This post is one part of G2's 2020 digital trends series. Read more about G2’s approach to digital transformation trends in an introduction from Michael Fauscette, G2's chief research officer.

Emerging software development and DevOps trends for 2020

The software development and DevOps space is facing major changes as the industry seeks to answer several lingering questions. How will DevOps teams reconcile an urgent call for better cybersecurity? Who are low-code development platforms even for? Will progressive web apps become the new standard in mobile development?

Here are three major trends we anticipate for the software development space in 2020.

DevSecOps: The nonsense term for common sense dev security

Anyone following software development news will have noticed that “DevSecOps” has become a seemingly omnipresent buzzword the latter half of 2019. The term, which lazily and nauseatingly attempts to shorten “development, security, and operations” refers to an overdue principle: Strong cybersecurity measures should be a default component of DevOps (development and operations) workflows. 

The call for stronger cybersecurity practices in DevOps is partially answered by emerging types of software products such as software composition analysis, which seamlessly integrate with the DevOps stack and grants users security insights and vulnerability management capabilities. These tools, along with vulnerability scanners and dynamic application security testing (DAST) software, are must-haves for DevOps teams committed to thorough, preventative cybersecurity best practices.

This comes at a time when the industry faces concerns over API security. 

So far, commitment to DevOps security has been varied. Much like DevOps itself, DevOps teams’ implementation of cybersecurity standards have been anything but...well, standard. In a survey of 57 cybersecurity professionals conducted by ZeroNorth, only 23% reported they use software composition analysis tools at an enterprise level; 21% reported the same for their use of DAST products. 

Meanwhile, the report found software scans at all different times of the development lifecycle: 58% reported scanning source code repositories, 46% scanned IDEs, and 56% scanned during deployment. These scattered implementations and varied approaches point to general confusion concerning “DevSecOps,” meaning there’s still hope for the term itself to change into something more palatable as the industry decides on a standard definition. The survey also found 82% of respondents think it’s either “extremely” or “very” important to “integrate security earlier into the SDLC” (software development lifecycle). The discrepancy between the industry’s overwhelming support for better DevOps security and varied implementations and practices paint a clear picture: DevOps security needs to happen, the industry just doesn’t have a standard solution yet.

While a distinct industry standard for DevOps security practices hasn’t yet broken through the noise, a strong sentiment for enhanced cybersecurity as part of the development mindset is clear. Keep an eye out for the dust to settle in 2020 as more and more DevOps teams adopt security best practices as a default.

Low-code/no-code development platforms join the big leagues

Low-code development platforms, a method of rapid application development (RAD), condense abstract programming languages into simplified declarative methods used to model business applications with little to no coding experience. These tools have existed in some form since the 80s and 90s—back then they were called “4GLs,” or fourth-generation programming languages. However, they never gained enough traction to hold their own against the programming languages such as Java or C/C++.

In recent years, RAD has gained steam in both the business and development communities, as more companies prioritize digital transformation. Many low-code development platforms now offer a full suite of features considered central to any software development lifecycle, including debugging and version control. These features have begun to make their way into no-code development platforms, low-code’s drag-and-drop cousin. The line between the two is often blurred—after all, not much is stopping a no-code platform from releasing an update allowing users to code. However, compared to their no-code counterparts, low-code platforms often offer more customization and flexibility for anybody with a bit of coding knowledge.

All of this functionality packaged in a low-code environment sounds ideal, so what’s the hold up on implementation? So far, low-code development platforms have had issues placing themselves in the market. Developers tend to perceive the platforms as limiting rather than streamlined, while business owners with no coding experience have felt alienated by what seems to be a developer-centric tool.  

However, as businesses increasingly undergo digital transformations, the use cases for low-code development platforms will be more clear.  For example, businesses can build their own custom systems to automate their unique internal processes, rather than shopping for business process management software. Look out for higher adoption rates in 2020 as DevOps and IT teams put their trust in low-code platforms to handle mission-critical applications, while small- to mid-sized business owners use the platforms to create custom internal systems catered to their processes. 

Progressive web apps take over mobile development

Progressive web apps (PWAs), which mimic the appearance and functionality of mobile apps but operate via browser, have become increasingly popular since the term was coined in 2015. They present many advantages over mobile sites and native mobile apps. Today’s users want to clear out their phones of excessive untouched native apps, while developers dread optimizing website development for both desktop and mobile use. With m-commerce (a trendy word for mobile e-commerce) on the rise, choosing the best mobile development strategy is imperative—and PWA development seems like the best strategy.

Users prefer PWAs to native mobile apps because they reduce app clutter on their phones. Because PWAs are accessed via browser, users don’t need to install another app that they’ll only use once because it isn’t reddit, Instagram, or Hinge. PWAs precache data and other resources, allowing applications to function in areas with poor signal, or even offline. This creates an intuitive and visually appealing user experience.

But what’s in it for development teams and businesses? PWAs’ personalized functionality means mobile developers can spend less time optimizing websites and mobile apps. The reduced headache streamlines development for teams who can rest easy knowing their PWAs will appear and function as intended across various devices. On the business end, because PWAs are accessed via browser, they are viewed as websites and contribute to SEO rankings, native mobile apps do not.

With so many benefits over traditional mobile development, PWAs are a trend set to dominate the space in 2020. 

Software development moving forward

In a constantly changing development landscape, trends can be fleeting. Will “DevSecOps” remain in the lexicon? Will low-code development shine? How will progressive web apps affect mobile development? Why do my friends always cancel our plans at the last minute? It’s difficult to say for sure. However, at G2, we feel strongly that DevOps security, low-code development, and progressive web apps will find their footing and ultimately shape the market in 2020.