AI Agents Are Building Databases. Who's Governing the Changes?

Ryan McCurdy
Liquibase

AI agents are starting to do something that used to be slow by design. They are creating databases, spinning up branches, and iterating on the data layer as part of the build loop. You can argue about the exact percentages in any one report, but the direction is unmistakable. The database is moving from foundational infrastructure to active surface area for modern applications, and that shift is going to collide with how most enterprises still control change.

Databricks captured the idea in plain terms when it described the database as the system of record for AI applications and the persistent memory and coordination layer for multi agent systems. Databricks also says its usage data shows AI agents are now responsible for the bulk of database creation and nearly all dev and test branching activity in its ecosystem. The exact percentages matter less than the direction: database creation and change are becoming automated and high velocity.

If that framing is even partially right, it has an immediate consequence for enterprise leaders. Database change is part of the trust chain. It is no longer a back office engineering concern. It becomes a business risk and a business enabler, because you cannot claim reliability, compliance, or security if you cannot explain and control what is changing underneath your applications.

For decades, most enterprises treated database change as scarce, controlled, and human paced. Provisioning took time. Test environments were expensive to copy. Production changes were gated because the downside was immediate and public. Even as software delivery modernized, database change often remained governed by tickets, meetings, change windows, and a small set of humans acting as the control point. The model was never elegant, but it held together because change volume was limited and the rate of change was predictable.

Agentic workflows break that assumption.

Agents do not work like a developer making one careful change and moving on. They branch, try multiple hypotheses in parallel, discard most of them, and repeat until something works. As the cost of creating environments drops, the number of branches rises, and the number of change events rises faster.

When provisioning time compresses, you do not just make teams faster. You multiply the amount of change your organization must safely control across teams, business units, and production systems.

The intuitive response is familiar: review more. Add gates. Add process. Add people. That instinct is comforting, and it fails in predictable ways:

  • It slows delivery until teams route around it.
  • It still misses risk because manual review cannot scale to machine-speed change volume.
  • It turns governance into sampling instead of control.

Enterprises can operate on sampling for a while, right up until an incident or an audit forces a simpler question: can you prove what changed, who approved it, and why it was safe?

Cloudflare's November 2025 outage postmortem offered a reminder of how quickly a small change can become a global headline. In that incident, the trigger was a change to a database system's permissions that produced unexpected output and cascaded through dependent systems. The lesson was not that Cloudflare was careless. The lesson was that in modern infrastructure, small changes can propagate quickly, and the difference between a contained issue and a major incident often comes down to the quality of change control, visibility, and recovery.

Now layer on an operating reality where agents dramatically increase the number of database changes occurring across branches, environments, and pipelines. The blast radius does not just grow. The odds go up.

When change volume spikes, the failure modes are not mysterious. They follow a pattern that platform leaders, security teams, and auditors recognize immediately.

Drift becomes normal

The real state of production diverges from the approved state because changes happen outside the workflow. Sometimes it is an emergency fix. Sometimes it is a console tweak. Sometimes it is an admin script that was temporary until it wasn't. In a world of constant branching and promotion, drift is easier to create and harder to detect, and the longer it persists the more it erodes confidence in what is shipping.

Explainability collapses

When something breaks, the first question is usually the simplest: what changed. Many organizations still answer that by stitching together Git commits, ticket trails, chat logs, and partial database history. As change events multiply, gaps in evidence stop being rare and start being routine. That is when leaders realize they do not have an observability problem. They have an accountability problem.

Rollback becomes dangerous

Teams discover, often in the middle of an incident, that they cannot reverse a harmful change cleanly without reversing too much. Recovery turns into a blunt instrument, and blunt instruments create large blast radii. The faster you change, the more you need precise rollback discipline, not heroic improvisation.

From Faster Databases to a Modern Model for Change

This is the point where the conversation needs to move from faster databases to a modern operating model for database change. If environments can be created on demand, the bottleneck shifts from provisioning to control.

That control cannot live in meetings and ticket queues. It has to live in the delivery path, as automation, as policy, and as evidence.

