Cloud DevOps Consulting Services

Software Development Services for Companies

DevOps automation solutions and services

DevOps Monitoring Solution

DevOps: Compliance and Security Services

AI for DevOps: Artificial Intelligence Solution for Companies

DevOps Managed Services

Github Copilot

GitHub Advanced Security

DevOps Foundation by DevOps Institute

DevSecOps Foundation by DevOps Institute

Docker Basics

Microservices with Spring Boot and Spring Cloud

CI/CD Basics in Azure Devops

Linux Basics

Linux: Installing, Configuring and Managing a Server
Return to blog

Gologic DevOps Trends: Looking Back at 2024 and Ahead to 2025

DevOps in general Security
January 21, 2025
author
gologic

By Gologic with the collaboration of Alexandre Couëdelo.

Did you know that, according to Gartner, by 2027, 80% of organizations will integrate DevOps platforms into their development toolchains to streamline software delivery? This significant increase from 25% in 2023 highlights the growing importance of DevOps culture. What trends will emerge to shape it in 2025? Let’s first take a brief look back to review our predictions for 2024.

Retrospective of 2024 Trends

At Gologic our experts support many organizations in their DevOps journey through DevOps maturity assessments, the implementation of our expertise or our specialized training. While each client has their specific challenges: infrastructure and pipeline as code, CI/CD, automation, continuous integration, and much more! However, we often observe similarities that reflect a general trend in the industry.

Our collaborators are valuable sources of information because they have the opportunity to participate in and contribute to various mandates across multiple domains. That’s why, every year, we asked them about the challenges of the past year and the ones ahead. Our goal was to validate whether our predictions from last year materialized and explore the new challenges for the up coming year.

2024 Trend Analysis

As everyone knows, software development technologies are advancing extremely fast, and many companies want to keep modernizing their ecosystems while remaining vigilant about costs. This caution is due to the tense economic climate since early 2023, marked by numerous layoffs in major companies in Quebec and worldwide. Maintaining market share and customers without taking significant risks was the watchword at the beginning of last year.

Last year, we identified three key areas:

  • Optimization: Better cost control with FinOps practices and the temptation of hybrid cloud to reduce costs.
  • Satisfaction: Focus on Site Reliability Engineering (SRE), security, and compliance to protect customer data.
  • Modernization: Overall system modernization through refactoring and legacy system replacement, including cloud migration and mass refactoring with AI.
The three DevOps areas for improvement identified by Gologic in 2024.

2024 Trends Review

Most of our collaborators reported focusing on legacy system replacement, security and compliance, stability and reliability (SRE), and FinOps/cost optimization.

It seems we were right! Companies are using the cloud or continuing their migration to it while ensuring good resource utilization. Many companies need to upgrade their security and adopt increasing user data management and access requirements.

Internal Gologic Survey: What issues have you worked on this year?
Internal Gologic Survey: What issues have you worked on this year?

Companies are increasingly adopting SRE methodologies to improve the stability and reliability of production systems. Monitoring and alerting tools have matured, particularly open-source stacks like ELK (Elasticsearch, Logstash, Kibana) or Grafana (Grafana, Loki, Prometheus/Mimir). Additionally, the OpenTelemetry (OTEL) standard now provides a solid foundation for integrating different telemetry systems.

AI advancements have far exceeded expectations. AI can now assist developers in most of their daily tasks (planning, implementation, testing). Contrary to our expectations, there has been little use of AI for automated refactoring or mass refactoring. However, we have observed numerous experiments with tools like GitHub Copilot, for which we had to set up dedicated training due to its overwhelming popularity.

DevOps Trends for 2025

It’s clear to us that the focus will be on AI integration, cost optimization, and security.

We are in a phase of “hypergrowth” (exponential growth) in AI use cases, which makes sense. While AI is not yet prevalent in DevOps or Platform Engineering, this will certainly change in 2025.

