Software development is entering a new phase as AI accelerates development and open-source dependencies grow more complex. The real challenge now isn’t just writing code faster — it’s building trusted software that is secure from the start.

Companies such as Chainguard Inc., which provides verifiable open-source artifacts designed to reduce software supply chain risk, reflect how software development is changing to support trusted delivery. That trend is contributing to a future of automated software factories, where development pipelines operate more like assembly lines to deliver code faster without sacrificing consistency, according to Paul Nashawaty, principal analyst with theCUBE Research.

“I still believe, right now in 2026, we do need a human in the loop,” Nashawaty said during theCUBE’s keynote address. “But I think automated software factories are really where there’s going to be a competitive advantage, especially as we start looking at security in those areas for faster patching, reproducible builds, as well as consistent security across the environment.”

During Chainguard Assemble 2026, Nashawaty and theCUBE’s Rebecca Knight spoke with company executives, customer organizations and leaders from the broader security ecosystem who are shaping the future of trusted software. They explored how applications are being redefined through secure-by-default infrastructure and stronger supply chain integrity. (* Disclosure below.)

Here are eight themes showing how trusted software is evolving in the AI era:

1. The race to AI-driven development now runs through trusted software.

In containerized environments, the image sits at the core of software delivery, packaging the application with everything it needs to run, making it a primary battleground for trust. Enterprises are responding to AI-era demands for speed, scale and security by stripping images down to the essentials, reducing packages, shrinking the runtime footprint and cutting vulnerabilities at the source, according to Nashawaty. Just as critical, security must become nearly invisible to developers, protecting the delivery pipeline without slowing engineering teams down, he added. With AI and self-service tooling reshaping how software is built and shipped, the standard for trust is clearly getting more rigorous.

Catch the full keynote with theCUBE’s Nashawaty and Knight.

2. AI is forcing teams to rethink how trusted software gets built — and audited.

For decades, developers coded line by line, but AI has turned software creation into a much faster process that can now outpace human review. The challenge is no longer just generating code, but using AI and secure pipelines to scale review and ensure software is safe to ship, according to Dan Lorenc (pictured), co-founder and chief executive officer of Chainguard. In a twist for the industry, AI is both outpacing the audit and clearly the best hope for scaling it.

Here’s theCUBE’s complete interview.

3. There’s an expansion from hardened containers to secure AI-era software building blocks.

Chainguard’s product strategy is expanding from hardened container images for Kubernetes environments to secure library artifacts across Python, Java and JavaScript, according to Dustin Kirkland, senior vice president of engineering at Chainguard. From there, the focus shifts to AI adoption, with new efforts aimed at helping customers use AI tools and agents safely without increasing security risk, he added. The key takeaway is that in the AI era, trusted software has to reach beyond the container to secure the full chain of software components.

Catch the entire segment on theCUBE.

4. In software, human judgment still matters most.

AI can be helpful, but it is not a perfect solution, especially in highly regulated environments. Tools may not always give the right guidance or know which requirements take priority, which means organizations still have to make risk-based decisions for themselves, according to Rob Gil, senior director of federal architecture at Okta Inc. Compliance frameworks such as NIST 800-53 often define what organizations must do without specifying how to do it, which creates a need for experts who can translate those controls into practical architecture and security implementations that both satisfy audits and improve security, he explained.

Don’t miss the full segment on theCUBE.

5. Shift-left security is turning into a developer workflow change.

Shifting security left — away from late-stage security checks and toward integrating them early in the software development lifecycle — is ultimately a culture and process change. For Kyndryl Holdings Inc., that means building guardrails and a unified developer platform that encouraged natural adoption by making one interface the standard path for creating images, repositories and code across the full SDLC, according to Adeel Saeed, chief technology officer for global cyber resiliency at Kyndryl.

Watch theCUBE’s full exclusive.

6. AI agents may become essential to faster root-cause resolution.

Current processes will not be enough as software teams move faster, especially when deployment failures still take too long to diagnose and resolve at the root cause. AI and agents will become increasingly important in helping platform engineering teams identify problems faster and fix them with greater speed and precision, according to João Brandão, director of engineering at OutSystems Software em Rede, S.A.

For the full story, check out the segment on theCUBE.

7. Faster software development demands a more trusted AI-era SDLC.

Software development has continued to speed up, but that pace has also made security more complicated. As AI takes on a larger role in generating code, organizations need a modern, secure development process built around trusted open-source components and responsible AI adoption, according to John Sapp, vice president of information security and chief information security officer of Texas Mutual Insurance Co.

Watch theCUBE’s full exclusive.

8. Software supply chain risk is becoming a board-level concern.

The past year has sharpened security concerns as AI helps attackers find exploits faster and companies become more aware of how much open source is embedded across their environments. That growing sense of risk has pushed software supply chain security higher into the C-suite, with organizations recognizing that exposure now begins throughout the development process, not just in production, according to Neil Levine, senior vice president of product at Anchore Inc.

Catch the full segment on theCUBE.

Here’s the complete video playlist, part of SiliconANGLE’s and theCUBE’s coverage of Chainguard Assemble 2026:

(* Disclosure: TheCUBE is a paid media partner for the Chainguard Assemble event. Neither Chainguard, the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE