The world of software development is a relentless treadmill that constantly accelerates to meet the demands of enterprise users. Within this rapid evolution, the role of high-level strategy — looking beyond the immediate horizon to anticipate what’s next — becomes paramount, especially in very competitive markets.The New Stack spoke with Gal Marder, chief strategy officer at data management software maker JFrog, to look closely at this complex landscape and understand how his team is preparing for the future of building software — especially as AI begins to reshape every aspect of the development life cycle. We now have AI-assisted apps writing, suggesting, testing and deploying code. These features were only a dream until recently.Marder’s job at JFrog entails three main responsibilities: The first is to project three to five years ahead to ensure that the company is ready to move on to impending shifts in development approaches. “Especially in these early days of AI, it’s very hard to guess,” Marder said.A forward-thinking approach is informed by continuous feedback, Marder said.Three Roles to Fill“We definitely listen to customers, to partners, and also to different people inside the organization,” Marder said. The insights gained from simply bringing diverse perspectives into a room, allowing them to freely discuss and brainstorm, is a potent reminder that even in our hyper-connected world, face-to-face interaction often yields the deepest understanding — particularly when grappling with abstract concepts, he said.The second aspect of his role focuses on mergers and acquisitions, which effectively makes Marder JFrog’s corporate development lead. This involves identifying organizations that can potentially augment or accelerate JFrog’s strategic objectives. Third is the realm of tech partnerships — collaborations with channel resellers and other software vendors.When confronted with a new market need or an evolving sales or service problem, Marder explained his decision-making approach to build, buy or partner. In most cases, he noted, the optimal solution is a combination of all three. This enables JFrog to adapt swiftly, using internal strengths, acquiring complementary capabilities or forming alliances to deliver effective solutions.What UpTrust Brings to the DevGovOps PartyA recent example of this strategy in action is JFrog’s introduction of UpTrust. This initiative directly addresses the growing DevGovOps issue — the pain point users experience when ensuring their software is properly governed and compliant with various regulations. Providing a holistic solution necessitates partnerships, particularly because some processes (such as planning and coding) fall outside JFrog’s immediate domain.“We needed to partner with many partners,” Marder said, comparing JFrog’s inherently sociable nature with the very ethos of DevOps itself — breaking down silos to enable a smooth software flow from developers (or, increasingly, AI agents) to the end customer.Software-Creation GovernanceJFrog focuses specifically on software-creation governance, a field that has undergone significant transformation recently. For years, the industry prioritized speed over trust and governance. However, this unsustainable imbalance has righted itself, Marder said.Software-creation governance is a framework of rules, policies and practices that guide and control the entire software development life cycle to align with business objectives. It ensures that software is created consistently, securely and efficiently, encompassing strategic alignment, risk management, compliance and quality assurance. Effective governance requires clear roles, responsibilities and the right tools to enable automated policy enforcement and continuous improvement.“You cannot drive very fast without having a seat belt and without having different precautions,” Marder said. The maturation of the industry has led to a greater focus on trust, safety and governance, but without sacrificing the pace, he said.The hard part now is to maintain, or even increase, speed while simultaneously ensuring a measured and trustworthy process. Most companies still rely on manual practices, screenshots and Excel files for governance — methods that cannot keep pace with today’s accelerated software release cycles, he said.Security Gets Even More ComplicatedThanks to ever-more sophisticated threat actors, security adds another layer of complexity. While Marder believes the industry is largely keeping up and maintaining a manageable balance, the difficulty is undeniable. Legislation such as the European Union’s DORA Act of 2025 and the U.S. executive order for providing a software bill of materials (SBOM) of 2021, though triggered by security incidents, ultimately address broader aspects of quality and governance.The Digital Operational Resilience Act (DORA) is a sweeping EU law that came into full force in January of this year. DORA is designed to strengthen the financial sector’s digital operational resilience. It requires banks, insurance firms, investment companies and other financial entities — in addition to the third-party technology providers on which they depend — to ensure that their IT systems can withstand, respond to and recover from all types of Information and Communication Technology (ICT) disruptions and cyberattacks.An SBOM is essentially a detailed ingredients list for software.What the JFrog Roadmap EntailsMarder shared his company’s roadmap, which centers around five key areas — starting with the evolving role of the system of record for software releases.While JFrog already has this at its core, the demands for control in a speed-driven environment make it even more critical. The emergence of AI in coding, exemplified by copilots, underscores the need for robust control points within this system of record, allowing for human review and testing before code is integrated. This concept extends to agentic release processes, where AI agents could automate testing, distribution and even deployment decisions, Marder said.The agent is kind of an enforcer or editor, capable of dynamic decision-making and enforcing policies — an important safeguard when delegating tasks to AI, Marder explained.Managing New AssetsSecondly, JFrog handles managing new assets, such as AI models themselves. This necessitates scanning models for vulnerabilities, ensuring transparency in their creation and making their lineage auditable. While distinct challenges exist, Marder emphasized the commonalities: “A model is just another artifact” that must be managed within the system of record, he said.The third piece is DevGovOps, embedding governance directly into the development process — a relatively new bottleneck that JFrog is actively addressing. The evolving expectations of developers drive the fourth area of focus, which is user experience. Developers, Marder noted, demand high agency from AI agents, expecting them to understand intent and autonomously figure out how to achieve it.Finally, JFrog’s plans for “agentic releases,” showcased by JFrog Fly, point to a future where repositories and release processes are deeply integrated with AI agents, redefining the engineering experience.When asked what a new customer might not immediately grasp about JFrog, Marder said that “while customers are often well-informed, some don’t fully realize the importance of a single source of truth or system of record for their release.”For most of us, the concept of a single source of truth resonates deeply — the perpetual quest for that definitive, trusted origin of information. For JFrog, this core principle underpins everything it does in the accelerated world of software development.The post JFrog Maps Strategy for AI-Driven Development Future appeared first on The New Stack.