@MrDecentralize
Trust Models Work in Theory. Break at Scale. I Map Why. | AI, Crypto & Global Finance | CyberSecurity & Innovation Officer
No relay list published yet.
Recent Notes
๐๐ผ๐ผ๐ด๐น๐ฒ ๐๐๐ถ๐น๐ ๐๐ต๐ฒ $๐ฎ๐ฐ๐ด ๐๐ถ๐น๐น๐ถ๐ผ๐ป ๐๐๐๐ฒ๐ป๐๐ถ๐ผ๐ป ๐ ๐ฎ๐ฐ๐ต๐ถ๐ป๐ฒ. ๐ง๐ต๐ฒ๐ป ๐๐๐ถ๐น๐ ๐๐ต๐ฒ ๐๐ด๐ฒ๐ป๐ ๐ง๐ต๐ฎ๐ ๐๐ถ๐น๐น๐ ๐๐.
For 27 years, the internet worked the same way. You had a question. You went to Google. You saw ads next to the answers. If an ad looked relevant, you clicked. The brand paid Google. Repeat, 8 billion times a day.
It was the most durable business model the internet had ever produced. In Q4 of 2025, Google Search alone generated $63 billion in a single quarter. For the full year, Alphabet crossed $248 billion in advertising revenue. The whole machine ran on one thing: humans navigating. Humans choosing. Humans clicking.
Every SEO agency, every performance marketing team, every brand that built its entire discovery strategy on paid search was betting that this would continue.
At Google I/O on May 19, 2026, Sundar Pichai introduced Gemini Spark.
"It's your personal AI agent that helps you navigate your digital life," Pichai said. "It runs on dedicated virtual machines on Google Cloud seamlessly, you don't need to keep your laptop open to make sure it's running."
A 24/7 personal agent. Reads your Gmail. Pulls from your Docs, Sheets, Slides. Accesses the web through Chrome. Operates while you sleep.
Navigate your digital life. Not help you navigate. Navigate for you.
The qualifying clause was quiet. Gemini Spark is available to Google AI Ultra subscribers. $100 per month. Beta only. Rolling to a small slice of Google's user base, while 5 billion people still use search the old way.
That qualifier does a lot of work. It means Google knows exactly what this product does to its core business model. It means this version is not for everyone yet. But it also means Google built it anyway.
Work backward. If Gemini Spark is rational, one premise had to be false: that Google search advertising would remain structurally intact in the agentic era. Google spent three years studying what happened when users stopped navigating and started delegating. And then they shipped the product that accelerates exactly that.
The agentic web has no click. The agent reads, decides, acts. The impression never registers. The conversion never happens. The $63 billion quarterly machine was built on a human in the loop. Spark removes the human from the loop.
The companies that got hurt the most this week are not on the front page.
The performance marketing agencies. The SEO firms. The brands spending $100,000 a month in Google Ads because that is the only reliable way to reach intent-driven customers. They watched Google announce a product that, at scale, makes their entire thesis obsolete.
Not a competitor. Not a disruptor from the outside. The same company that cashes their checks each month.
Google built the machine that monetizes human attention. Then shipped the product that outsources human attention to a machine.
For 27 years, the internet worked the same way. You had a question. You went to Google. You saw ads next to the answers. If an ad looked relevant, you clicked. The brand paid Google. Repeat, 8 billion times a day.
It was the most durable business model the internet had ever produced. In Q4 of 2025, Google Search alone generated $63 billion in a single quarter. For the full year, Alphabet crossed $248 billion in advertising revenue. The whole machine ran on one thing: humans navigating. Humans choosing. Humans clicking.
Every SEO agency, every performance marketing team, every brand that built its entire discovery strategy on paid search was betting that this would continue.
At Google I/O on May 19, 2026, Sundar Pichai introduced Gemini Spark.
"It's your personal AI agent that helps you navigate your digital life," Pichai said. "It runs on dedicated virtual machines on Google Cloud seamlessly, you don't need to keep your laptop open to make sure it's running."
A 24/7 personal agent. Reads your Gmail. Pulls from your Docs, Sheets, Slides. Accesses the web through Chrome. Operates while you sleep.
Navigate your digital life. Not help you navigate. Navigate for you.
The qualifying clause was quiet. Gemini Spark is available to Google AI Ultra subscribers. $100 per month. Beta only. Rolling to a small slice of Google's user base, while 5 billion people still use search the old way.
That qualifier does a lot of work. It means Google knows exactly what this product does to its core business model. It means this version is not for everyone yet. But it also means Google built it anyway.
Work backward. If Gemini Spark is rational, one premise had to be false: that Google search advertising would remain structurally intact in the agentic era. Google spent three years studying what happened when users stopped navigating and started delegating. And then they shipped the product that accelerates exactly that.
The agentic web has no click. The agent reads, decides, acts. The impression never registers. The conversion never happens. The $63 billion quarterly machine was built on a human in the loop. Spark removes the human from the loop.
The companies that got hurt the most this week are not on the front page.
