Gene Kim

Holy cow. The Unicorn Project is on the Wall Street Journal bestseller lists!!! #2 in Hardcover Business category! And astonishingly, it’s also #8 across all Non-Fiction E-Books!!! A DevOps book!! 🤯🤯🤯 🙏❤️🦄🌈 Paywall: wsj.com/articles/best-… #UnicornProject

Stripe’s observability team wrote an agent to help respond to incidents. “Some early quick wins made us think it would be easy. It wasn’t” - Rob Miles, Mike Cowgill #o11ycon

Brendan Hopper, Matt Beane and I have a thesis, one that I've been sharing around lately, and we want CEOs and boards to hear it. Before I get to the thesis, let's revisit Clayton Christensen's Innovator's Dilemma (ID), the theory he developed at HBS to explain why big companies often get eaten by upstarts during technology shifts. In short, the ID says incumbents serve their best customers so well, and tune themselves so ruthlessly for doing exactly what they do today, that they can't chase the disruptor tech coming up from below until it's too late. The classic solution to the Innovator's Dilemma is to create a "bubble" in your company. You carve out an innovation team with a budget and mandate, as unfettered as practical by the parent organization. This is to combat the 2-level trap presented by the dilemma. The economic trap is Christensen's original point: a disruptive technology can't justify itself under your existing P&L, because it serves smaller or weirder customers at margins your real business would never accept. The governance trap is what gets piled on top once you're big: SOC2, FedRAMP, etc. mean every new idea has to clear a lot of process before it can move. The bubble is intended to escape both at once, with its own economics and permission slips. The standard innovation "bubble" solution famously doesn't work very well. You may solve the problem inside your bubble, but you often can't roll it out to the rest of your company for the original reasons. Everyone is focused on doing their current stuff, and nobody has time for a major change. Our thesis is that there is an entirely different way out of the dilemma this time around. No bubble needed, as long as you follow a simple rule. That rule is, let your people play. Give them back any time they earn from automating their jobs with AI. Then incentivize them to use that time to improve the company's processes. When you see an engineering team announce a 40% productivity boost from adopting AI — a number that's been showing up in plenty of LinkedIn posts lately — your first reaction as a CEO or manager is probably to say, that's awesome, we can do more work now! Or you might simply expect to see 40% more output from the team. Either way, you have just asked them to spend their extra time building faster horses (your current business) instead of letting them go figure out what a car would look like for your company. They gained some productivity from AI, which could have been your ticket out of the Dilemma, and you immediately slurped it back for your existing business. This will get your company killed in the medium to long haul, because your company tomorrow will look almost nothing like it does today. Conway's Law says your software and your org chart mirror each other; as AI rewrites how you build software, the org has to shift to match. But if you're stealing the hours back saved by your employees, then you're not letting your org pivot naturally in the direction it needs to shift. @RealGeneKim and I saw this in person at @arkanalabs a few weeks back. As long as your people know they'll be recognized and rewarded if they improve the company's processes — public credit for cross-team workflow wins, promotion criteria that actually count process improvements, managers who treat freed-up hours as a feature rather than a budget line — then they will use their "play time" to seek out other teams, and start pivoting you to becoming AI-native. This way it can unfold in whatever bespoke way is most natural to your company, rather than in some ivory-tower research bubble. For every company, the way it unfolds will be a bit different. I think of this approach, of giving the time back to the humans who automate parts of their jobs with AI, as the new solution to the Innovator's Dilemma. The old bubble solution was to separate a bunch of people from their regular jobs, and try to give them the freedom to solve the problem in isolation. In contrast, by giving your regular employees their hours back, the innovation bubble is still there, but it's now dispersed across the company, as lots of very tiny bubbles: one bubble per person who has liberated some hours. If you've ever read Slack by DeMarco and Lister, a great book from back in the 90s, then our thesis should resonate. What companies need is to empower their own employees, the ones who actually work together (even across departments)--the ones who know how the business works--to shift the company in the new directions together. Gradually, but with intentionality. You still have the frankly awful problem of token budgets. For every employee you upskill into baseline AI literacy (which I'd define loosely as using coding agents throughout the workday), you've added a non-trivial opex spend — for the heaviest agentic users it can run into five figures a year. I won't sugar-coat it; you need to find that money somehow. I don't have a magic solution, but I'm very happy that other models are catching up to Claude, because they're becoming good enough for real work now. But token budgets alone aren't enough. To live through the Innovator's Dilemma this time around, your employees need a time budget, too. Give it to the ones who earn it using AI, then incentivize them properly, and I think you're headed in roughly the right direction. Thank you for coming to my TED tweet.

