Insights from Thoughtworks Technology Radar 34: AI, Security, and the Return to Fundamentals

The 34th edition of Thoughtworks Technology Radar has arrived, offering a biannual snapshot of the tools, techniques, platforms, and languages shaping software development. This release is dominated by AI, but also highlights a surprising return to foundational practices and a critical focus on security. Below, we explore the key themes through a series of questions and answers.

What is the Thoughtworks Technology Radar and what does the 34th edition cover?

The Technology Radar is a biannual report from Thoughtworks that distills their hands-on experience with the technology landscape. It features 118 "blips"—brief assessments of tools, techniques, platforms, and languages. The 34th edition is heavily influenced by artificial intelligence, but it also revisits many established software development practices. Notably, it includes contributions from a stronger security perspective, with Jim Gumbley joining the writing team. The radar serves as a guide for teams looking to adopt or avoid certain technologies, based on real-world usage and emerging trends.

How is AI influencing the themes of this edition?

AI, particularly large language models (LLMs), is a central theme throughout the radar. This is not just about new AI tools, but also about how AI forces developers to revisit fundamentals. The radar highlights that AI's ability to rapidly generate complexity necessitates a counterweight of clean code, deliberate design, and testability. Teams are returning to practices like pair programming, zero trust architecture, and mutation testing. The command line, once abstracted away, is seeing a resurgence as agentic tools make it a primary interface again. AI is not just a forward-looking force; it's pushing the industry to strengthen its core craft.

Why is security a major concern in this edition?

Security is a critical focus because of the serious risks introduced by LLMs and agentic systems. Prompt injection attacks remain an unsolved problem—models cannot reliably distinguish trusted instructions from untrusted input. The radar's security presence, strengthened by expert Jim Gumbley, underscores the need for robust safeguards. The permission hungry nature of agents that require broad access to data and systems amplifies these risks. Without proper harness engineering, organizations risk exposing sensitive information and systems to malicious exploitation. This edition therefore emphasizes security as a first-class concern, not an afterthought.

What is the "permission hungry" dilemma with AI agents?

The term "permission hungry" describes a central tension in the current wave of AI agents. To be useful, agents like OpenClaw, Claude Cowork, and Gas Town need extensive access—to private data, external communications, and entire codebases. The payoff is compelling, but the safeguards have not kept pace. This is analogous to a skier who just learned to turn but heads straight for a difficult black run. The appetite for access collides with unresolved security issues such as prompt injection. The radar calls for a harness—guidelines and sensors—to ensure these powerful agents operate safely and reliably.

How are tools like the command line making a comeback?

After years of being abstracted away in favor of graphical interfaces, the command line is experiencing a resurgence. This is driven by the rise of agentic tools that require precise, scriptable interactions. Developers are finding that the terminal offers a more direct and efficient way to interface with these agents. The radar notes this as a significant shift, where the command line becomes a primary interface again. This return is not about nostalgia but about practicality—agents often need the flexibility and power that only a command line can provide, especially when orchestrating complex workflows across systems.

What role does harness engineering play in managing AI complexity?

Harness engineering emerges as a key theme in this radar, providing the structure needed to safely integrate AI agents into existing systems. The concept involves creating guides and sensors—a metaphorical harness—that keep agents on track and within safe boundaries. The radar meeting itself was a major source of ideas for Birgitta's article on harness engineering. This edition includes several blips that outline the components of a well-fitting harness. As AI agents become more capable and autonomous, the demand for robust harness engineering will only grow. The radar anticipates that future editions will expand this list significantly.

How does this radar address the balance between AI speed and software craftsmanship?

The radar explicitly tackles the tension between the rapid complexity AI can generate and the need for disciplined software craftsmanship. It is not anti-AI, but rather a call to double down on principles like clean code, deliberate design, testability, and accessibility. These are presented as necessary counterweights, not constraints. By revisiting established techniques—from pair programming to DORA metrics—the radar encourages teams to maintain quality even as they adopt AI tools. The underlying message is that AI should augment human craftsmanship, not replace the discipline that produces reliable, maintainable software.

What can we expect in the next edition?

Given the rapid evolution of AI and agentic tools, the next edition of the Technology Radar, due in six months, is likely to see an expansion of harness engineering blips. The current edition already lays groundwork for guides and sensors, and as real-world experience accumulates, Thoughtworks expects to add more. Security concerns will remain front and center, with new techniques for mitigating prompt injection and other vulnerabilities. The command line resurgence may also deepen, along with further refinements to foundational practices. Overall, the radar will continue to track the interplay between advanced AI and the timeless principles of good software development.