We know that AI has been transformational for engineering and it will continue to be, so stop me if this sounds familiar.
Imagine an engineering lead opening a pull request for a critical security patch and finding five hundred lines of AI-generated code. While the solution is (mostly) usable, it follows a pattern no one on the team recognizes. This shift away from manually writing every line of logic has introduced a unique level of complexity for teams.
The primary challenge is no longer about shipping code quickly. Leaders are now focused on managing software that wasn't written by a human. Jeff Schnitter argued in a recent episode of the Braintrust podcast that software development has become a faith-based business where leaders must prove the value of these new processes to their engineers. Gergely Orosz also recently wrote that AI tooling is becoming as fundamental to the modern stack as cloud services.
Our findings from the Engineering in the age of AI report and the Braintrust community have helped us identify the eight themes that will define engineering leadership in 2026.
AI investments require ROI justification
It’s never fun when a budget review stalls because a leader is trying to describe the feeling of higher productivity without any hard data to prove their argument. As AI proliferates, engineering leaders find themselves in this position more often than they'd like. While there are more vibe coders than ever, asking for more resources based on a vibe about AI has become a losing proposition. This year marks the official end of the era of paying for vibes, and leadership teams are being asked to prove the actual value of their investments.
This experience is surprisingly common across the industry. Although the industry has debunked the illusion that AI will replace everyone, confidence in these tools remains incredibly high. Research shows that 91% of leaders believe AI improves velocity and quality. It’s interesting that only 25% of those same leaders have the data they need to prove those gains to the rest of the company.
The gap between belief and evidence is driving a move toward more structured measurement. Many engineering leaders are grappling with the "Productivity Paradox," where a 20% increase in pull requests per author is often offset by a 30% jump in change failure rates. To justify these investments to a CFO, leaders are looking beyond raw velocity and using value stream mapping to identify where AI is actually moving the needle for the business. Nathen Harvey, DORA Lead & Developer Advocate at Google Cloud, says that AI is an amplifier that exposes hidden waste in processes, making these baselines essential for proving that AI spend is actually improving the bottom line. "Stop what you're doing and get together with your team and run a value stream mapping exercise," Nathen continues. "It's one of the most valuable investments you can make in a day."
Transitioning to governed adoption
On an almost daily basis, we see news stories about how an AI tool committed a really big business secret to a repository because it was a little too eager to help. When a developer uses an unapproved tool to move faster, the fallout can create real risks for the business. All of this ultimately creates a stressful balancing act for any leader looking to maintain velocity while protecting an organization from unintended leaks.
While the days of blanket bans on AI are mostly over, many companies are still struggling to build frameworks for responsible use. Research reveals a significant policy vacuum across the industry. Today, we find that only 32% of teams have formal AI usage policies in place while the rest rely on informal guidelines or have no governance at all.
Fortunately, the tides are turning. A growing number of organizations plan to introduce clearer guardrails and human review standards within the next year, and leaders are moving toward sophisticated policies that allow for experimentation in safe environments while keeping production deployments strictly gated. This is largely a response to context fragmentation, an increasingly common challenge in which a patchwork of AI tools gives teams contradictory suggestions that break established architectural patterns. This unified governance ensures that AI agents actually understand the specific standards they're supposed to follow and stay consistent across every service.
Addressing the surge in pull request volume
Starting a Monday morning with forty open pull requests is a challenge many teams face now. The pressure to stay fast often outweighs the need for a thorough review, but it's easy for even a senior developer to skim through a massive block of code and assume that it’s safe to merge if the builds pass. This is becoming the new normal for many engineering organizations.
AI acts as a force multiplier for code production, but it’s also a force multiplier for review debt. Our research shows that pull requests per author increased by 20% year-over-year, which makes system stability more vulnerable than ever. Harvey says this acceleration often reveals cracks in the foundation. "AI is an amplifier," he continues. "If you're working in an environment that's very disconnected, introducing AI is probably going to make the pains of that chaos feel more acute."
Managing this load without a collapse in quality often involves using agentic summaries and deterministic checks. These tools help reviewers focus on the most critical logic changes instead of getting lost in the syntax. Schnitter warns against falling into a Stockholm Syndrome culture where teams become desensitized to failure. "I'm sure you've worked places where people say that an error is normal and you just overlook it," he says. "You've got to avoid that and question everything that you're doing all the time."
Redefining the value of an engineer
It’s becoming more common to see engineers successfully submit a complex feature without fully grasping the architectural choices the AI made. While the code might work today, that engineer lacks the context they need to debug the system when it eventually fails. This gap in understanding is a growing concern for leadership teams who value long-term maintainability over short-term output.