The performance marketing agencies. The SEO firms. The brands spending $100,000 a month in Google Ads because that is the only reliable way to reach intent-driven customers. They watched Google announce a product that, at scale, makes their entire thesis obsolete.
Not a competitor. Not a disruptor from the outside. The same company that cashes their checks each month.
Google built the machine that monetizes human attention. Then shipped the product that outsources human attention to a machine.
1
For twenty-five years, the most important strategic principle in Silicon Valley was Google's.
Give it away free. Make it indispensable. Sell the attention.
Search was free. Gmail was free. Maps was free. Chrome was free. Every product Google touched became the default because defaults were free. The model was so dominant it did not just beat subscription software. It taught an entire generation of builders that the path to distribution was giving things away until they became infrastructure.
At Google I/O 2026, the company announced its most significant product in a decade: AI agents that operate in the background 24 hours a day, monitoring what matters, surfacing what you need, replacing the act of searching entirely. Information agents. Gemini Spark. Daily Brief. A full ecosystem of tools designed to watch the web so users don't have to.
Then Google named the price.
"Google Pro and Ultra subscribers in the U.S. will get to use Information agents starting this summer," the company announced, "and Spark will be available to Ultra subscribers 'soon.'" Free users will get access "when the time is right." No date given.
Ultra is $100 a month.
The qualifying clause is two sentences. Both are a confession.
The first sentence says: the product that replaces search is not free. The second says: we do not know when or whether it will be.
Here is what those two sentences require to be true. Google does not believe it can build a sustainable business by giving the agent layer away for free and monetizing the attention on the other end. The ad model that funded everything else cannot fund this. The background agent is not a page. There is no search result to place an ad next to. There is no click. There is no impression. There is no inventory.
Google built the largest advertising business in history on human attention navigating to destinations. It just shipped the product that removes humans from the navigation. And it cannot make that product free because free requires ads and ads require humans to see them.
The company that proved free beats paid just told you the next thing cannot be free.
2.5 billion people use Google Search at no cost. They will not get the version that works without the keyboard.
That version costs $1,200 a year.
https://techcrunch.com/2026/05/21/google-is-pitching-an-ai-agent-ecosystem-to-consumers-who-may-not-buy-it/
Give it away free. Make it indispensable. Sell the attention.
Search was free. Gmail was free. Maps was free. Chrome was free. Every product Google touched became the default because defaults were free. The model was so dominant it did not just beat subscription software. It taught an entire generation of builders that the path to distribution was giving things away until they became infrastructure.
At Google I/O 2026, the company announced its most significant product in a decade: AI agents that operate in the background 24 hours a day, monitoring what matters, surfacing what you need, replacing the act of searching entirely. Information agents. Gemini Spark. Daily Brief. A full ecosystem of tools designed to watch the web so users don't have to.
Then Google named the price.
"Google Pro and Ultra subscribers in the U.S. will get to use Information agents starting this summer," the company announced, "and Spark will be available to Ultra subscribers 'soon.'" Free users will get access "when the time is right." No date given.
Ultra is $100 a month.
The qualifying clause is two sentences. Both are a confession.
The first sentence says: the product that replaces search is not free. The second says: we do not know when or whether it will be.
Here is what those two sentences require to be true. Google does not believe it can build a sustainable business by giving the agent layer away for free and monetizing the attention on the other end. The ad model that funded everything else cannot fund this. The background agent is not a page. There is no search result to place an ad next to. There is no click. There is no impression. There is no inventory.
Google built the largest advertising business in history on human attention navigating to destinations. It just shipped the product that removes humans from the navigation. And it cannot make that product free because free requires ads and ads require humans to see them.
The company that proved free beats paid just told you the next thing cannot be free.
2.5 billion people use Google Search at no cost. They will not get the version that works without the keyboard.
That version costs $1,200 a year.
https://techcrunch.com/2026/05/21/google-is-pitching-an-ai-agent-ecosystem-to-consumers-who-may-not-buy-it/
For twenty years, the path into tech looked like this.
Study computer science. Graduate. Get into a startup. Maybe not Google or Meta. That was the dream, not the plan. But a startup that raised a seed round, had a real product, needed engineers. That was the floor. The thing that caught you.
Y Combinator built that floor. Stripe, Airbnb, Dropbox all came through YC. Every batch funded created companies that hired. The engine was simple: give brilliant founders money, they build products, they hire engineers, engineers build careers, repeat.
Between 2023 and 2025, overall programmer employment fell 27.5 percent. Entry-level tech jobs at the largest companies dropped 50 percent from their peak. New computer science graduates are sitting at a 6.1 percent unemployment rate.
Everyone assumed the startups were still hiring. The startups were the floor.
In March 2025, YC managing partner Jared Friedman said something that explained the floor.
A quarter of the current batch have codebases that are 95% written by AI. Then he said the part that landed differently than any layoff headline: "Every one of these people is highly technical, completely capable of building their own products from scratch. A year ago, they would have built their product from scratch. But now 95% of it is built by an AI."
These founders did not use AI because they could not code. They used it because coding yourself is now the slower option.
