PodcastsHear the voice. See the shape of the thought.

Recorded live at Microsoft Build, this crossover episode between No Priors and Latent Space brings Sarah Guo, Elad Gil, and swyx together for a wide-ranging conversation with Satya Nadella. Satya argues that the platform shift now underway is defined by a single test: can every company operate at the frontier using their own frontier intelligence — their own private evals, their own trained harness, their own context? Across 42 minutes he walks through Microsoft's MAI model lineage strategy, why the enterprise harness (not the model) is the durable moat, how SaaS business models will unbundle and rebundle, and why the "hyper-leveraged generalist" — the full-stack builder who can design, code, and ship — is the defining role of this era. ## [00:00] Satya Nadella Introduction The episode opens with a clip that actually comes from late in the interview: Satya's assertion that the world will grow skeptical of any tech company asking for blind trust, and that the industry must deliver tangible, measurable benefits to earn permission to operate at scale. Sarah Guo and swyx welcome him to the crossover stage at Build, where Satya says he listens to both podcasts regularly. > *"The world is going to be very skeptical of tech and tech companies that say, 'Trust us, we've got it. The future is going to be glorious.' You kind of have to deliver tangible benefits because it's too important this time around."* ## [01:48] Reflections from Microsoft Build Satya's single biggest takeaway from the Build keynote: stop thinking about this as a model race and start thinking about it as an ecosystem play. Every prior Microsoft platform shift — Windows, Azure, Office — succeeded because it created more value above the platform than Microsoft captured inside it. The morning's keynote, he says, was about giving any company — AI-native or legacy enterprise — a clear recipe to become a first-class participant who points to AI *they created*, not just AI they rented. > *"A platform is defined by fundamentally its ability to create more value above the platform versus what's captured in the platform."* ## [03:12] Microsoft's AI Training Strategy The MAI model family started with a deliberate obsession over pre-training data quality — ablating out the noise that makes many open-weight models look strong on benchmarks but brittle in practice. Satya introduces the "hill climbing scaffold": a company takes a frontier model like GPT-5, collects traces from real workflows, then uses those traces to train a small 5B reasoning model that surpasses the larger model on the company's *private* eval. The Lando Lakes demo shown at Build used exactly this approach. His conclusion: private evals have become more strategically important than any publicly available benchmark, because public evals can all be maxed. > *"Each company will have its own private eval. And so that end-to-end platform story around our models is sort of what I think is interesting."* ## [05:48] Complexity of Real-World Deployment of AI Elad Gil asks what Satya would tell himself two or three years ago. His answer: the scaling laws worked, and capability has climbed — "intelligence is log of compute" turned out to be roughly right. What the industry underestimated was the real-world complexity of deployment: getting models to deliver measurable value outside benchmark conditions. The symptom he points to is the "I don't want a token max" complaint from customers, which he reads as evidence that the industry built token-burning products before building token-earning workflows. > *"The true eval is when people out there are able to do unique things that they only can value and it's very measurable — that I wish we had sort of even like had more in our consciousness."* ## [07:33] Augmenting Human Capital Sarah Guo asks beyond coding — what use cases are creating the most value. Satya notes coding worked so well it forced a redesign of the IDE itself: 100 parallel agent sessions generate so much cognitive load that a new UI (canvas, not just chat) became necessary. Beyond coding, the pattern he is watching is "glue work" automation — the coordination, status-tracking, and handoff work that ties together human judgment. Autopilot-class agents running overnight with delegated authority, then surfacing a morning digest of what they completed, compress entire workflow cycles. The bottleneck shifts from execution to review. > *"If you now can augment that with tokens slash agents that are long-running, durable — then your ability to scale even what is still judgment and glue work gets amplified like coding does."* ## [09:37] Harnesses for Enterprise swyx surfaces the key architectural question: if the coding agent needs a harness (environment, context, tools), what is the equivalent harness for broad enterprise productivity? Satya's answer: Microsoft's GitHub harness is now the spine across GitHub Copilot, Security Copilot, and the Discovery for Science products — all multi-model, all with progressive tool disclosure to keep token budgets manageable. The magic, he says, is in the context layer: getting the right context into the plan executor is where most real-world performance comes from. He uses the MDaS security product as existence proof that a multi-model harness can find vulnerabilities that specialized models missed. > *"The amount of work you need to do to prep the context layer such that your plan can execute in the most efficient way is where the magic is."* ## [11:49] Developer Value Sarah Guo sharpens the tension: frontier labs build first-party products that capture most of their revenue — where does the independent developer capture value in that model? Satya's argument is that the network effects of intelligence are not winner-take-all the way Windows was, because models learn from small, novel samples — not from data volume monopolies. That means the developer's durable asset is the private eval that lets them hill-climb on any frontier model and switch providers without losing ground. An open harness plus private evals plus curated context is the new platform investment for any AI-native company. > *"Every company having private eval maybe the biggest IP right now — I think about it like what's that private eval that you can then use even a frontier model to hill climb on and not leak the traces."* ## [15:09] Can Everybody Operate at the Frontier with Their Frontier Intelligence? Satya crystallizes the developer conference thesis: the whole point of a platform is to let someone else extend and build their own intelligence layer on top. Without that, a developer conference is just a showcase for one model. He uses the NVIDIA/CUDA parallel — he jokingly tells Jensen he wishes Microsoft had built CUDA — to underscore that the most powerful platform moves are when an infrastructure layer enables others to run far beyond what the platform vendor imagined. > *"Without it, why have a developer conference? I can just come and have you all sort of just worship at the altar of one model. But that's not a developer conference."* ## [15:51] Modern Definition of IP A backstage conversation before the taping surfaced the question of what IP means now. Satya's answer: human capital used to be the irreducible tacit knowledge — impossible to put on a balance sheet. Agent traces change that. Every interaction between a human and an agent inside Teams or GitHub or M365 is a trace that can train a company-specific "veteran agent" — not a generalist, but one that has absorbed how *this* company creates value. That trained agent should, Satya argues, go on the balance sheet the way patents do today. > *"When a company says it should in fact go onto the balance sheet is how I think about it — the agents that have learned through time through all the traces."* ## [17:38] Future of Vendor vs. Enterprise Agents Sarah Guo raises the "end of software" debate: if workflows are cheap to generate, what survives of the SaaS stack? Satya deconstructs the SaaS vertical: the data model at the bottom (the general ledger, the entity relationships) remains valuable and stable — nobody wants a new schema for their general ledger. Business logic encapsulated in something like PowerBI's semantic model also survives. What changes is the UI and configurability layer, which can be dynamically generated. The result is unbundling and rebundling, not wholesale replacement. He points to Work IQ (the M365 graph exposed as an agent-accessible database) as the example: a GitHub repo can now query meeting transcripts from the previous week and generate a code-change plan — a use case that was structurally impossible before. > *"I go to a GitHub repo and I say, 'Hey, I attended a bunch of design meetings last week related to this repo. Can you capture all that and tell me what changes I should make?' It literally can go look at all those transcripts, come back with a plan to change a code base."* ## [21:48] Near-Term Predictions on Model Pricing Satya maps the pricing evolution: per-user subscriptions persist because enterprise budget owners need certainty and entitlements. Consumption tiers layer on top as agent intensity grows. Outcome-based pricing is conceptually attractive but psychologically unstable — customers who love it in theory balk when the invoice arrives, because paying on outcomes feels like giving away royalty. His concrete example: GitHub Copilot was priced as a per-user interactive tool, but agentic workloads running 10,000 parallel sessions all day require a consumption meter alongside the per-user base. > *"Most people love outcomes until they have an outcome. Because once you have an outcome, it's like giving away royalty."* ## [24:02] Durability of SaaS The "agent euphoria" phenomenon inside enterprises — teams convinced they can rebuild their SaaS stack in six months — will, Satya predicts, run into the maintenance reality after one budget cycle. The build-vs-buy calculus is quantifiable: acquire when the marginal cost of building and maintaining exceeds the vendor price. Maintenance includes security patching (AI will find vulnerabilities faster, which means you have to fix them faster), and fixing costs tokens. The net result: SaaS survives as a category but vendors who won't expose flexible pricing and open agent interoperability will lose accounts to those who do. > *"I think we've gone through the excitement that I can generate a lot of software. I think the next thing would be what software do I really want to generate? What software do I want to use from others?"* ## [25:58] What Satya's Building Elad Gil asks what Satya is personally building. He describes a chief-of-staff autopilot agent he built in a week using Work IQ, Azure Foundry long-running agents, and Rayfin for memory storage. The agent monitors his context continuously, and when he published it to Teams, it deployed automatically. His broader point: GitHub Copilot Sessions has made it possible even for a CEO to have meaningful agency over codebases — not to replace engineers but to inspect, learn, and have a full-stack view of what his organization is building. > *"I could say publish to teams and it published the damn thing to teams. The ability to have a you know some end-to-end project like this complete is just pretty miraculous."* ## [28:18] Future of Engineering Roles swyx asks whether the "four engineering roles" thesis — agent managers, forward-deployed engineers, security engineers, and large-scale infrastructure owners — captures the future. Satya points to what LinkedIn already did structurally: created a "full-stack builder" discipline that merges design, product management, and front-end engineering while preserving individual domain edges. The role expands scope without erasing specialization. He flags infrastructure as the other growth area — building the reward learning environments (RLEs) for models like Excel's agent is a distributed systems problem, not a product problem. But his highest-conviction bet is on the hyper-leveraged generalist: the person who used to produce Word documents and spreadsheets and can now, in the same cognitive breath, ship an application. > *"The generalist role is going to be the most exciting right because the leverage of a generalist is where we are going to see the maximum returns."* ## [30:54] How Microsoft Can Be More Ambitious Sarah Guo cites her partner's essay arguing this is the moment for radical ambition. Satya's framework: the key move is to give yourself permission to do "meta work" — not to do the task, but to build the agentic system that does the task. He uses the Azure network team as the central example: faced with building more Azure capacity in 15 months than in the first 15 years, the network engineers said their job was no longer fiber operations — it was building the agentic system ("Miles") that does fiber operations. They told Satya they didn't need more headcount, they needed more tokens. That reconceptualization is the ambition unlock — analogous to how the PC era was never really about typing, it was about knowledge work. > *"Our job is not to do Azure networking. Our job is to build the agentic system that does Azure networking."* ## [34:36] Data Centers and Community Impact Elad Gil raises the community-level stakes of the data center buildout. Satya is direct: unless communities see tangible local benefits — stable or lower energy prices, water replenishment through closed-loop systems, construction jobs, post-construction tax base — the industry will lose the social license to operate. He frames it historically: technologies that consumed large amounts of energy while creating broad societal value have had good outcomes; those that didn't, haven't. The token economy needs the same proof: productivity gains, economic growth, and broad participation visible at the community level, not just in enterprise earnings. > *"Unless we as an industry are very principled about ensuring that the benefits of all the stuff we're talking about are felt in real ways at the community level — it has to be real."* ## [38:01] AI's Impact on Society swyx asks what Satya has most updated his personal models on regarding societal impact. His answer: the most critical thing in the next 12–18 months is making it legible to ordinary people that they have a real shot as first-class participants in the AI economy — through health outcomes, startup formation, running a local business more efficiently. The abstract promise ("trust us, it'll be great") has already exhausted its credit. The test is whether politicians who advocate for AI-driven productivity gains can win elections because their constituents saw real benefits, not just stock returns. > *"I think the world is going to be very skeptical of tech and tech companies that say trust us we've got it the future is going to be glorious — you kind of have to deliver tangible benefits."* ## [39:52] AI and Education Sarah Guo notes education as an area where AI's impact has been slower than expected. Satya points to his visit with the founders of Alpha School as an example of genuinely rethinking pedagogy — not just digitizing old curricula. He flags a Stanford CS course that still teaches students when to apply softmax correctly (concept-first) rather than just prompting agents to fix training runs, as evidence that conceptual foundations remain necessary. But the credentialing system, the incentive structures for learning, and the link between credentials and employment opportunity all need to change together. His closing bet: the next big startup success story might be someone who builds a new university or a new curriculum-to-employment pipeline. > *"Maybe the next big startup and success story could be someone who builds a new university or a new pedagogy even of how to get someone to go through a curriculum and find economic opportunity."* ## Entities - **Satya Nadella** (Person): Microsoft Chairman & CEO; the primary guest throughout. - **Sarah Guo** (Person): GP at Conviction and No Priors co-host; interviewer. - **Elad Gil** (Person): Independent investor and No Priors co-host; interviewer. - **swyx** (Person): Latent Space host; interviewer for the Microsoft Build crossover. - **Microsoft** (Organization): Publisher of Azure, GitHub, Microsoft 365, and the MAI model family. - **GitHub Copilot** (Software): Microsoft's AI coding assistant; the anchor product for the multi-model harness strategy. - **Azure Foundry** (Software): Microsoft's platform for deploying long-running agentic workflows and custom model fine-tuning. - **Work IQ** (Software): Microsoft 365 graph exposed as an agent-accessible database, enabling cross-product context queries. - **MAI models** (Concept): Microsoft's in-house model family, built with a clean pre-training lineage and designed for enterprise hill-climbing via private evals. - **Private eval** (Concept): A company's proprietary benchmark capturing its unique workflows; Satya argues this is now the most important form of intellectual property. - **Multi-model harness** (Concept): An orchestration layer that routes across multiple models, tools, and context sources — the durable enterprise moat vs. any single model. - **Full-stack builder** (Concept): LinkedIn's structural role combining design, product, and engineering into a generalist with broader scope and higher AI leverage. - **Alpha School** (Organization): Education startup whose founders Satya met with while rethinking AI's role in pedagogy. - **MDaS** (Software): Microsoft's security product that demonstrated multi-model harness performance superiority over specialized models in vulnerability detection.

Sarah Guo talks with Maxim Bar Kogan, co-founder and CEO of Onyx Security, about what it actually takes to secure AI agents at enterprise scale. Maxim argues that traditional controls — proxies, identity restrictions, human review — fall apart when agent actions multiply exponentially, and that the only viable path is training specialized small models that know when to escalate to a heavier overseer. The conversation covers Onyx's "secure control plane" product, the cost-latency math behind custom model training, why labs cannot credibly self-certify their own models' safety, and Maxim's conviction that AGI is coming and that independent AI oversight will be a hundred-billion-dollar business. ## [00:00] Cold Open Maxim opens mid-thought: as enterprises do more with AI agents, bad actions will follow — agents accidentally publishing credentials, making unauthorized network calls, taking irreversible steps. Enterprises already know the adoption wave can't be stopped; what they're missing is any mechanism to distinguish a legitimate agent action from an illegitimate one. The clip frames the core Onyx thesis before the intro rolls. > *"Definitely enterprises are starting to realize that that risk is grown exponentially and that they don't have any way to stop the adoption. They just now have to do something to reduce the chance of these agent actions being illegitimate or incorrect."* ## [00:45] Maxim Bar Kogan Introduction Sarah introduces Maxim as co-founder and CEO of Onyx Security, an Israel-based startup staffed by researchers, mathematicians, and engineers — described as building agents to watch the AI agents. The company blends offensive cyber expertise with deep AI research, including work on synthetic data and mechanistic interpretability. ## [01:10] AutoGPT and Betting on Agent Actions The two-year-old consensus risk story in enterprise security was DLP for chatbots — employees pasting sensitive data into ChatGPT. The framing has since collapsed into near-panic around autonomous agent actions. Maxim traces Onyx's bet back to AutoGPT: the first agent that let an LLM decide what to do, call a tool, and loop — not just generate text. The demo proved that agents could take real-world actions autonomously, and Maxim concluded immediately that someone would need to oversee those actions at scale. > *"AutoGPT kind of let everyone's imagination including ours run wild because it was the first really autonomous agent running on LLMs — an agent that would let an LLM not generate text but decide what to do and then give that agent API access to do that thing."