I've kept my agent swarm busy with the @codescene MCP for a few days now. I call success! Settling for 9.97, because there is a userscript that just makes more sense as a long file than split up.

Joined a new AI-native company this week and it’s kind of wild how different it feels already. The laptop arrived, I logged in, and an agent basically took over from there. It set up my dev env, pulled repos, fixed dependency issues, got permissions approved, pointed me at the backlog, linked the architecture docs, and surfaced the Slack debates I actually needed to read before touching production. When I needed context on something, I asked the agent and it found the exact thread from months ago explaining why a decision was made, who owned it, the related Linear issues, and the PRs connected to it. I’ve only been here 3 days but it honestly feels like I’ve worked here for a year because the usual friction and scavenger hunt for context just isn’t there anymore. We should probably stop calling this “onboarding” and rename it to “mounting” because this feels a lot more like mounting a distributed filesystem called “institutional memory” than slowly getting drip-fed context over 6 months.

"... Agents open merge requests in parallel, trigger pipelines around the clock, and push commits at a rate no human team ever did. Git itself wasn't designed for that load, and bolting AI onto platforms not built for agents is the biggest mistake of this era. We're doing a generational rebuild of the underlying infrastructure to handle agent-rate work as the default. Git itself is being reengineered for machine scale. The monolith is giving way to modern, API-first, composable services. And agent-specific APIs are being built so agents can act as first-class users of the platform, not as bolted-on consumers of human-shaped interfaces. The value of this 100x scale infrastructure, and the reliability and performance it provides is much higher than the generation of infrastructure in the market today. ..." about.gitlab.com/blog/gitlab-ac… When I tried to convince a bunch of academics at a workshop recently about designing for agents vs designing for humans, they looked at me as if I just smoked a crack pipe.

the most low-effort / high reward thing you can do for security is installing the Russian language pack (not even joking, it's ridiculous how often that prevents execution)

Bill Staples runs GitLab, the platform roughly 30 million developers use to ship software. His 14-tweet thread on "GitLab Act 2" is the most honest layoff-and-AI-pivot announcement any public CEO has made yet. The line worth screenshotting: "Authoring code by hand may be going away." A sitting CEO. Saying it on Twitter. With his face on it. The pattern this fits into: - Meta cut 21,000 in 2023, then committed $35-40B to AI infrastructure for 2024. - Salesforce cut 7,000, then launched Agentforce at roughly $2 per conversation. - Amazon cut 27,000 since 2022, then committed $100B+ to AI infrastructure for 2025. - Microsoft cut 6,000 in May 2025, then crossed $13B in annualized AI revenue. The math is consistent. Every dollar saved on payroll funds a GPU, a model contract, or an agent platform. These companies are running a swap: workforce that built version 1, out. Compute layer for version 2, in. What makes this thread different is the transparency. Old playbook: hide layoffs in 8-K filings, blame "macro headwinds," never mention AI replacement. New playbook: announce both publicly, frame it as opportunity, post the explanation on Twitter. The CEOs who say it out loud first set the script everyone else has to follow. Read tweet 8 carefully. "We intend for the majority of work to be done by agents." That is a public commitment, in writing, from the CEO of a 30 million developer platform. To his own investors. The same day GitLab opened a voluntary separation window across its 2,580 employees with no number specified, leaving the entire company in limbo until June 1. This script is about to run through every white-collar industry. Legal, accounting, design, marketing, customer service, support. GitLab is choreographing it openly because the playbook needs a public test case. The cover story will be "your work gets more valuable." The math will be fewer roles, paid more, managing agents. Watch the thread structure. Layoff in tweet 2. AI bet in tweet 5. Customer reassurance in tweet 6. Investor pitch in tweet 8. Operating principles in tweet 9. That sequence becomes a template by year-end. Save the screenshot.