As AI starts to handle the mechanical part of the job, the definition of a great engineer is shifting toward the product engineer model. It’s becoming clear that creativity actually thrives when it's placed within the right guardrails. Kaspar von Grünberg, CEO & Co-founder of Humanitec, compares this to composing Baroque music where strict rules about harmony and structure allow for deeper creative expression. He adds, "Creativity can absolutely come from restriction. Sometimes restrictive systems can spark way more creativity than a blank piece of paper."
This shift puts a higher premium on tech lead traits even for entry-level roles. The State of AI-assisted Software Development 2025 report suggests that the most successful teams are those that prioritize critical thinking and product-mindedness over raw output. There’s a higher demand for engineers who can architect for testability and observability. These engineers bring more value to the business because they can evolve the system safely as requirements change.
Securing the agentic layer
The agentic layer is where things get truly interesting and a little bit terrifying. As the industry moves toward a world where AI agents can autonomously trigger workflows, a new kind of attack surface is emerging. An agent acting on a high-level prompt might bypass the manual security checks that a human developer would’ve performed. This is one of the most significant challenges for the year ahead.
Security focus is shifting toward the vulnerabilities inherent in agentic patterns. As AI agents interact more directly with external systems, the risk of unintended consequences grows. Security vulnerabilities stay the top concern for 82% of engineering leaders today. Von Grünberg argues that these agents should be treated as a new user group. "Our agents are not different from junior engineers," he explains. "They need well-documented interfaces and strong guardrails in order not to do whatever they want."
Many teams are investing in specialized monitoring to track how these AI tools are used across the organization. This often includes requiring security architecture reviews for any GenAI components and establishing kill switches for automated workflows. It’s essential to ensure that AI agents operate within a sandbox that protects the most sensitive data and infrastructure.
Implementing risk-based oversight
It’s easy for teams to fall into the trap of applying the same rigorous review process to a simple typo fix as they do to a critical database migration. This one-size-fits-all approach creates unnecessary bottlenecks and frustrates developers who want to move fast on low-risk tasks. It’s becoming clear that a more nuanced way to manage codebases is becoming a necessity.
Not all code is created equal. A common theme in recent Braintrust sessions was the distinction between durable and non-durable code. Teams are starting to apply different standards based on where the code lives and how long it’s expected to last.
A consumer-facing application might allow for faster iterations with heavy AI assistance. In contrast, a core system requires maximum stability and more rigorous human intervention. This risk-based approach helps teams scale without compromising critical infrastructure, while allowing teams to move fast where it’s safe and move carefully where it isn’t.
Closing the AI literacy gap
It’s common to work with developers who treat an AI license as a done button rather than a tool. This often leads to subtle bugs that a more literate user would’ve caught. Simply handing out access to these tools doesn’t guarantee an increase in productivity. In some cases, it actually creates more work for senior team members who have to clean up the output.
Upskilling a team on AI literacy is quickly becoming a major differentiator for entire companies. Organizations that invest in these programs will pull ahead of those that don't. Effective literacy initiatives prioritize critical verification and an understanding of model constraints alongside basic prompting techniques.
DORA’s research suggests that the most successful teams are those that integrate these tools into a culture of continuous learning. Harvey recommends creating communities of practice instead of isolated centers of excellence to help spread knowledge organically. Environments where engineers feel safe questioning AI suggestions and exploring new ways of working lead to better results. He adds, "Use this AI moment to help drive the cultural changes that you actually want."
Strengthening the architectural foundation
Outages are already stressful enough without the added headache of trying to find the owner of a service that an AI agent generated months ago. When ownership records are missing, a 10-minute fix can easily turn into a four-hour investigation. This is a common example of the hidden costs that come with moving fast before the right foundation is in place.
AI has a way of magnifying every existing crack in an organization’s foundation. If service ownership is blurry and testing is still a manual chore, adding AI to the workflow usually just creates a faster path to technical debt. "Technological innovation alone is not sufficient to actually deliver gains in productivity," von Grünberg says. "It always has to be accompanied by organizational innovation and change."
Building a resilient organization in 2026 starts with the unglamorous work of securing the architecture. Most leaders are finding that security, automated testing, and clear ownership are the absolute prerequisites for scaling AI responsibly. The teams that pull ahead will likely be those that follow a clear data-to-insight-to-action loop. This cycle transforms raw data into actionable insights through scorecards and enables improvement through automated workflows. By closing the gap between seeing a problem and fixing it, teams can scale without compromising quality. It’s hard to feel good about moving fast if no one knows who owns the code that just landed in production.
Schedule a demo to see how Cortex helps the world's most innovative teams manage this complexity.