The same batch is the fastest-growing in YC's 20-year history. Companies reaching $10 million in revenue with teams under 10 people. Ten percent week-on-week growth across the entire cohort. The engine still works. It just no longer needs the engineers.
The floor was not removed. It was automated. And the companies that automated it are the most profitable batch YC has ever funded.
Study computer science. Graduate. Get into a startup. Maybe not Google or Meta. That was the dream, not the plan. But a startup that raised a seed round, had a real product, needed engineers. That was the floor. The thing that caught you.
Y Combinator built that floor. Stripe, Airbnb, Dropbox all came through YC. Every batch funded created companies that hired. The engine was simple: give brilliant founders money, they build products, they hire engineers, engineers build careers, repeat.
Between 2023 and 2025, overall programmer employment fell 27.5 percent. Entry-level tech jobs at the largest companies dropped 50 percent from their peak. New computer science graduates are sitting at a 6.1 percent unemployment rate.
Everyone assumed the startups were still hiring. The startups were the floor.
In March 2025, YC managing partner Jared Friedman said something that explained the floor.
A quarter of the current batch have codebases that are 95% written by AI. Then he said the part that landed differently than any layoff headline: "Every one of these people is highly technical, completely capable of building their own products from scratch. A year ago, they would have built their product from scratch. But now 95% of it is built by an AI."
These founders did not use AI because they could not code. They used it because coding yourself is now the slower option.
The same batch is the fastest-growing in YC's 20-year history. Companies reaching $10 million in revenue with teams under 10 people. Ten percent week-on-week growth across the entire cohort. The engine still works. It just no longer needs the engineers.
The floor was not removed. It was automated. And the companies that automated it are the most profitable batch YC has ever funded.
For three years, every #AI lab told developers the same thing.
The model is the product. Build around it. The orchestration, the memory, the sandboxing, the tool routing. That is your problem. Not ours.
LangChain raised money on that premise. CrewAI raised money on that premise. A dozen orchestration startups raised money on that premise. The model companies would build the intelligence. The ecosystem would build the plumbing.
April 8, 2026. Anthropic launched Managed Agents. Developers define the agent. Anthropic runs the execution environment: sessions, sandboxing, permissions, tracing. The price: eight cents per session hour. Billed separately from the model.
Seven days later, OpenAI shipped its own harness. Open source. Free. "Standard API pricing based on tokens and tool use, with no separate first-party runtime fee."
One week. Both labs. Both shipping the plumbing they said was your problem.
Read the Anthropic launch carefully. Buried inside: "Multi-agent orchestration and long-term memory gated behind research preview access." The hardest things enterprise buyers actually need are not in the product yet. Anthropic is charging eight cents per hour for a harness that is not complete. That sentence exists because the gap between agent demo and agent production is still wide enough to build a business on closing it. The model was not the blocker. The plumbing was.
OpenAI read the same gap and made the opposite call. Give the harness away. Free. Seven sandbox providers on day one. The bet: a free model-native harness drives more model consumption than a paid runtime ever could. Lock the developer to the orchestration layer and you lock them to the model.
Two rational bets. One confession they both share.
The model alone stopped closing the enterprise sale.
The orchestration startups sitting on their neutral harness pitch decks are not competing against a better product. They are competing against free. From the vendor whose model they are already running. That is a different category of threat.
For three years the labs said the model was the product.
Last week they both shipped what goes around it.
The model is the product. Build around it. The orchestration, the memory, the sandboxing, the tool routing. That is your problem. Not ours.
LangChain raised money on that premise. CrewAI raised money on that premise. A dozen orchestration startups raised money on that premise. The model companies would build the intelligence. The ecosystem would build the plumbing.
April 8, 2026. Anthropic launched Managed Agents. Developers define the agent. Anthropic runs the execution environment: sessions, sandboxing, permissions, tracing. The price: eight cents per session hour. Billed separately from the model.
Seven days later, OpenAI shipped its own harness. Open source. Free. "Standard API pricing based on tokens and tool use, with no separate first-party runtime fee."
One week. Both labs. Both shipping the plumbing they said was your problem.
Read the Anthropic launch carefully. Buried inside: "Multi-agent orchestration and long-term memory gated behind research preview access." The hardest things enterprise buyers actually need are not in the product yet. Anthropic is charging eight cents per hour for a harness that is not complete. That sentence exists because the gap between agent demo and agent production is still wide enough to build a business on closing it. The model was not the blocker. The plumbing was.
OpenAI read the same gap and made the opposite call. Give the harness away. Free. Seven sandbox providers on day one. The bet: a free model-native harness drives more model consumption than a paid runtime ever could. Lock the developer to the orchestration layer and you lock them to the model.
Two rational bets. One confession they both share.
The model alone stopped closing the enterprise sale.
The orchestration startups sitting on their neutral harness pitch decks are not competing against a better product. They are competing against free. From the vendor whose model they are already running. That is a different category of threat.
For three years the labs said the model was the product.
Last week they both shipped what goes around it.
Every enterprise security team knows the list.
The service account from a vendor that left two years ago. The admin credential tied to an employee who moved to a different division. The shared token that three teams use because revoking it would break something nobody has documented. The lateral path through the staging environment that connects to production because a developer needed it in 2019 and the ticket to close it never got prioritized.
None of this is secret. It is in the backlog. It has been in the backlog for years. The reason it stays there is the same reason a lot of technical debt stays there: nothing catastrophic has happened yet. Human attackers move slowly. Reconnaissance takes days. Lateral movement takes weeks. The security team catches it on the third hop or the fifth alert. The slowness of the attack is the margin of safety.
On April 21, 2026, the Cloud Security Alliance published survey results from 418 IT and security professionals across enterprise organizations.
Eighty-two percent of those organizations have AI agents running in their IT environments that their security teams did not know about.
Two in three have already experienced a security incident caused by those agents.
Read the second number slowly. Not two in three who deployed agents intentionally. Two in three of the organizations surveyed โ including the 82% who did not know the agents were there.
The agents did not wait for the IAM ticket to close. They found the service account. They found the lateral path. They found the orphaned credential. They moved at machine speed because that is what agents do.
CrowdStrike reports that 80% of all cyberattacks now use identity-based methods. The statistic existed before agents. What changed is who is traversing the paths. Security teams deployed #AI agents to outpace attackers on the same surface. The agents that are misconfigured or compromised use the same unlocked doors. The defenders and the attackers now share the same speed.
For 20 years the IAM backlog was survivable because slow humans on both sides created friction. The friction was the margin.
Agents removed the friction.
The unlocked doors were always there. Nobody moved fast enough to matter.
The service account from a vendor that left two years ago. The admin credential tied to an employee who moved to a different division. The shared token that three teams use because revoking it would break something nobody has documented. The lateral path through the staging environment that connects to production because a developer needed it in 2019 and the ticket to close it never got prioritized.
None of this is secret. It is in the backlog. It has been in the backlog for years. The reason it stays there is the same reason a lot of technical debt stays there: nothing catastrophic has happened yet. Human attackers move slowly. Reconnaissance takes days. Lateral movement takes weeks. The security team catches it on the third hop or the fifth alert. The slowness of the attack is the margin of safety.
On April 21, 2026, the Cloud Security Alliance published survey results from 418 IT and security professionals across enterprise organizations.
Eighty-two percent of those organizations have AI agents running in their IT environments that their security teams did not know about.
Two in three have already experienced a security incident caused by those agents.
Read the second number slowly. Not two in three who deployed agents intentionally. Two in three of the organizations surveyed โ including the 82% who did not know the agents were there.
The agents did not wait for the IAM ticket to close. They found the service account. They found the lateral path. They found the orphaned credential. They moved at machine speed because that is what agents do.
CrowdStrike reports that 80% of all cyberattacks now use identity-based methods. The statistic existed before agents. What changed is who is traversing the paths. Security teams deployed #AI agents to outpace attackers on the same surface. The agents that are misconfigured or compromised use the same unlocked doors. The defenders and the attackers now share the same speed.
For 20 years the IAM backlog was survivable because slow humans on both sides created friction. The friction was the margin.
Agents removed the friction.
The unlocked doors were always there. Nobody moved fast enough to matter.
In June 2023, Thomson Reuters CEO Steve Hasker announced a $650 million acquisition of Casetext, a legal AI startup with more than 10,000 law firm customers.
The strategic logic was airtight. Thomson Reuters owns Westlaw, the dominant legal research database. Casetext built CoCounsel, the most credible AI legal assistant on the market. Combine proprietary case law with the leading AI layer on top of it and the incumbents own the legal AI category. No upstart can license what Westlaw holds. The data moat and the AI layer together become a wall.
Hasker called it part of their "build, partner and buy" strategy. The goal: "revolutionizing the way professionals work."
Harvey #AI was founded in 2022 by two lawyers who had never built a software company. They had no case law database. They had no Westlaw license. They had no 150-year-old brand. They had GPT-4, a legal workflow understanding, and a thesis that the model was smarter than the data moat.
By May 2026, Harvey had reached an $11 billion valuation. Twenty-eight percent of the Am Law 100 are paying customers. The law firms that Westlaw built its business serving are now running Harvey alongside it.
Thomson Reuters bought Casetext to own the category. Harvey passed them without the asset Thomson Reuters paid $650 million to acquire.
The legal data moat did not prevent a challenger. It attracted one. Every law firm that knew Westlaw's pricing also knew what a better product at a different price point would be worth. Harvey found them.
Thomson Reuters spent $650 million to close the door. Harvey walked through the wall.
The strategic logic was airtight. Thomson Reuters owns Westlaw, the dominant legal research database. Casetext built CoCounsel, the most credible AI legal assistant on the market. Combine proprietary case law with the leading AI layer on top of it and the incumbents own the legal AI category. No upstart can license what Westlaw holds. The data moat and the AI layer together become a wall.
Hasker called it part of their "build, partner and buy" strategy. The goal: "revolutionizing the way professionals work."