The challenges of costs and modernization won’t disappear. To date, FinOps solutions remain basic, and it’s difficult to achieve proper cost management without doing a lot of analysis yourself. We can expect an evolution in tools, models, and cost optimization strategies.

DevSecOps challenges are “finally” being taken seriously, and we are both in the golden age of mass attacks and the adoption of analysis and prevention tools. We still need to equip ourselves and stay one step ahead of attackers. Most companies have finally reached a high level of maturity in continuous integration, which now allows them to incorporate quality and security criteria into this process.

Let’s look at each of our challenges for 2025 in more detail.

Cost Optimization and Legacy Systems

Replacing legacy systems is a challenge that often helps reduce maintenance costs while also freeing us from dependence on increasingly rare and therefore expensive skills. Moreover, working with the latest technologies has never been more attractive.

Efficient Cloud Cost Management

Cloud costs are raising increasing concerns, particularly for small and medium-sized businesses. Large enterprises are also becoming aware of their excessive spending, which explains the growing interest in FinOps practices. On one side, small businesses are particularly feeling the impact of cloud costs as popular solutions like Kubernetes are far from suitable for all budgets. Large enterprises, for their part, are realizing that their cloud usage is often poorly optimized and are looking for solutions and frameworks to better guide them in choosing the most cost-effective options that meet their needs.

Understanding the costs of a technological solution is, therefore, crucial, and following trends is our worst enemy in this area.

Framework for FinOps

FinOps is a “new” financial management discipline, particularly focused on the cloud, which aims to optimize spending by aligning IT, Finance, and Business teams around a shared understanding of costs and value delivered by different technological choices. The FinOps approach has materialized with the creation of the FinOps Foundation (created by the Linux Foundation). It proposes a model comprising 22 capabilities to master for better management of IT operations costs.

FinOps Framework - FinOps Foundation

This framework is a solid foundation, an initiative to keep in mind for your IT projects in 2025.

DevOps x AI x Platform Engineering

AI is the biggest revolution in software development in 2024. We must take on the challenge of selecting and mastering the numerous code assistants, such as GitHub Copilot. The major challenge is to produce code quickly while ensuring its quality and security, which requires solid technical expertise, sound judgment on the reliability of suggestions, and constant vigilance to avoid errors that could compromise the reliability of production systems.

AI Integration in Platform Engineering

AI will transform the software development cycle. AI agents might soon be able to maintain context throughout different project phases, understanding both functional and automation requirements. AI could automate the creation of comprehensive and exhaustive test cases. It may also analyze logs and metrics to proactively detect anomalies that are difficult for the human eye to spot, as we cannot spend our days scrutinizing logs.

Platform Engineering, which promotes the implementation of self-service capabilities with automated recipes to simplify the developer experience, is not being left behind. AI can play a crucial role in helping create and update “golden paths” (recommended paths for development within your company’s technological ecosystem). If you haven’t yet implemented Platform Engineering in your company—that is, self-service tools and processes, an application catalog, and a dedicated web portal for your developers—now is the ideal time to start. Indeed, AI now makes these practices even more effective and beneficial.

Measuring AI Initiative Success with DORA and SPACE

However, AI integration requires clearly justifying its return on investment (ROI) and anticipating pitfalls—harmful behaviors that would impair the speed and reliability of your software development. We notice that many clients want to measure their progress from the beginning of implementing these tools. This is where our famous DORA metrics are coming back into fashion. We are also observing the emergence of the SPACE framework, which focuses explicitly on measuring developer productivity.

Security and Compliance

AI also has its dark side: AI-based attacks multiply and exploit system vulnerabilities with devastating effectiveness. The Canadian Centre for Cyber Security, in its annual report (2025/2026 predictions), highlights an increase in Cybercrime-as-a-Service (CaaS). This evolution means each vulnerability is quickly exploited and resold to malicious actors. Faced with this threat, companies must proactively anticipate potential attacks and strengthen their defenses. One essential measure is to automate security patch updates to address known vulnerabilities quickly.

