2025 was a year of recalibration. After several cycles of macro uncertainty, tariffs, geopolitics, inflation, and shifting technology bets, many organizations entered the year cautiously, expecting volatility to force hard resets. That reset never fully arrived. The U.S. economy remained resilient, capital continued to flow, and while risks persist, the fundamentals held. What changed wasn’t the trajectory of the economy, but the tolerance for complexity, inefficiency, and unproven assumptions.
Within our industry, that recalibration translated into clarity. Trends that had been debated for years stopped being theoretical and became operational realities. Monolithic platforms didn’t meaningfully adapt, and composable architectures moved from “emerging” to essential. Governance, security, and scale, especially in regulated environments, were no longer differentiators, but prerequisites. The conversation shifted away from what could work to what actually does at enterprise scale.
Industry Shifts: Less Debate, More Consequence
In our core regulated-industry ICP, governance capabilities became table stakes, particularly in large enterprises. This reality has had a sobering effect on AI adoption. While interest remains high, real-world implementation continues to lag. AI governance - permissions, auditability, compliance - remains largely unsolved, even as vendors race to demo conversational interfaces. The gap between demonstration and deployment is still significant.
At the same time, much of the industry followed our lead in announcing visual editing for headless CMS at enterprise scale. In practice, most of these offerings remain incomplete or narrowly scoped. Meanwhile, open source is experiencing renewed momentum - not driven by cost pressure, but by capability, flexibility, and transparency. We also saw DXP vendors increasingly acquire CDPs, acknowledging what many customers already knew: siloed platforms inevitably produce siloed experiences.
dotCMS: Focused Execution at Increasing Scale
At dotCMS, 2025 was defined by continued execution against a clear vision: to be the CMS platform of choice for large enterprises operating multiple sites in governance- and compliance-driven environments.
We made substantial progress building a differentiated, modern platform, with significant advances in AI capabilities, developer tooling, and operational resilience. We also invested heavily in improving hosting efficiency and customer experience across upgrades and deployments.
Those efforts translated into tangible results. We secured two of the largest contracts in our 20+ year history - one with a government entity supporting several hundred sites, and another with a global financial institution operating at significant scale. Existing customers continued to expand their use cases, building thousands of localized experiences with centralized governance and control. In an increasingly AI-driven landscape, this architectural approach is proving to be a meaningful advantage.
Our position was further validated by IDC, which named dotCMS a Major Player in its latest MarketScape for Worldwide AI-enabled Headless CMS. IDC cited dotCMS as particularly well suited for enterprises with complex, multilingual, or multi-brand requirements, and for organizations modernizing traditional environments while incrementally adopting headless and composable strategies - with strong support for security, governance, and regional delivery.
Product Innovation Highlights
AI remains an important focus area for us, but one approached pragmatically. Building on the foundation laid last year, we expanded dotAI with capabilities designed to integrate into real enterprise workflows rather than exist as standalone features.
We introduced APIs for semantic search and content generation, enabling technical teams to embed AI-powered functionality directly into headless applications using dotAI APIs and OpenAI under the hood. For non-technical users, we launched no-code AI-powered site search, allowing teams to configure indexes, ranking fields, and relevance models directly within dotCMS.
We also launched our Model Context Protocol (MCP) Server, making dotCMS the first enterprise CMS to safely expose multi-site, multi-tenant content and workflows to AI assistants with granular permissions and audit trails, addressing governance concerns that remain a barrier to meaningful AI adoption.
Beyond AI, we continued to invest heavily in developer experience:
Released a stable JavaScript SDK supporting React, Next.js, Angular, Astro, and , enabling editable headless sites with inline UVE support and simpler integrations.
Introduced a new PHP SDK with framework-specific guides for Laravel, Symfony, Twig, and pure PHP rendering, making it easier to build headless and hybrid experiences.
Shipped dotCLI to support automation, configuration sync, and CI/CD integration
Published Helm and GitOps deployment guides that show how to deploy dotCMS on Kubernetes with Helm and manage environments using GitOps patterns via ArgoCD
Expanded best-practice documentation for Amplify hosting, .NET integration, and Next.js content API integration round out the headless toolbelt
Our developer site was refreshed to reflect these investments, with improved navigation, search, and comprehensive how-to guides.
Reliability, Security, and Operational Efficiency
In 2025, we significantly reduced operational friction for our customers.
We introduced Evergreen deployments, replacing traditional long-term support upgrade cycles. Evergreen delivers bi-weekly updates, improved security, and continuous access to new features without the disruption of large, infrequent upgrades. Customers benefit from better ROI, lower risk, and a more predictable operating model.
To further strengthen reliability, we launched multi-region hosting for dotCMS Cloud. This deployment model provides zero-downtime failover, global load balancing, and automatic content synchronization across AWS regions - an increasingly necessary capability given recent large-scale internet outages.
Performance improvements were also substantial. Page cache throughput increased significantly, push publishing now processes approximately 1,000 contentlets in under five minutes, and new version comparison and history tools make content auditing safer and more transparent.
Security remained a priority throughout the year. We renewed and expanded our SOC 2, ISO 27001, and TX-RAMP certifications, implemented automated SBOM generation and security testing for every release, strengthened access controls, and refreshed our Trust Center and CAIQ documentation.
Staying true to our open source roots, we also transitioned to the Business Source License (BSL), making dotCMS source-available and opening advanced features - including the Universal Visual Editor - for free non-production use and for organizations under $5M in total finances.
Customers and Community
We released 12 new episodes of our Real Talk Real Trust podcast, featuring conversations with leaders focused on building trust in regulated and complex environments. We also launched the new dotCMS Community on Discourse, providing a shared space for users, partners, and our team to collaborate and exchange best practices.
Customer success remains our most important measure. This year, partners like Solvisse helped organizations transform more than 3,000 branded sites from a centralized platform. A global financial institution achieved up to 10x performance improvements while modernizing legacy infrastructure. Southern Phone, an Australian telecom provider, transitioned to a headless architecture with improved stability, speed, and compliance.
Looking Ahead
In the coming year, our focus remains on control, visibility, and operational leverage. Planned initiatives include:
Controlled dotCMS update windows
Expansion into a new US-West hosting region
Improved usage metrics and platform analytics
Hosting headless codebases directly within dotCMS
Expanded dotAI vendor support and BYOK options
New analytics and intelligence capabilities
A redesigned content editing experience
UVE Style Editor enhancements
Agentic operations for more autonomous workflows
In Conclusion
As the year comes to a close, I’m proud of the progress we’ve made and the consistency of our execution. Our vision - to support large enterprises building complex, global digital experiences with centralized governance - continues to guide our decisions and investments.
The successes of 2025 reinforce the direction we’ve taken: prioritizing architecture, governance, and long-term adaptability over short-term trends. I want to thank the entire dotCMS team for their dedication, our partners for their collaboration, and our customers for their continued trust. We look forward to building on this momentum in the year ahead.
Zain Ishaq
CEO, dotCMS