That is what database change governance is, and why it is becoming a requirement rather than a nice to have. It means:

  • Enforcing policy before production, not after an incident.
  • Generating audit-ready evidence by default, for every change.
  • Detecting drift and reconciling it continuously, not annually.
  • Supporting rollback that is traceable and scoped, not all-or-nothing.

Those are not abstract ideals. They are the mechanisms that let organizations keep moving when the pace of change accelerates, without turning reliability and compliance into a tax paid after the fact.

Speed is not the enemy here. Speed is the prize. But speed changes the risk equation, and enterprises that ignore that will learn the lesson the hard way.

We've seen opensource communities help engineering teams move faster by bringing database change into a modern delivery motion. That speed is valuable. But speed also changes the risk equation. When you can deliver more changes more frequently, you also create more opportunities for drift, outages, and missing evidence if those changes are not governed.

Ultimately, many organizations and application dev CI/CD teams graduate from "we can ship faster" to "we can ship faster, safely, and prove it." The value is not speed alone. The value is speed with guardrails, traceability, and accountability.

The deeper point is bigger than any one vendor or platform. As agents take on more of the work of building and operating systems, enterprises will not have the option to treat database change as a low level implementation detail. They will either govern change intentionally, or they will govern it accidentally, after an outage, after an audit surprise, or after an incident forces the issue.

AI agents may be building databases. The organizations that win will be the ones that can still answer the questions that matter when the stakes are high, and answer them without scrambling: what changed, who approved it, did it violate policy, can we reverse it safely, and can we prove it later.

Ryan McCurdy is VP of Marketing at Liquibase

Related Links

Hot Topics

The Latest

Closing the Gap in Modern Tech and the Tools Meant to Monitor Them

Like most digital transformation shifts, organizations often prioritize productivity and leave security and observability to keep pace. This usually translates to both the mass implementation of new technology and fragmented monitoring and observability (M&O) tooling. In the era of AI and varied cloud architecture, a disparate observability function can be dangerous. IT teams will lack a complete picture of their IT environment, making it harder to diagnose issues while slowing down mean time to resolve (MTTR). In fact, according to recent data from the SolarWinds State of Monitoring & Observability Report, 77% of IT personnel said the lack of visibility across their on-prem and cloud architecture was an issue ...

MEAN TIME TO INSIGHT Podcast - Episode 23: NetOps Labor Shortage

In MEAN TIME TO INSIGHT Episode 23, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses the NetOps labor shortage ... 

Why FinOps Rewrote Its Mission and What It Signals for Technology Management

Technology management is evolving, and in turn, so is the scope of FinOps. The FinOps Foundation recently updated their mission statement from "advancing the people who manage the value of cloud" to "advancing the people who manage the value of technology." This seemingly small change solidifies a larger evolution: FinOps practitioners have organically expanded to be focused on more than just cloud cost optimization. Today, FinOps teams are largely — and quickly — expanding their job descriptions, evolving into a critical function for managing the full value of technology ...

Clearing the Path to AI: Why Vendor Consolidation Matters Now

Enterprises are under pressure to scale AI quickly. Yet despite considerable investment, adoption continues to stall. One of the most overlooked reasons is vendor sprawl ... In reality, no organization deliberately sets out to create sprawling vendor ecosystems. More often, complexity accumulates over time through well-intentioned initiatives, such as enterprise-wide digital transformation efforts, point solutions, or decentralized sourcing strategies ...

Cold Data, Hot Problem: Why AI Is Rewriting Enterprise Storage Strategy

Nearly every conversation about AI eventually circles back to compute. GPUs dominate the headlines while cloud platforms compete for workloads and model benchmarks drive investment decisions. But underneath that noise, a quieter infrastructure challenge is taking shape. The real bottleneck in enterprise AI is not processing power, it is the ability to store, manage and retrieve the relentless volumes of data that AI systems generate, consume and multiply ...

Observability at a Crossroads: AI, Economics, Complexity and the Enduring Power of Open Source

The 2026 Observability Survey from Grafana Labs paints a vivid picture of an industry maturing fast, where AI is welcomed with careful conditions, SaaS economics are reshaping spending decisions, complexity remains a defining challenge, and open standards continue to underpin it all ...