Towards a Standard for Software Supply Chain Security

The biggest current cybersecurity challenge is verifying the origin of software components. Ensuring supplier reliability is challenging, especially in open-source projects where anyone can contribute.

The framework SLSA (Supply-chain Levels for Software Artifacts) now provides a standard for exchanging and validating provenance certificates for software solutions. To draw an analogy, think of product labels in a supermarket that show the composition and origin of the products you consume.

SLSA offers a series of certifications from levels 1 to 3, with 3 being the highest, to evaluate the quality and security of the artifact creation process. Several major CNCF projects, such as Prometheus and ArgoCD, have already achieved SLSA level 3 certification. This means they can reliably prove the origin and authenticity of each of their releases.

Towards a New Standard for Access Management

Another cybersecurity challenge is protecting our internal systems. However, we increasingly need our employees to be able to access these resources wherever they work (from home and potentially anywhere in the world). To address this issue, we often use VPNs to authorize our employees to access the internal network.

Traditional enterprise VPN solutions, often complex and costly, are increasingly being challenged in favour of the Zero Trust Networking (ZTN) approach, which continues to gain momentum with its motto “Never trust, always verify”. Major cloud players, such as AWS with its Verified Access service (since May 2023), compete with established solutions like GCP Identity Aware Proxy or Cloudflare Access.

Conclusions

In summary, 2025 will be full of challenges and reflections. To conclude, we have prepared a checklist with five concrete actions:

  • Immerse yourself in the FinOps framework to help you manage costs and adopt new capabilities to address your operational challenges.
  • Capture the four DORA metrics, which will help you measure the success of all your software development cycle improvement initiatives.
  • Adopt the SPACE framework to measure the success of your AI initiatives and their impact on developer productivity.
  • Achieve level 3 of the SLSA framework for all your builds and verify that your open-source dependencies provide provenance attestations.
  • Evaluate ZTN solutions for remote access to your internal resources and applications.
  • Invest in Platform Engineering to simplify your application development by offering a self-service platform for process and tool management.

For more on DevOps and cutting-edge solutions, contact Gologic. Share this article with your colleagues and network to spread the latest insights on DevOps trends!

By Gologic with the collaboration of Alexandre Couëdelo.

DevOps Challenges and Trends for 2025.

These articles might interest you

Gologic DevOps Trends: Looking Back at 2024 and Ahead to 2025
DevOps in general

Gologic DevOps Trends: Looking Back at 2024 and Ahead to 2025

01/21/2025

By Gologic with the collaboration of Alexandre Couëdelo. Did you know that, according to Gartner, by 2027, 80% of organizations will integrate DevOps platforms into their development toolchains to streamline software delivery? This significant increase from 25% in 2023 highlights the growing importance of DevOps culture. What trends will emerge to shape it in 2025? Let’s […]

Read the article
CI/CD or Integration and continuous deployment

Gologic becomes a Redgate Partner!

06/20/2024

Montreal (Quebec) — June 20, 2024 — This new partnership is perfectly aligned with our commitment to help organizations accelerate their value delivery through the industry's best DevOps practices.

Read the article
CI/CD or Integration and continuous deployment

Securely Managing Secrets in CI/CD Pipelines

05/02/2024

Welcome back to the CI/CD security series, where we continue to unravel the complexities and nuances of securing continuous integration and continuous delivery pipelines.

Read the article
gologic logo blanc

Ready to accelerate your value delivery?

Contact us

Menu

Gologic

5605 De Gaspé Avenue,
Suite 704

Montréal (Québec)
H2T 2A4

438 385-7188

contact@gologic.ca

Gologic France

1 Avenue Aristide Briand

93160 Noisy le Grand

France

info-contact@gologic.fr
Privacy policy

CNESST Agency Permits : AP-2101497 and AP-2101498

Search