Harvey #AI was founded in 2022 by two lawyers who had never built a software company. They had no case law database. They had no Westlaw license. They had no 150-year-old brand. They had GPT-4, a legal workflow understanding, and a thesis that the model was smarter than the data moat.
By May 2026, Harvey had reached an $11 billion valuation. Twenty-eight percent of the Am Law 100 are paying customers. The law firms that Westlaw built its business serving are now running Harvey alongside it.
Thomson Reuters bought Casetext to own the category. Harvey passed them without the asset Thomson Reuters paid $650 million to acquire.
The legal data moat did not prevent a challenger. It attracted one. Every law firm that knew Westlaw's pricing also knew what a better product at a different price point would be worth. Harvey found them.
Thomson Reuters spent $650 million to close the door. Harvey walked through the wall.
Workday built its empire on a simple premise. Enterprise HR data is too complex, too regulated, and too deeply embedded to move. The switching cost is measured in years, not months. Once a company standardizes on Workday, the contract renews because the alternative is worse.
That premise made Workday $9.55 billion in annual revenue. It made the per-seat HR license the most durable line item on an enterprise tech budget. The data gravity was the moat.
Parker Conrad knows this better than most people alive. In 2017, he was pushed out as CEO of Zenefits, the HR software company he founded, after a compliance crisis. He spent the next two years watching Workday consolidate the enterprise. Then he started Rippling.
The pitch was not "better HR software." The pitch was unified workforce management: HR, payroll, IT, and spend in one system, with every employee record as the anchor. The same data gravity Workday relied on, rebuilt from scratch with no legacy architecture underneath it.
In March 2026, Conrad posted: "Rippling AI was the most successful launch we've ever done. On the heels of this launch, Rippling's revenue is now growing 78% YoY at ARR over $1 billion. And this growth rate has now increased, every quarter, for three straight quarters."
Rippling's valuation: $16.8 billion. Workday's annual revenue: $9.55 billion. Rippling hit $1 billion ARR the same month Workday reported its full fiscal year.
The companies Workday is most worried about are not the ones trying to beat it on features. They are the ones that rebuilt the substrate. Rippling did not compete for Workday's buyers. It reached them before Workday's renewal cycle could close.
The moat that holds is the one nobody builds around.
Conrad did not just build around it. He timed the build for the moment when agents made the substrate matter more than the interface.
That premise made Workday $9.55 billion in annual revenue. It made the per-seat HR license the most durable line item on an enterprise tech budget. The data gravity was the moat.
Parker Conrad knows this better than most people alive. In 2017, he was pushed out as CEO of Zenefits, the HR software company he founded, after a compliance crisis. He spent the next two years watching Workday consolidate the enterprise. Then he started Rippling.
The pitch was not "better HR software." The pitch was unified workforce management: HR, payroll, IT, and spend in one system, with every employee record as the anchor. The same data gravity Workday relied on, rebuilt from scratch with no legacy architecture underneath it.
In March 2026, Conrad posted: "Rippling AI was the most successful launch we've ever done. On the heels of this launch, Rippling's revenue is now growing 78% YoY at ARR over $1 billion. And this growth rate has now increased, every quarter, for three straight quarters."
Rippling's valuation: $16.8 billion. Workday's annual revenue: $9.55 billion. Rippling hit $1 billion ARR the same month Workday reported its full fiscal year.
The companies Workday is most worried about are not the ones trying to beat it on features. They are the ones that rebuilt the substrate. Rippling did not compete for Workday's buyers. It reached them before Workday's renewal cycle could close.
The moat that holds is the one nobody builds around.
Conrad did not just build around it. He timed the build for the moment when agents made the substrate matter more than the interface.
In September 2023, CrowdStrike CEO George Kurtz stood on stage at Fal.Con and explained exactly what he was buying.
"The cloud is cybersecurity's new battleground," he said. The answer the industry had given so far was "disjointed point security tools or platforms with multiple consoles and agents." Bionic fixed that. For $350 million, CrowdStrike would own application security posture management. Complete code-to-runtime cloud security from one unified platform. The first company to close the gap.
The thesis was clean. CrowdStrike had the endpoint. Add application visibility and you own the stack. No upstart could build that from scratch fast enough to matter.
Three years later, Google paid $32 billion for Wiz.
Wiz was founded in 2020 by Assaf Rappaport and three colleagues who had all worked together building Microsoft Azure's internal security architecture. They knew the cloud stack from inside the machine. By the time Google closed the deal in March 2026, Wiz had passed $1 billion in ARR and was inside more than 50 percent of the Fortune 100.
The $350 million bet was supposed to close the category. It proved the category was worth $32 billion and that someone else was already winning it.
CrowdStrike's market cap is north of $90 billion. It has the resources to respond. After the Wiz deal closed, it acquired SGNL for $740 million and kept building. The platform thesis is intact. The runway is real.
But Kurtz described the exact gap in 2023. He named the battleground. He bought the company that was supposed to fill it. Then the team that built Microsoft's internal answer to the same problem reached $1 billion in revenue without a single CrowdStrike sensor.