Explainability Is the New Battleground in AI-Powered Observability

The observability industry has an evolving relationship with AI. We're not skeptics, but it's clear that trust in AI must be earned ... In Grafana Labs' annual Observability Survey, 92% said they see real value in AI surfacing anomalies before they cause downtime. Another 91% endorsed AI for forecasting and root cause analysis. So while the demand is there, customers need it to be trustworthy, as the survey also found that the practitioners most enthusiastic about AI are also the most insistent on explainability ...

Empowering the Human Side of the Autonomous IT Age

In the modern enterprise, the conversation around AI has moved past skepticism toward a stage of active adoption. According to our 2026 State of IT Trends Report: The Human Side of Autonomous AI, nearly 90% of IT professionals view AI as a net positive, and this optimism is well-founded. We are seeing agentic AI move beyond simple automation to actively streamlining complex data insights and eliminating the manual toil that has long hindered innovation. However, as we integrate these autonomous agents into our ecosystems, the fundamental DNA of the IT role is evolving ...

AI Scale Is Outpacing Infrastructure - and IT Leaders Are Running Out of Time

AI workloads require an enormous amount of computing power ... What's also becoming abundantly clear is just how quickly AI's computing needs are leading to enterprise systems failure. According to Cockroach Labs' State of AI Infrastructure 2026 report, enterprise systems are much closer to failure than their organizations realize. The report ... suggests AI scale could cause widespread failures in as little as one year — making it a clear risk for business performance and reliability.

No Escalations ≠ No Work: Why Visibility in DevOps Matters More Now That AI Is Accelerating Everything

The quietest week your engineering team has ever had might also be its best. No alarms going off. No escalations. No frantic Teams or Slack threads at 2 a.m. Everything humming along exactly as it should. And somewhere in a leadership meeting, someone looks at the metrics dashboard, sees a flat line of incidents and says: "Seems like things are pretty calm over there. Do we really need all those people?" ... I've spent many years in engineering, and this pattern keeps repeating ...

AI Agents Are Building Databases. Who's Governing the Changes?

Ryan McCurdy
Liquibase

AI agents are starting to do something that used to be slow by design. They are creating databases, spinning up branches, and iterating on the data layer as part of the build loop. You can argue about the exact percentages in any one report, but the direction is unmistakable. The database is moving from foundational infrastructure to active surface area for modern applications, and that shift is going to collide with how most enterprises still control change.

Databricks captured the idea in plain terms when it described the database as the system of record for AI applications and the persistent memory and coordination layer for multi agent systems. Databricks also says its usage data shows AI agents are now responsible for the bulk of database creation and nearly all dev and test branching activity in its ecosystem. The exact percentages matter less than the direction: database creation and change are becoming automated and high velocity.

If that framing is even partially right, it has an immediate consequence for enterprise leaders. Database change is part of the trust chain. It is no longer a back office engineering concern. It becomes a business risk and a business enabler, because you cannot claim reliability, compliance, or security if you cannot explain and control what is changing underneath your applications.

For decades, most enterprises treated database change as scarce, controlled, and human paced. Provisioning took time. Test environments were expensive to copy. Production changes were gated because the downside was immediate and public. Even as software delivery modernized, database change often remained governed by tickets, meetings, change windows, and a small set of humans acting as the control point. The model was never elegant, but it held together because change volume was limited and the rate of change was predictable.

Agentic workflows break that assumption.

Agents do not work like a developer making one careful change and moving on. They branch, try multiple hypotheses in parallel, discard most of them, and repeat until something works. As the cost of creating environments drops, the number of branches rises, and the number of change events rises faster.

When provisioning time compresses, you do not just make teams faster. You multiply the amount of change your organization must safely control across teams, business units, and production systems.

The intuitive response is familiar: review more. Add gates. Add process. Add people. That instinct is comforting, and it fails in predictable ways:

  • It slows delivery until teams route around it.
  • It still misses risk because manual review cannot scale to machine-speed change volume.
  • It turns governance into sampling instead of control.