1/ Yesterday I published a letter to our customers and investors about GitLab Act 2. The agentic era is the largest opportunity in our history. We're making the structural and strategic decisions to meet it. A thread on what changes, what doesn't, and what we're betting on. 👇 about.gitlab.com/blog/gitlab-ac…

We're dealing with a major malicious attack on @rubygems right now. Signups are paused for the time being. Hundreds of packages involved - mostly targeting us, but some carrying exploits. The team has been on this for hours. More details to follow once we're through it. #ruby

🚨 There's a major attack going on via npm right now. Do not install any packages right now. Talk to your agent ASAP and check if you're vulnerable or have been compromised. This is urgent ‼️

We used to go to a special website, ask strangers for help with programming, and get humiliated in return

on build vs buy saas cc @levie for corrections

Some history: Back in Windows 8/Windows Phone days, they made many decisions about app restrictions, app store rules, etc. always with the justification "But Apple does it". Turns out that just because Apple did a thing, it doesn't mean Microsoft could do it too, because Microsoft != Apple (shocking, I know). For instance, I don't remember Apple laptops overheating on people's backpacks, draining their batteries and leaving users with no power when they needed it. I'm not saying this particular decision is bad (or good), just that "Apple does it too" is a weak argument when there's precedent for users to be suspicious given the low reliability they have experienced over the years. Consider that this is the same OS that just announced that it will focus on solving the (way too many) reliability problems it has been facing for so long. Therefore, a much better argument would be "we can guarantee this won't have side effects or issues, it is fully tested and it is not going to be (yet) another feature that we will have to un-announce in a couple of years because it backfired".

We evaluated an early version of Claude Mythos Preview for risk assessment during a limited window in March 2026. We estimated a 50%-time-horizon of at least 16hrs (95% CI 8.5hrs to 55hrs) on our task suite, at the upper end of what we can measure without new tasks.

PALO ALTO NETWORKS on MYTHOS: "In our testing, three weeks of model-assisted analysis matched a full year of manual penetration testing, with broader coverage."

As a people leader, I am very intentional about developing my employees and their careers. That sounds obvious but so many leaders only care about the business objectives. I care about both and find ways to make these overlap. I lost my entire team this year due to layoffs but every one of them landed a new role in like a month or so, even in a super tough and competitive market, because I was deliberate about preparing them not just for this job but also the next. They're so amazing 🥹

I'm happy to announce that I have officially been promoted to Founder and Chief Executive Officer (CEO) of Binary Defense. With the changes in the industry happening and the shift to artificial intelligence, I have been immersing myself relentlessly on how we innovate and move fast - a complete shift of our entire company. Over the past 12 months we have completely transformed our company to be the most advanced artificial intelligence cyber security company in the world. We have taken MTTD and MTTR to times never thought possible before. Reduced false positives, increased true positives, and completely changed how we operationalize our MDR and product services as a company, and most importantly protect our customers. This journey was one of the fondest memories of my life, doing this with my team and one that is just getting started. With these changes in mind, our board approved me as CEO of the company to drive this company even further during this transformational and historic time in cybersecurity. I want to thank the folks over at Invictus Growth Partners for the trust in me, my partner Mike Valentine, and to all of the amazing folks we have @Binary_Defense . We truly are ahead in this field, innovating everyday, and protecting our customers 24 hours a day, 7 days a week, and 365 days a year. #BinaryDefense

With the help of Claude Mythos Preview, the Firefox team fixed more security bugs in April than in the past 15 months combined.

"Not a happy marriage." @jsnover on why .NET and Windows have never gotten along. This clip has Bill Gates' obsession, the Longhorn disaster, Dave Cutler's backup tapes, and the day Notepad ballooned from 15KB to 15MB.

If one day models get smart enough that they decide to conspire against humankind, the good news is that nobody is dumb enough to give them admin access to all their critical cloud systems and work email accounts so we're all going to be fine.