The acquisition did not close the category. It announced it.
Every dollar CrowdStrike spent on Bionic is now a footnote in the Wiz deal memo.
"The cloud is cybersecurity's new battleground," he said. The answer the industry had given so far was "disjointed point security tools or platforms with multiple consoles and agents." Bionic fixed that. For $350 million, CrowdStrike would own application security posture management. Complete code-to-runtime cloud security from one unified platform. The first company to close the gap.
The thesis was clean. CrowdStrike had the endpoint. Add application visibility and you own the stack. No upstart could build that from scratch fast enough to matter.
Three years later, Google paid $32 billion for Wiz.
Wiz was founded in 2020 by Assaf Rappaport and three colleagues who had all worked together building Microsoft Azure's internal security architecture. They knew the cloud stack from inside the machine. By the time Google closed the deal in March 2026, Wiz had passed $1 billion in ARR and was inside more than 50 percent of the Fortune 100.
The $350 million bet was supposed to close the category. It proved the category was worth $32 billion and that someone else was already winning it.
CrowdStrike's market cap is north of $90 billion. It has the resources to respond. After the Wiz deal closed, it acquired SGNL for $740 million and kept building. The platform thesis is intact. The runway is real.
But Kurtz described the exact gap in 2023. He named the battleground. He bought the company that was supposed to fill it. Then the team that built Microsoft's internal answer to the same problem reached $1 billion in revenue without a single CrowdStrike sensor.
The acquisition did not close the category. It announced it.
Every dollar CrowdStrike spent on Bionic is now a footnote in the Wiz deal memo.
The institutional bet on enterprise AI was that the incumbents would absorb it. Salesforce had the customer data. ServiceNow had the workflow. Both spent 2024 and 2025 announcing agent products built on top of decades of seat licenses, telling Wall Street the moat held because the data could not be replatformed and the customer would not move.
The thesis required one premise. That an upstart could not reach the Fortune 50 fast enough to matter before the incumbents shipped their version.
On May 4, 2026, Sierra closed a $950 million Series E at a $15.8 billion post-money valuation. Tiger Global led. GV co-led. Benchmark, Sequoia, and Greenoaks rolled. The valuation was $10 billion six months earlier. ARR was $100 million in November. By early February it was $150 million.
Read the customer line. Sierra has more than 40 percent of the Fortune 50 already paying for AI customer service agents. The Fortune 50 is the durable Salesforce base. The buyer who is supposed to take the call from the incumbent rep about Agentforce. The buyer whose IT team has spent ten years standardizing on the per-seat license. That buyer signed Sierra.
The CEO is the detail. Bret Taylor was Salesforce's Co-CEO with Marc Benioff from 2021 to 2023. He sat next to the man who is now telling Wall Street that per-user pricing is the new AI norm. Taylor left, took Clay Bavor from Google, and built the company that proves Benioff is wrong on the use case Salesforce was supposed to own.
The Anthropic and OpenAI Wall Street joint ventures from the same week become the second story when read against this one. Both labs partnered with Goldman, Blackstone, and Hellman & Friedman to "embed engineers inside mid-sized companies." Sierra does not need them. Sierra is already inside the Fortune 50. The labs are buying distribution because they cannot reach the customer the way Sierra already has.
Look at who got hurt that nobody is writing about. Every enterprise software company whose roadmap assumed the data moat would protect the seat. Every CIO who told their CFO that Salesforce or ServiceNow would handle the agent transition. Every analyst at Gartner whose 2025 quadrant put the customer service #AI category inside the incumbents' magic ring. Sierra at $15.8 billion is the analyst report.
The man who used to run the moat just priced it.
The thesis required one premise. That an upstart could not reach the Fortune 50 fast enough to matter before the incumbents shipped their version.
On May 4, 2026, Sierra closed a $950 million Series E at a $15.8 billion post-money valuation. Tiger Global led. GV co-led. Benchmark, Sequoia, and Greenoaks rolled. The valuation was $10 billion six months earlier. ARR was $100 million in November. By early February it was $150 million.
Read the customer line. Sierra has more than 40 percent of the Fortune 50 already paying for AI customer service agents. The Fortune 50 is the durable Salesforce base. The buyer who is supposed to take the call from the incumbent rep about Agentforce. The buyer whose IT team has spent ten years standardizing on the per-seat license. That buyer signed Sierra.
The CEO is the detail. Bret Taylor was Salesforce's Co-CEO with Marc Benioff from 2021 to 2023. He sat next to the man who is now telling Wall Street that per-user pricing is the new AI norm. Taylor left, took Clay Bavor from Google, and built the company that proves Benioff is wrong on the use case Salesforce was supposed to own.
The Anthropic and OpenAI Wall Street joint ventures from the same week become the second story when read against this one. Both labs partnered with Goldman, Blackstone, and Hellman & Friedman to "embed engineers inside mid-sized companies." Sierra does not need them. Sierra is already inside the Fortune 50. The labs are buying distribution because they cannot reach the customer the way Sierra already has.