Enterprises can operate on sampling for a while, right up until an incident or an audit forces a simpler question: can you prove what changed, who approved it, and why it was safe?

Cloudflare's November 2025 outage postmortem offered a reminder of how quickly a small change can become a global headline. In that incident, the trigger was a change to a database system's permissions that produced unexpected output and cascaded through dependent systems. The lesson was not that Cloudflare was careless. The lesson was that in modern infrastructure, small changes can propagate quickly, and the difference between a contained issue and a major incident often comes down to the quality of change control, visibility, and recovery.

Now layer on an operating reality where agents dramatically increase the number of database changes occurring across branches, environments, and pipelines. The blast radius does not just grow. The odds go up.

When change volume spikes, the failure modes are not mysterious. They follow a pattern that platform leaders, security teams, and auditors recognize immediately.

Drift becomes normal

The real state of production diverges from the approved state because changes happen outside the workflow. Sometimes it is an emergency fix. Sometimes it is a console tweak. Sometimes it is an admin script that was temporary until it wasn't. In a world of constant branching and promotion, drift is easier to create and harder to detect, and the longer it persists the more it erodes confidence in what is shipping.

Explainability collapses

When something breaks, the first question is usually the simplest: what changed. Many organizations still answer that by stitching together Git commits, ticket trails, chat logs, and partial database history. As change events multiply, gaps in evidence stop being rare and start being routine. That is when leaders realize they do not have an observability problem. They have an accountability problem.

Rollback becomes dangerous

Teams discover, often in the middle of an incident, that they cannot reverse a harmful change cleanly without reversing too much. Recovery turns into a blunt instrument, and blunt instruments create large blast radii. The faster you change, the more you need precise rollback discipline, not heroic improvisation.

From Faster Databases to a Modern Model for Change

This is the point where the conversation needs to move from faster databases to a modern operating model for database change. If environments can be created on demand, the bottleneck shifts from provisioning to control.

That control cannot live in meetings and ticket queues. It has to live in the delivery path, as automation, as policy, and as evidence.

That is what database change governance is, and why it is becoming a requirement rather than a nice to have. It means:

  • Enforcing policy before production, not after an incident.
  • Generating audit-ready evidence by default, for every change.
  • Detecting drift and reconciling it continuously, not annually.
  • Supporting rollback that is traceable and scoped, not all-or-nothing.

Those are not abstract ideals. They are the mechanisms that let organizations keep moving when the pace of change accelerates, without turning reliability and compliance into a tax paid after the fact.

Speed is not the enemy here. Speed is the prize. But speed changes the risk equation, and enterprises that ignore that will learn the lesson the hard way.

We've seen opensource communities help engineering teams move faster by bringing database change into a modern delivery motion. That speed is valuable. But speed also changes the risk equation. When you can deliver more changes more frequently, you also create more opportunities for drift, outages, and missing evidence if those changes are not governed.

Ultimately, many organizations and application dev CI/CD teams graduate from "we can ship faster" to "we can ship faster, safely, and prove it." The value is not speed alone. The value is speed with guardrails, traceability, and accountability.

The deeper point is bigger than any one vendor or platform. As agents take on more of the work of building and operating systems, enterprises will not have the option to treat database change as a low level implementation detail. They will either govern change intentionally, or they will govern it accidentally, after an outage, after an audit surprise, or after an incident forces the issue.

AI agents may be building databases. The organizations that win will be the ones that can still answer the questions that matter when the stakes are high, and answer them without scrambling: what changed, who approved it, did it violate policy, can we reverse it safely, and can we prove it later.

Ryan McCurdy is VP of Marketing at Liquibase

Related Links

Hot Topics

The Latest

Closing the Gap in Modern Tech and the Tools Meant to Monitor Them

Like most digital transformation shifts, organizations often prioritize productivity and leave security and observability to keep pace. This usually translates to both the mass implementation of new technology and fragmented monitoring and observability (M&O) tooling. In the era of AI and varied cloud architecture, a disparate observability function can be dangerous. IT teams will lack a complete picture of their IT environment, making it harder to diagnose issues while slowing down mean time to resolve (MTTR). In fact, according to recent data from the SolarWinds State of Monitoring & Observability Report, 77% of IT personnel said the lack of visibility across their on-prem and cloud architecture was an issue ...

