, enabling cybercriminals to move laterally within the architecture and escalate their privileges. 

Furthermore, most AI agents run on LLMs, so they can inherit vulnerabilities from the underlying model. If an attacker embeds malicious instructions into prompts or trusted data sources (such as configuration files, documentation or support tickets), the agent might unknowingly execute harmful actions when it processes the prompt.

Businesses might also want to consider agentic AI challenges that aren’t security-related. For instance, autonomous agents can sometimes hallucinate build steps or configuration details, inventing parameters that trigger accidental or malicious actions.

Hallucinations occur when a language model (often a generative AI chatbot or computer vision tool) generates incorrect—or entirely fabricated—information that seems plausible. During the unveiling of Google’s Bard chatbot, Bard claimed that the James Webb Space Telescope took the very first pictures of an exoplanet. This was factually inaccurate—the first exoplanet picture was taken years earlier by a different telescope. This is a relatively benign example.

When agents use hallucinated details in DevOps workflows, they can quietly propagate errors through the codebase and automation pipelines, where they compound and cause cascading failures.

Agentic AI tools also underperform when it comes to code development. One study showed that developers take almost 20% longer to resolve code issues when they use AI. And the State of Software Delivery 2025 report found that developers spend 67% more time debugging code generated by AI tools. Many development teams can’t keep up with scale of AI-generated code flaws, which means AI agents sometimes create more technical debt than they erase.

While the challenges associated with using agentic AI tools are substantial, AI gateways can help mitigate some of the risks.

AI gateways act as a unified, lightweight layer between agentic AI applications and the models, APIs and tools they use. Gateways enforce governance and compliance policies consistently across all AI agents and DevOps tools in the ecosystem, eliminating fragmented, inconsistent parameter enforcement.

Centralization streamlines the process of implementing security protocols, data privacy restrictions and regulatory compliance across complex, distributed deployments. It also helps agents better control API access, authentication and authorization processes.

What’s more, gateways can help agents discover threats and code issues earlier by enhancing visibility into agent activity. They provide a cohesive monitoring, auditing, anomaly detection and traceability apparatus so that agent behavior can be tracked throughout the lifecycle. Because AI gateways make agentic AI more observable, they also help businesses rein in the shadow AI issues and runaway costs that agentic AI deployment can create.

When asked if the benefits of using agentic AI outweigh the risks, O’Connell says, “100%. As companies begin to integrate agentic AI, guardrails will be essential—not just technical ones, but cultural and ethical ones too. But we’re only at the doorstep of what’s possible.”

While challenges remain around governance, trust and integration, the trajectory is clear: AI agents aren’t just an add-on to DevOps and CI/CD pipelines, they’re shaping its future. The result isn’t just smarter decision-making—it’s a cultural shift toward more efficient, more adaptive software delivery.