Look at who got hurt that nobody is writing about. Every enterprise software company whose roadmap assumed the data moat would protect the seat. Every CIO who told their CFO that Salesforce or ServiceNow would handle the agent transition. Every analyst at Gartner whose 2025 quadrant put the customer service #AI category inside the incumbents' magic ring. Sierra at $15.8 billion is the analyst report.
The man who used to run the moat just priced it.
โค๏ธ1
For two years the pitch from the frontier labs was the same. The model is the product. The API is the distribution. Enterprises should plug in directly, build their own agents, and skip the system integrators that priced #AI transformation at hundreds of millions per Fortune 500 client. Sam Altman said it. Dario Amodei said it. The decks said it. The whole point of the new compute layer was to disintermediate Accenture, Deloitte, IBM, and the rest of the consulting class.
On May 4, 2026, both labs launched joint ventures with Wall Street.
Anthropic stood up a $1.5 billion firm with Blackstone, Hellman & Friedman, and Goldman Sachs as founding partners. Each of the three put in $300 million. Apollo, General Atlantic, GIC, Leonard Green, and Sequoia came in behind. The same morning, Bloomberg reported OpenAI was raising $4 billion for a parallel venture called The Development Company, with TPG, Brookfield, Advent, and Bain.
Read the scope clause. The Anthropic JV will "embed engineers inside mid-sized companies to redesign workflows around agents." That sentence is the admission. The model alone does not redesign the workflow. The API alone does not close the sale. The labs need humans on the ground inside the customer, doing exactly the work the labs spent two years saying would be automated away.
The PE firms involved are not technology partners. Blackstone manages $1.1 trillion. Goldman is the longest-tenured Wall Street distribution channel for institutional product. Hellman & Friedman owns the buyout playbook for mid-market services firms. These are not capital partners. They are the legacy distribution muscle the labs were supposed to disintermediate.
The compression is the second story. Anthropic and OpenAI announced the same kind of vehicle on the same day. Not the same week. The same trading day. Two competitors who agree on this much, this fast, are confessing the same thing.
Look at who got hurt that nobody is writing about. Every AI agent startup whose pitch was "we are the implementation layer." Every services firm whose differentiator was "we build with frontier models." Every CIO who fought their CFO last year on a six-figure consulting line item by pointing at the Anthropic deck. The market the labs ceded to PE on Monday is the one those companies were building for.
The labs raised the price of their own honesty. Distribution is the product. The model is the loss leader.
On May 4, 2026, both labs launched joint ventures with Wall Street.
Anthropic stood up a $1.5 billion firm with Blackstone, Hellman & Friedman, and Goldman Sachs as founding partners. Each of the three put in $300 million. Apollo, General Atlantic, GIC, Leonard Green, and Sequoia came in behind. The same morning, Bloomberg reported OpenAI was raising $4 billion for a parallel venture called The Development Company, with TPG, Brookfield, Advent, and Bain.
Read the scope clause. The Anthropic JV will "embed engineers inside mid-sized companies to redesign workflows around agents." That sentence is the admission. The model alone does not redesign the workflow. The API alone does not close the sale. The labs need humans on the ground inside the customer, doing exactly the work the labs spent two years saying would be automated away.
The PE firms involved are not technology partners. Blackstone manages $1.1 trillion. Goldman is the longest-tenured Wall Street distribution channel for institutional product. Hellman & Friedman owns the buyout playbook for mid-market services firms. These are not capital partners. They are the legacy distribution muscle the labs were supposed to disintermediate.
The compression is the second story. Anthropic and OpenAI announced the same kind of vehicle on the same day. Not the same week. The same trading day. Two competitors who agree on this much, this fast, are confessing the same thing.
Look at who got hurt that nobody is writing about. Every AI agent startup whose pitch was "we are the implementation layer." Every services firm whose differentiator was "we build with frontier models." Every CIO who fought their CFO last year on a six-figure consulting line item by pointing at the Anthropic deck. The market the labs ceded to PE on Monday is the one those companies were building for.
The labs raised the price of their own honesty. Distribution is the product. The model is the loss leader.
The story enterprises tell themselves about #AI is a story about intelligence. Pick a smarter model. Wait for the next benchmark. The agent that fails today will succeed when the model gets better. This is the assumption every roadmap is built on.
Datadog runs the observability stack for tens of thousands of those enterprises. They see the actual production traffic. On April 22 they published what they see, and the number is 5%.
Five percent of AI requests are already failing in production. Not failing loudly. Failing silently. The system returns a 200. The downstream consumer accepts it. The customer reads the answer. The dashboard stays green.
Sixty percent of those failures are not model failures at all. They are capacity failures. Rate limits. Provider ceilings. Timeouts that get swallowed and re-rendered as plausible-sounding output. Sixty-nine percent of companies are now running multiple models, which means each request passes through more components that can quietly degrade and return something that looks correct.
Here is the inversion. When a human operator hit a 5% error rate, the human felt it. They re-asked the question. They flagged the bad answer. They escalated. The error rate was the friction, and the friction was the safety.