* ## [05:17] What Onyx Product Does Onyx does two things: train models and build agents that oversee other agents, and package that capability as a "secure control plane" that enterprises plug into their AI stack. The control plane monitors agent actions for legitimacy — deciding in real time whether a given action is within bounds — while managing the tradeoff between latency, cost, and reliability. Maxim positions the long-term vision beyond enterprise security: any company running AI agents needs a vendor-independent party to certify what those agents are doing. > *"The number of these actions is going exponentially. Things that we thought might be useful in the past, like a human in the loop — now that you're going to have 100x, a thousandx, a millionx of these actions — that's not going to work."* ## [07:47] State of Deployment in Large Enterprises In a typical large enterprise today, Maxim sees three categories of AI deployment: low-code SaaS automations (drag-and-drop, not truly autonomous), first-party agents built in-house or as customer-facing products, and autonomous coding agents and assistants. Of those three, coding agents now account for over 50% of AI usage. The most mature sectors — financial services, healthcare — have the tightest controls, but even the most cautious companies have stopped banning AI outright and moved to managing it. > *"Over 50% is the autonomous coding agents and assistants in the average enterprise."* ## [09:58] Securing Agents Enterprises already spend roughly $100 billion a year on security — endpoint, network, cloud, identity. Sarah asks how much of that carries over to agent security. Maxim's answer: almost none of it. Identity controls, the most fundamental layer, fail because agents need broad, dynamic permissions that can't be scoped in advance. An agent writing code across a repository or sending emails on behalf of an executive can't be locked down to a narrow permission set the way a static software process can. The attack surface is intent, not access — and existing tooling can't read intent. > *"With these autonomous AIs, with these assistants, with these coding agents, you can't really know upfront what permissions to give them."* ## [12:45] Why Proxies Don't Work Sarah's instinct from her own security background: this sounds like a problem for a proxy with a smarter policy engine. Maxim agrees proxies work as an integration point in some architectures but says they miss the hard problem entirely. Proxying gives you the data stream; it doesn't tell you whether the action in that stream is legitimate. That judgment requires understanding context — the agent's goal, its history, what the enterprise has authorized — and no rules engine knows how to evaluate that across arbitrary agent behavior. > *"The hard problem is understanding if what I should do now is okay or not. In the case of AI systems, that is the hard question."* ## [14:11] Why Onyx Trains Its Own Models The naive solution — use Claude Code to monitor Claude Code — breaks on cost and latency. Running a frontier-model agent for every enterprise agent would make the security layer more expensive than the AI being secured. Onyx's answer is small, highly specialized models that do exactly one thing: decide whether the current action warrants escalation to a heavier overseer. Sarah analogizes it to blitz chess: grandmasters play intuitively on fast moves and pause only at critical junctures. Maxim says the chess analogy is right — you want to concentrate intelligence exactly where the risk is highest and stay lean everywhere else. > *"You want to try to train models that are just good at one thing. They're very small. They almost can't do anything else other than be able to say, 'Should I have a smarter agent look at this?'"* ## [18:38] Onyx's Talent Culture Israel's security talent — shaped by units like 8200, companies like Armis and Wiz — is well known. Onyx's DNA is different: co-founder Gil's background is synthetic data and Nvidia, not offensive cyber. Most of Onyx's research engineering comes from an Israeli intelligence unit focused on math and cyber at their intersection. Maxim sees this blend as deliberate — the long-term problem Onyx is solving is not just enterprise security but how to control advanced AI, full stop. That requires deep AI expertise alongside security instincts. Israel as a whole is catching up quickly in AI: world models, AI infrastructure, chips. > *"The problem is not just cybersecurity. The problem is how do we control advanced AI long term — and that problem, even if you forget about enterprise security gaps, just sounds very important."* ## [21:24] Mechanistic Interpretability Maxim believes mechanistic interpretability — understanding what's actually happening inside model weights and activations — is both possible and necessary. His counterintuitive thesis: as models become smarter than humans in key ways, they'll be better equipped to crack the internal structure of other models than we are. Onyx is actively funding research in this direction, not just as a security tool but as a window into what intelligence itself is. Sarah endorses the bet, noting the opportunity to understand not just AI but cognition broadly. > *"As we're starting to have models that are much smarter than us, at least in some important ways, we think we'll be able to start cracking mechanistic capability much more effectively."* ## [23:35] How Onyx Builds Customer Trust Fortune 10 and 20 companies don't normally work with two-year-old startups of fewer than 100 people. What's breaking that rule is pain: CISOs facing daily agent-action incidents have no incumbent to call because the problem didn't exist three years ago. Onyx gets inbound from enterprises that found them coming out of stealth because the problem description matched something they were already firefighting. Maxim treats this as a narrow, temporary window — enterprise buyers know new startups will grow up, and they'd rather be early customers shaping the product than late adopters. > *"It's an opening that only happens when the pain is very strong. Their pain is so strong that they'll say, 'I just saw this company come out of stealth, but it's a problem I have daily, so I'll give them a call.'"* ## [25:10] Mitigating Risk at the Foundational Level The second wave of CISO panic — beyond agent actions — is the plummeting cost of automated vulnerability research. Coding tools can now find and exploit vulnerabilities at a scale that would have seemed decades away just a few years ago. Maxim says the market is not overreacting: this is a genuine structural shift. The right response is two-track: fast patching and mitigating controls now, plus investment in foundational controls — locked-down identity, firewalls, endpoint detection — that reduce the exploitable surface regardless of what the attacker's tools can do. > *"The real solution — and every security leader at large enterprises knows it — is that we need to have the foundational pieces in place to avoid those risks."