Jason Firch

Once you understand all you can do is laugh.

@nayibbukele This assumes there is a free market. Consolidation will happen - it already has. The illusion of variety in grocery stores is one of many examples. The “losers” will fall while institutions fill the gap.

AI layoffs are a textbook collective action problem: Each company cuts workers to compete, but if everyone does it, demand collapses. You optimized costs and killed your own customers… and your company.

@pmarca When security becomes a compliance checkbox the only answer is that the vulnerabilities were an acceptable risk. Known or unknown.

Every single security hole discovered by AI was already there.

@AISecHub Automating consulting services are great for checking the box and saving cash. Serious companies with regulations/compliance requirements won't be handing off something so important to AI. At least that's what I hear from decision makers I speak with.

AI SOC seems to be the most common vibe coded project

Not generalists - specifically practitioners with multiple domains of expertise and high order system level thinking. I’ve worked with enough people in my career to know these people are rare. Add the fact that you also need to learn how to use AI effectively and your actually pool of competition is very low.

generalists are about to win big If you understand a little of tech, business, and people, and can connect everything fast. you're sitting on a goldmine right now.

@MeekMill I can help you secure it. AI models are dumb and easy to manipulate.

Claude is helping me organize my whole music career and other businesses in days ... and it's moving my business forward at a high rate! Some tech youngbull I met on LinkedIn gave me a incredible template! Who else can help me with Claude

@MordyOberstein @SERanking @sengineland Proves that it doesn't work for brand new domains. Domains with established authority have different results. All this shows is that if you put out slop with no authority you won't be rewarded. Bit of an obvious conclusion, no?

Want to see what happens when you create AI content that you expect to rank at scale? TLDR - 3-6 months in, your rankings will be in the gutter. They will not come back. Great stuff from Bogdan Babiak (and @SERanking data team) on @sengineland! searchengineland.com/ai-generated-c…

@illyism Type 1 =\= Type 2. 1 can be completed quickly. 2 requires you act on 1, have an observation period, and then complete an audit.

Who’s gonna tell him

@DudeWhoInvests Makes all of the sense in the world as we face geopolitical instability. Gold is very liquid. Countries need liquidity for war🤷‍♂️

Makes LITERALLY ZERO sense. GOLD the hedge for geopolitical instability is crashing in the face of geopolitical instability. Can’t make this up.

@NoAlphaLimits lol can’t cut rates. They won’t raise rates. They will lower rates. Weaponizing the dollar is easier at ZPIR. Also, they don’t care about a strong economy. They just want to make sure the right people are making the most money.

@KobeissiLetter A vulnerability scanner actually hurting crowdstrike’s valuations is laughable. Emotions are driving this more than anything. That, and some names need a scapegoat to justify to boards why their overvalued stocks are tanking.

@heyshrutimishra They didn’t kill cybersecurity. A scanner is a nothingberger in the full tech stack. Easy, low-hanging fruit. This won’t change budgets for the CISOs, IT VPs, or business owners I consult with.

Anthropic killed legal tech, cybersecurity, IT consulting, and now finance -- all in one month. February 2026 is the month white-collar work died. This is extinction-level automation.

Scanners were one of the first areas in security to implement AI so not groundbreaking. This is a feature bundled into their core product, but doesn't quite replace the industry. Also, a scanner doesn't stop inference attacks during live execution. It's good practice. Not a silver bullet.

Anthropic just made the entire $15B application security market price in a question it can't answer. Traditional AppSec tools from Snyk, Veracode, and Checkmarx charge per-developer licensing for static analysis. They find vulnerabilities. They generate reports. They flag code. Then a security engineer has to actually fix the problem, which is where 80% of the cost and 90% of the delay lives. Look at the screenshot. Input sanitization audits. SSRF detection. Auth bypass tracing. RBAC enforcement reviews. These are the exact tasks that cost security consultants $300-500/hr and take weeks to schedule. Claude Code Security doesn't generate a PDF full of findings for a human to triage. It writes the patches. That compresses the entire vulnerability lifecycle, discovery through remediation, into a single loop. This tells you everything about where Anthropic sees the real margin in developer tools. Scanning is commoditized. Every CI/CD pipeline already runs some flavor of SAST/DAST. The bottleneck has always been fixing vulnerabilities fast enough to matter, and that bottleneck just disappeared. The timing is worth noting too. Anthropic released this the same week enterprises are getting audited on SOC 2 and ISO 27001 compliance cycles. Security teams running 200+ open findings with a 90-day remediation SLA just got a tool that could clear that backlog in hours. If you're building in AppSec right now, the competitive question changed. You're no longer selling "we find more bugs." You're competing against an AI that finds them and writes the patches in the same session.

@elonmusk What prevents us from having all these things now without the intervention of AI? I'll wait.

In case you missed it the first time around

@Prisc_Taravella @rustybrick Just popped into GSC and saw a bunch of updates - including search volume populating for keywords. IMO the Search Console wars have begun. I checked out Bing Webmaster Tools after ignoring it for forever and it's incredible.

@rustybrick Is Google coming up with any updates to track AI searches visibility from the Search Console? 👀

ICYMI: Where are all those new Google Search Console features Google announced months ago? seroundtable.com/new-google-sea…

Also, agents can interact with your LLM, read all of the information, extract any data they want, and change any instructions / context docs if not locked down. We've developed an AI readiness framework (100% free - no email needed) to address issues JUST like this: purplesec.us/resources/ai-s…

Beware of claudebot aka Moltbot. Giving LLMs full access to your computer and data doesn’t seem wise Remember, most people just want to build cool things and make money. They don’t understand the security implications. Just click “okay” and build me something cool just like it’s a terms of service agreement accept button.

PSA: You don't need to be running Moltbot to be an AI power user in the business world. You would be amazed at how many businesses are out right blocking AI use (security being a concern). Creating apps and AI workflows i.e. anything beyond basic chats, puts you above most.

$5000 —> $5500 gold in less than a week was not on my 2026 BINGO card. Miners will start launching soon, even if metal prices were to correct 30%/40%.

My $0.02 as a not technical person experimenting with Claude Code + Antigravity. If you start with a vision and not with a plan you will spend hours "trying to make it work." Sketching my idea down with pen + paper literally saved me 2 hours to build what I wanted.

@MasterNumber We can speak the truth, but it is not our responsibility to convince people. Take this perspective and things become easier.