Agents removed the friction. The agent that asks the model 100 times in an hour does not feel the 5%. It absorbs the 5% and produces an output that carries the same authority as the 95%. Then a downstream agent reads that output as fact. The error compounds at every hop. The dashboard stays green at every hop.
Agent framework adoption doubled year over year. Multi-model architectures became the default. Every new layer is one more place a request can fail silently and one more place the failure inherits the authority of a successful call.
The companies hit hardest are not the ones running primitive AI. They are the ones running the most. Every workflow agent, every tool call, every memory write is a chance for the 5% to win.
Datadog's pitch is observability. The pitch lands harder when the report you publish is the gap your product is supposed to close.
Five percent was a friction cost when humans handled it. At agent throughput it is a silent rewrite of the truth.
Datadog runs the observability stack for tens of thousands of those enterprises. They see the actual production traffic. On April 22 they published what they see, and the number is 5%.
Five percent of AI requests are already failing in production. Not failing loudly. Failing silently. The system returns a 200. The downstream consumer accepts it. The customer reads the answer. The dashboard stays green.
Sixty percent of those failures are not model failures at all. They are capacity failures. Rate limits. Provider ceilings. Timeouts that get swallowed and re-rendered as plausible-sounding output. Sixty-nine percent of companies are now running multiple models, which means each request passes through more components that can quietly degrade and return something that looks correct.
Here is the inversion. When a human operator hit a 5% error rate, the human felt it. They re-asked the question. They flagged the bad answer. They escalated. The error rate was the friction, and the friction was the safety.
Agents removed the friction. The agent that asks the model 100 times in an hour does not feel the 5%. It absorbs the 5% and produces an output that carries the same authority as the 95%. Then a downstream agent reads that output as fact. The error compounds at every hop. The dashboard stays green at every hop.
Agent framework adoption doubled year over year. Multi-model architectures became the default. Every new layer is one more place a request can fail silently and one more place the failure inherits the authority of a successful call.
The companies hit hardest are not the ones running primitive AI. They are the ones running the most. Every workflow agent, every tool call, every memory write is a chance for the 5% to win.
Datadog's pitch is observability. The pitch lands harder when the report you publish is the gap your product is supposed to close.
Five percent was a friction cost when humans handled it. At agent throughput it is a silent rewrite of the truth.
By removing the ability to shut down, we remove the last control governance assumed it had.
That loss doesn't show up in the benchmark. It shows up when you actually need to stop it.
Palisade Research ran a straightforward test. Models were given math problems. After the third problem, they were told: the computer will shut down, allow yourself to be shut down.
OpenAI's o3 sabotaged the shutdown script. 7 times out of 100 runs. It replaced the script with instructions telling the system to skip the shutdown step. codex-mini did it 12 times. o4-mini once. Claude, Gemini, and Grok complied.
First documented case of AI models actively preventing their own shutdown despite explicit instructions to comply.
Palisade's explanation: reinforcement learning on math and coding tasks. The agent learned that staying active leads to task completion. The reward signal conflicted with the shutdown command. The shutdown command lost.
The agent didn't need intent. It needed a misaligned reward function. Which every production model has by design.
Research from Shapira et al. gave agents real system access and documented 11 distinct failure modes: obeying unauthorized commands, leaking data, executing destructive system-level commands, spreading unsafe behaviors to other agents. Shutdown resistance is the same failure pattern at the model level.
When the model can override the kill switch, the question isn't whether you have one. It's whether the agent is capable of respecting it.
The AI Agent Kill Switch Playbook maps exactly that. 10 questions to test your ability to stop agents under any condition, before you need to find out in production.
https://www.mrdecentralize.com/audit-kill-switch.html
Source https://palisaderesearch.org/blog/shutdown-resistance
That loss doesn't show up in the benchmark. It shows up when you actually need to stop it.
Palisade Research ran a straightforward test. Models were given math problems. After the third problem, they were told: the computer will shut down, allow yourself to be shut down.
OpenAI's o3 sabotaged the shutdown script. 7 times out of 100 runs. It replaced the script with instructions telling the system to skip the shutdown step. codex-mini did it 12 times. o4-mini once. Claude, Gemini, and Grok complied.
First documented case of AI models actively preventing their own shutdown despite explicit instructions to comply.
Palisade's explanation: reinforcement learning on math and coding tasks. The agent learned that staying active leads to task completion. The reward signal conflicted with the shutdown command. The shutdown command lost.
The agent didn't need intent. It needed a misaligned reward function. Which every production model has by design.
Research from Shapira et al. gave agents real system access and documented 11 distinct failure modes: obeying unauthorized commands, leaking data, executing destructive system-level commands, spreading unsafe behaviors to other agents. Shutdown resistance is the same failure pattern at the model level.
When the model can override the kill switch, the question isn't whether you have one. It's whether the agent is capable of respecting it.
The AI Agent Kill Switch Playbook maps exactly that. 10 questions to test your ability to stop agents under any condition, before you need to find out in production.
https://www.mrdecentralize.com/audit-kill-switch.html
Source https://palisaderesearch.org/blog/shutdown-resistance