* ## [27:45] Phased Rollout of Glasswing and Daybreak On Anthropic's Glasswing and OpenAI's Daybreak controlled rollouts for more capable models: Maxim has a conditional view. Gradual rollout is ideal if it's globally coordinated — it buys time to build playbooks, share knowledge, and prevent catastrophic failures at power grids or airlines. But if any actor releases a comparably capable model ahead of the phased schedule, the gradual approach becomes a liability: companies that didn't get early access are now exposed to a threat they had no chance to prepare for. His recommendation is to expand access broadly so more organizations can build defenses in parallel. > *"If anyone gets to a method-level model earlier, then in retrospect it would look like a huge mistake — we could have at least given companies the choice to start moving very quickly."* ## [29:11] Large Enterprise Holdouts Two years ago, a meaningful cohort of large companies simply banned AI. Today Maxim barely sees that anymore. The financial sector still imposes constraints — allowing agents but restricting which tools — but full bans are gone. He argues this is correct: tool lock-in is its own risk. Betting exclusively on one vendor's models at the speed this market is moving means being caught out when the next generation shifts the rankings. Companies that allow broad tooling and manage it rigorously will outpace those that restrict aggressively. > *"If you bet on OpenAI a year ago, that would have been the safest bet in the world, but suddenly Anthropic has much better models and tools."* ## [30:46] Onyx and the Larger AI Security Space AI security is crowded with new vendors and new attack surfaces. Maxim's counter to product-scope anxiety: the two core primitives of 2026 AI — transformer-based foundation models and tool-calling agent loops — haven't fundamentally changed in years. That stability lets Onyx build toward many agent applications while keeping its core technology lean. The real hedge against architectural shifts is investing in researchers who can retrain and adapt quickly rather than betting the product on any single model paradigm lasting forever. > *"The two core pillars of how 2026 AI works have not changed in the last few years. We're still largely LLM foundation models, and we're still building agents in pretty much the same way."* ## [32:36] Should Labs Address Model Trust and Governance? The pressing Bay Area question: will the labs eventually absorb the trust and governance problem themselves? Maxim's structural argument against it: buyers don't want the car seller certifying the car. Security teams need an independent party whose business model depends entirely on being right — not a vendor protecting its own product reputation. Beyond buyer psychology, Maxim draws a line between "jagged intelligence" mistakes (silly errors that will improve with stronger models) and intent-level failures: adversarial manipulation, misaligned objectives, goal drift. The labs will fix the first category. Only a structurally independent overseer can address the second. > *"You're not going to trust the vendor of a product to tell you that this product is not going to mess your environment. You're going to want an independent party whose whole business depends on telling you that this thing is correct and being right."* ## [36:56] What Needs to Happen in Security Sarah asks what the broader tech and research community — labs especially — is missing from a security perspective. Maxim's answer: it's not a technical gap, it's an empathy gap. Building security products requires deeply understanding how security teams actually operate — their organizational structure, responsibilities, information flows. Israel produces strong security talent partly because military service gives engineers first-hand experience being the end-user they're later building for. The labs, he implies, are building capability without sufficient attention to the operational reality of the organizations that will have to deploy and defend against it. > *"No matter what technical problem you're solving, you're building a tool for people, for an organization that has a certain structure. Creating a product for this audience that doesn't just solve the technical problem but they actually love is really hard."* ## [39:14] Why Maxim is AGI-Pilled Sarah closes by noting Maxim's implicit belief that human security teams will still exist for some years. He confirms it — but with a timeline: security teams will be fully AI-agent-run in the near term, just as most knowledge work will be. His grounded version of AGI optimism is that the job of building great products doesn't change: always know who the end user is and optimize for their experience. Right now that's humans with a few agents alongside them. As the ratio flips, the same principle applies — just to agents reading context windows instead of dashboards. > *"Today when I sell a product I sell it to a human audience with a few agents, and as that audience becomes more agents than humans, it will be important for us to evolve and to make it work really well for agents doing the work."* ## Entities - **Maxim Bar Kogan** (Person): Co-founder and CEO of Onyx Security; former Israeli intelligence, background in math and offensive cyber. - **Sarah Guo** (Person): Host of No Priors; founder and GP at Conviction. - **Onyx Security** (Organization): Israel-based startup building AI oversight infrastructure — trains specialized small models to monitor and govern enterprise AI agents. - **AutoGPT** (Software): Early open-source autonomous LLM agent; cited by Maxim as the inflection point that made agentic risk concrete. - **Glasswing / Daybreak** (Software): Controlled rollout programs from Anthropic and OpenAI respectively for frontier model access. - **Mechanistic Interpretability** (Concept): Research program aimed at understanding the internal weight and activation structure of neural networks; Onyx treats it as a long-term pillar of AI oversight. - **Secure Control Plane** (Concept): Onyx's product category — a vendor-independent layer that monitors agent permissions, action legitimacy, and behavioral history in real time. - **8200** (Organization): Israeli intelligence unit widely credited with producing Israel's top security and tech talent, including many Onyx engineers.

