Capgemini’s 2026 technology trends report has named “software that builds itself” as one of the defining shifts in enterprise technology.
That might sound dramatic, but the underlying reality is already in production. AI agents that write code, run tests and deploy to production with limited human intervention aren’t a research project – they’re in use at Fortune 500 companies right now. Cursor is used by 64% of Fortune 500 organisations. GitHub Copilot has 15 million users, sits inside 90% of Fortune 100 companies and delivers 51% faster coding according to its own data.
The debate about whether AI-assisted development works is largely settled in 2026. The real question is whether the systems being built on top of it are dependable – and early indicators are deeply concerning.
How Self-Building Software Actually Works
The architecture behind self-building applications uses multi-agent systems where different AI agents handle specific stages of the software development lifecycle. A requirements agent generates user stories from conversations. A coding agent writes code across multiple files from natural language instructions. A testing agent generates test cases and detects bugs. A deployment agent orchestrates CI/CD and auto-deploys when tests pass. An optimiser agent analyses performance data and recommends improvements.
In practice, the workflow looks like this: describe a feature in plain English, the AI writes the code, runs the tests and if everything passes, deploys to production. One developer documented building an AI that goes from a single prompt to production in under four minutes with zero human intervention. Tools like GitHub Copilot Workspace, Windsurf and Amazon Q Developer are all doing versions of this in enterprise environments today.
According to Capgemini’s research, Generative AI adoption is projected to reach 80% among organisations seeking to streamline software development in 2026. Currently, 11% have already integrated AI into part of their software development, with 27% in active pilots. Thanks to mature solutions like Copilot and Amazon Q, coding assistants now claim the top spot at 39%. The productivity numbers are backing up the hype – 7% to 18% overall developer productivity improvement, up to 34% for pure coding tasks.
More from Artificial Intelligence
The Silent Threat Of Unreliable Code
Then there’s the troubling data – according to a Veracode security analysis of AI-generated code, 45% of AI-generated code samples failed security tests and introduced OWASP Top 10 vulnerabilities. Security failures reached 72% for Java, compared to 38% to 45% for Python, JavaScript and C#. An analysis published on Medium found that 62% of AI-generated programs still carry exploitable bugs, with typical flaws including buffer overflows, SQL injection vulnerabilities, hard-coded secrets and weak cryptographic defaults.
Crucially for anyone scaling this technology, upgrading to larger and newer AI models did not actually fix these security flaws – the failure rates remained flat regardless of model size. And 75% of developers trust AI-generated code as much or more than human-written code – even while more than half regularly see insecure suggestions. That combination is the actual risk – not that AI writes bad code, but that it writes plausible-looking bad code that developers wave through.
LLM hallucinations compound this – AI systems generating code errors and omissions can negate the time savings entirely, and are currently considered unreliable for critical business processes without human-in-the-loop oversight. While the productivity gains are genuine, the accompanying risks are equally real.
What This Means For Engineers And CTOs
The Capgemini report is clear that software engineers aren’t being replaced – they’re being repositioned.
The shift is from writing code to guiding AI agents, from individual contribution to managing the systems that produce the output. Experienced developers are spending more time on business requirements, design and review rather than writing bulk code. New specialisations are emerging too: AI deployment managers, engineers who train models and determine which AI solutions fit specific development stages. The discipline isn’t dying – it’s just evolving faster than traditional engineering career paths can keep up
The question for CTOs is no longer whether to use agentic AI tools, but how to deploy them across the entire lifecycle without creating a massive security blind spot. Capgemini recommends what they call a GenAI Factory approach – rapid prototyping capability that scales from proof-of-value to production – combined with human-in-the-loop feedback mechanisms and retrieval-augmented generation to ground models and reduce hallucinations. The organisations winning here are integrating AI across all SDLC phases while keeping human oversight on anything critical.
The transition is already underway; now, the race is on to ensure our reliability safeguards can actually keep pace with deployment speeds