MEAN TIME TO INSIGHT Podcast - Episode 23: NetOps Labor Shortage

In MEAN TIME TO INSIGHT Episode 23, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses the NetOps labor shortage ... 

Why FinOps Rewrote Its Mission and What It Signals for Technology Management

Technology management is evolving, and in turn, so is the scope of FinOps. The FinOps Foundation recently updated their mission statement from "advancing the people who manage the value of cloud" to "advancing the people who manage the value of technology." This seemingly small change solidifies a larger evolution: FinOps practitioners have organically expanded to be focused on more than just cloud cost optimization. Today, FinOps teams are largely — and quickly — expanding their job descriptions, evolving into a critical function for managing the full value of technology ...

Clearing the Path to AI: Why Vendor Consolidation Matters Now

Enterprises are under pressure to scale AI quickly. Yet despite considerable investment, adoption continues to stall. One of the most overlooked reasons is vendor sprawl ... In reality, no organization deliberately sets out to create sprawling vendor ecosystems. More often, complexity accumulates over time through well-intentioned initiatives, such as enterprise-wide digital transformation efforts, point solutions, or decentralized sourcing strategies ...

Cold Data, Hot Problem: Why AI Is Rewriting Enterprise Storage Strategy

Nearly every conversation about AI eventually circles back to compute. GPUs dominate the headlines while cloud platforms compete for workloads and model benchmarks drive investment decisions. But underneath that noise, a quieter infrastructure challenge is taking shape. The real bottleneck in enterprise AI is not processing power, it is the ability to store, manage and retrieve the relentless volumes of data that AI systems generate, consume and multiply ...

Observability at a Crossroads: AI, Economics, Complexity and the Enduring Power of Open Source

The 2026 Observability Survey from Grafana Labs paints a vivid picture of an industry maturing fast, where AI is welcomed with careful conditions, SaaS economics are reshaping spending decisions, complexity remains a defining challenge, and open standards continue to underpin it all ...

Explainability Is the New Battleground in AI-Powered Observability

The observability industry has an evolving relationship with AI. We're not skeptics, but it's clear that trust in AI must be earned ... In Grafana Labs' annual Observability Survey, 92% said they see real value in AI surfacing anomalies before they cause downtime. Another 91% endorsed AI for forecasting and root cause analysis. So while the demand is there, customers need it to be trustworthy, as the survey also found that the practitioners most enthusiastic about AI are also the most insistent on explainability ...

Empowering the Human Side of the Autonomous IT Age

In the modern enterprise, the conversation around AI has moved past skepticism toward a stage of active adoption. According to our 2026 State of IT Trends Report: The Human Side of Autonomous AI, nearly 90% of IT professionals view AI as a net positive, and this optimism is well-founded. We are seeing agentic AI move beyond simple automation to actively streamlining complex data insights and eliminating the manual toil that has long hindered innovation. However, as we integrate these autonomous agents into our ecosystems, the fundamental DNA of the IT role is evolving ...

AI Scale Is Outpacing Infrastructure - and IT Leaders Are Running Out of Time

AI workloads require an enormous amount of computing power ... What's also becoming abundantly clear is just how quickly AI's computing needs are leading to enterprise systems failure. According to Cockroach Labs' State of AI Infrastructure 2026 report, enterprise systems are much closer to failure than their organizations realize. The report ... suggests AI scale could cause widespread failures in as little as one year — making it a clear risk for business performance and reliability.

No Escalations ≠ No Work: Why Visibility in DevOps Matters More Now That AI Is Accelerating Everything

The quietest week your engineering team has ever had might also be its best. No alarms going off. No escalations. No frantic Teams or Slack threads at 2 a.m. Everything humming along exactly as it should. And somewhere in a leadership meeting, someone looks at the metrics dashboard, sees a flat line of incidents and says: "Seems like things are pretty calm over there. Do we really need all those people?" ... I've spent many years in engineering, and this pattern keeps repeating ...