Andrew Feldman, CEO of Cerebras, details the company's journey from a controversial 'wafer-scale' architecture to a $63 billion public valuation. He explains how their radical hardware design delivers 15-20x faster AI inference than traditional GPUs, enabling new business models and a fundamental reorganization of productivity. ## [00:00] – Cold Open Andrew Feldman compares the impact of AI speed to Netflix's transition from DVD delivery to streaming, noting that extreme speed opens entirely new business models. He predicts a fundamental reorganization of productivity as AI moves beyond basic coding and design tasks. > *that's what happens with speed and I think that's what fast AI does right now [00:10]* ## [00:41] – Andrew Feldman Introduction Host Sarah Guo introduces Andrew Feldman and highlights Cerebras' recent IPO and its current $63 billion market cap. The discussion frames the company's transition from early machine learning research to dominating the foundation model inference market. > *Serbust recently went public and is currently worth about $63 billion in the stock market. [00:54]* ## [00:48] – Cerebras’ Evolution Feldman describes Cerebras as a builder of AI-optimized computers that outperform GPUs by up to 20x in inference tasks across all model sizes. He attributes their recent success to AI models becoming smart enough for daily utility in 2025, leading to massive contracts with OpenAI and AWS. > *we're the the fastest at inference, not by little, but by a lot, 15, 18, 20x faster than GPUs. [01:39]* ## [02:17] – Wafer-Scale Bet Pays Off The conversation explores Cerebras' unique 'wafer-scale' architecture, which utilizes a single chip the size of a dinner plate. Feldman argues that radical performance improvements require radical designs, noting that critics initially dismissed the approach as impossible. > *we chose wafer scale, which means we build a 46,000 square millimeter chip, a chip the size of a dinner plate [03:39]* ## [06:38] – Challenges and Breakthroughs Feldman recounts a high-stakes period between 2017 and 2019 when the team struggled to make the technology work while spending $8 million monthly. He emphasizes that while the technical breakthrough occurred in 2019, market demand only exploded once AI became an essential daily tool. > *We had a period between about 2017... and middle of 2019 where we couldn't build it. [07:34]* ## [08:37] – Crossing the Market Chasm Feldman describes the early years where Cerebras had superior technology but struggled to find a market, eventually finding success in supercomputing labs. A pivotal $1 billion order from sovereign partner G42 provided the capital and scale necessary to battle-test their hardware and prepare for the AI explosion. > *We had a 2 or three year period where we were ahead of the market and absolutely nobody cared that we were blisteringly fast. [09:00]* ## [10:38] – Scaling Software and Hardware Scaling a hardware company involves physical constraints like manufacturing lines, power requirements, and test fixtures that software companies do not face. Feldman also highlights the long-term nature of deep tech development, noting that building a high-quality compiler takes nearly a decade of engineering effort. > *When you're building things... you have to call your manufacturing partner... Each step takes real time and effort to grow. [11:24]* ## [12:03] – Relevance of AI-Generated Coding Cerebras has aggressively adopted AI-generated coding, with token spending per engineer increasing significantly to support the use of autonomous agents. Feldman observes that certain engineers are becoming '100x' contributors by governing multiple agents for coding and QA tasks. > *They've moved their coding style to being one in which they govern agents... they've gone from being sort of 10x guys to being 100x guys. [13:12]* ## [13:31] – Leadership and Hiring Culture With a $20 billion backlog and a growing team of over 800 people, Feldman emphasizes the need to avoid corporate malaise by continuing to take extraordinary risks. He views himself as a 'professional David' who thrives on solving problems that others deem impossible while competing against Nvidia. > *We would much rather fail in pursuit of the extraordinary than succeed in the ordinary. [15:01]* ## [17:16] – When to Quit vs. Persist Andrew Feldman describes himself as a 'professional David' who thrives on competing against larger incumbents through intellectual superiority. He emphasizes that founders must guard against the 'slippery slope' of persistence by using external mentors to hold them accountable to their original hypotheses. > *The slippery slope is a beast... you have to guard against it. [18:32]* ## [19:40] – Why Cerebras Went Public The transition to a public company is framed as a way to reduce the cost of capital and gain legitimacy with large-scale corporate clients. Feldman notes that Cerebras chose the IPO path to differentiate itself as the market's only 'AI pure play' revenue stream. > *For us it was an opportunity to graduate from corporate adolescence to corporate adulthood. [23:22]* ## [22:57] – The OpenAI Deal Feldman recounts the intense four-and-a-half-week period during which Cerebras finalized a $20 billion deal with OpenAI, driven by a sudden demand for fast inference. The deal moved at an unprecedented pace, involving constant work through the holiday season to meet technical requirements. > *For a 20 plus billion dollar deal to do it in four and a half weeks was exceptional. [24:59]* ## [25:54] – Open Source and Post-Trained Workloads Andrew Feldman highlights how the open-source ecosystem sustains market interest and pressures closed-source developers to innovate. He emphasizes that seeing external developers build creative solutions on Cerebras hardware is a core motivation for the company's infrastructure goals. > *You got to love other people's ideas to take flight on on what you built. [28:04]* ## [27:37] – How Speed Opens Up New Business Extreme speed in AI enables fundamental shifts rather than just incremental improvements, using Netflix's transition from DVDs to streaming as a primary example. Feldman argues that the ambition for speed is a competitive advantage, as seen in the rapid construction of data centers. > *when the internet got fast they became a movie studio right that's what happens with speed [28:38]* ## [30:07] – Conclusion Drawing parallels to the PC and cloud revolutions, Feldman predicts that AI will move beyond replacing specific tasks to fundamentally reorganizing how work is performed. This shift is expected to trigger massive jumps in global productivity as new business models emerge around the technology. > *once we start sort of fundamentally reorganizing around this, you're going to see this sort of new business models and fundamental jumps in productivity. [29:53]* ## Entities - **Andrew Feldman** (person): Co-founder and CEO of Cerebras - **Cerebras** (organization): AI hardware company known for wafer-scale engine technology - **OpenAI** (organization): AI research organization that signed a multi-billion dollar deal with Cerebras - **G42** (organization): A sovereign AI and technology holding company that placed a $1 billion order with Cerebras - **Nvidia** (organization): Leading GPU manufacturer and dominant competitor in the AI chip market - **Sarah Guo** (person): Host of No Priors and venture capitalist - **AWS** (organization): Amazon's cloud computing division deploying Cerebras hardware - **Netflix** (organization): Used as an analogy for how speed changes business models from delivery to production

US Under Secretary of State Jacob Helberg returns to No Priors to unveil Pax Silica — a 14-country economic-security coalition designed to secure the entire AI supply chain, from chips to rare-earth magnets to robot actuators. The flagship project: 4,000 acres in the Philippines (a third of Manhattan) granted to the US for a "forward-deployed industrial base" — meant to do for liberal-democratic capitalism what China's Belt and Road did for state-led infrastructure, but driven by private companies and venture capital rather than state-owned enterprises. Sarah Guo and Elad Gil press Helberg on policy durability across administrations, how VCs fit in, and why he calls America a "global underdog." ## [00:00] Cold Open Helberg opens with the philosophical core of Pax Silica: the US won't win supply-chain competition with state-run factories. Its edge is its private sector and its companies — Steve Jobs's "enchant and delight" exported by the billions. The strategy is therefore to build platforms in lockstep with American builders that can ultimately operate as commercial services outside the government. > *We're not going to do government operated supply chains because that's not how we shine as a country. Our superpower is really our private sector and our companies.* ## [00:41] Jacob Helberg Introduction Sarah and Elad reintroduce Helberg, now confirmed as Under Secretary of State for Economic Affairs after their last conversation pre-confirmation. The framing for the hour: Pax Silica as a multi-nation effort to secure the AI supply chain for the US and its allies. > *Jacob, thanks so much for being here. Yeah, thanks for joining us. Thanks for having me.* ## [01:02] Pax Silica's Mission Helberg traces Pax Silica to his Hudson Institute speech, which laid out an "ecosystems-based" approach to supply chains. The coalition now spans 14 countries. The first concrete product rollout was the Philippines arrangement: 4,000 acres granted to the US for a forward-deployed industrial base. He pitches the bet as combining American common-law predictability with Philippine industrial comparative advantages — and explicitly frames this as the AI-supply-chain equivalent of a product launch, hosted in San Francisco to talk directly to builders. > *Pax Silica is an economic security coalition that now has 14 countries and the idea is really to have an ecosystems based approach to our supply chains and specifically the AI supply chain.* ## [03:51] Investing in AI Chip Supply Chains The AI supply chain is much broader than chips — "thousands of inputs like precision reducers and server motors and rare earth magnets and actuators" — and US concentration risk is high across nearly all of them. Helberg's frame is to pick geographies that already have indigenous industrial depth and values alignment. The Philippines fits both: a deep manufacturing ecosystem and the US's oldest ally in Asia. Robotics gets explicit attention as the next bottleneck after chips. > *The AI supply chain actually includes thousands of inputs like precision reducers and server motors and rare earth magnets and actuators and our concentration risk as a country is incredibly high for basically all of those inputs.* ## [05:43] Comparing Pax Silica to China's Belt and Road Initiative The natural comparison, and Helberg leans into it. Belt and Road, he explains for the audience, was 25 years of state-owned enterprises building government-operated roads, bridges, railways, mines, and processing plants overseas — infrastructure as a foreign-policy tool. Pax Silica deliberately inverts the model: the assets are private and commercially viable, the government's role is to lower friction and align allies, and the goal is sticky economic interdependence rather than political leverage. Helberg argues this is both more durable and more transparent — the recipient countries get real growth rather than debt traps. > *Fundamentally what it was was state-owned enterprises building government-operated railways, government-operated mines.* ## [12:38] Pax Silica's Value Proposition For partner countries, the pitch is simple: AI is already fueling over a third of US GDP growth and creating record demand for copper, cobalt, electricians, and every input that goes into a data center. Countries that take meaningful positions in different layers of that supply chain capture growth they otherwise can't. Helberg leans on the non-zero-sum nature of tech inflection points to argue this can be mutually beneficial — the pie grows fast enough that everyone at the table wins. > *The pie grows really fast. And so, it's really not zero-sum, which actually makes it incredibly conducive to forge very mutually beneficial relationships.* ## [14:38] US vs. Partnered Manufacturing Elad asks the obvious question: what stays in the US versus what gets partnered out? Helberg's framing is consumption-versus-production. The US is 4% of the world's population but consumes 20–30% of global output across most categories — and produces far less. Closing that gap by definition reindustrializes America. Some things (state-of-the-art fabs, defense-critical capabilities) must be domestic. Others (mineral processing, certain components) are better partnered where geography and industrial base already favor it. The instinct isn't autarky but a deliberate redistribution of the supply chain across allies, with the US holding the most strategically sensitive layers. > *America consumes accounts for, you know, somewhere in the neighborhood between 20 and 30% of global consumption on any given quarter.* ## [19:10] Rare Earth Mineral Pricing Elad pushes on rare earths: not actually rare, total market only a few billion dollars, heavily subsidized by China as a control lever. Helberg agrees and reframes the economics — what determines rare-earth competitiveness is energy intensity and grade-quality of extraction, not geological scarcity. That makes the policy question about energy abundance and processing capacity, not finding new deposits. The implication is that the US can win this category if it solves the cheap-energy side of the equation — which is partly what the administration's broader energy-supply push is meant to enable. > *Really drives, you know, the economics of the of those industries, is how much energy do you need to pump into the ground in order to extract a given mineral at a given, you know, quality grade.* ## [22:16] Role of Venture Capital in Pax Silica Sarah asks, "asking for a friend," what private capital's role is. Helberg's answer is unusually direct for a State Department official: VCs are better than the government at assessing founders and operators, and execution capacity is what determines whether ambitious projects survive contact with reality. He wants the venture ecosystem as a signal layer — government allocation can ride on top of where credible operators are already going, rather than government trying to pick winners alone. The collaboration is explicitly bilateral: VCs surface execution-grade companies, government provides demand and policy support. > *You guys are kind of hardwired to be able to assess a lot of the personality attributes of founders and operators.* ## [24:50] Near vs. Long-Term Priorities How do you balance 2027–2028 deliverables against five-year plays? Helberg's answer is environment-setting rather than picking timelines. The administration's approach is to shape the macro environment so both short-term iteration and long-term capital-intensive plays get easier — cutting red tape, expanding domestic energy supply, quadrupling nuclear. He cites one of the first executive orders signed by Trump on quadrupling domestic nuclear as a structural enabler that pays off across both horizons. > *Helping shape the environment, you know, creating a macro environment that basically makes innovation, iteration of innovations as well as deployment of innovations a lot easier and less expensive.* ## [27:09] Making AI Policy Durable Elad raises the executive-order problem: each administration cancels the last one's orders. How does Pax Silica survive a transition? Helberg notes that some things — like tax reform — are very sticky, and that his role bars him from electoral commentary. He doesn't fully answer the durability question, which is itself the answer: the durability has to come from legislation and from facts on the ground (the Philippines industrial base, partnered manufacturing) that are hard to walk back. > *Tax reform is very sticky.* ## [28:09] How Policies Impact Entrepreneurs For American business owners and operators, Pax Silica is positioned as a market-access platform — expanding what US companies can sell into allied markets like Japan, South Korea, India, and Singapore, where even friendly trading partners often impose meaningful friction. Helberg specifically wants feedback from operators on partnerships already in flight, supply-chain decisions executives are now making more deliberately, and policy fixes that would unblock cross-border collaboration. > *We want to use it as a platform to expand market access for our companies.* ## [31:00] Trump's Entrepreneurial Administration Asked what surprised him most after starting at State, Helberg points at the administration's speed and risk appetite — "Trump time," the running joke with overseas counterparts. He attributes it to a president who spent most of his life in the private sector and a cabinet (Bessent, Lutnick, others) that operates by private-sector instincts rather than bureaucratic ones. The implication for builders: the appetite for trying new things is unusually high right now, and Pax Silica is one beneficiary of that. > *We like to move in Trump time.* ## [33:00] Why America is a Global Underdog Sarah closes by pressing Helberg on his framing of America as a "global underdog" — counterintuitive given that the US is usually described as the established power. Helberg invokes Graham Allison's *Thucydides Trap* and pushes back on the framing: America's identity from its founding has been a nation of underdogs — 13 disorganized colonies rebelling against polite society's empire, repeatedly told they were in decline, repeatedly proving the establishment-class predictions wrong. The argument lands as a defense of American risk-taking culture and a closing pitch: the country wins by behaving like an underdog rather than defending its incumbency. > *We've always been a nation of underdogs.* ## Entities - **Jacob Helberg** (Person): US Under Secretary of State for Economic Affairs; architect of Pax Silica. - **Sarah Guo** (Person): No Priors host; founder & GP at Conviction. - **Elad Gil** (Person): No Priors host; independent investor / serial entrepreneur. - **Pax Silica** (Concept): A 14-country economic-security coalition led by the US State Department, aimed at securing the AI supply chain via forward-deployed industrial bases and private-sector partnerships. - **Belt and Road Initiative** (Concept): China's 25-year state-led overseas infrastructure program — the foil against which Pax Silica positions itself. - **Philippines Forward-Deployed Industrial Base** (Project): 4,000 acres granted to the US for industrial build-out, the first flagship Pax Silica project. - **Thucydides Trap** (Concept): Graham Allison's framework characterizing US-China as established-power-vs-rising-power; Helberg rejects the established-power framing. - **Trump Administration** (Organization): Frames Pax Silica's policy speed and risk appetite ("Trump time"), with key cabinet members Scott Bessent and Howard Lutnick referenced.

Long Lake Management co-founder and CEO Alexander Taubman joins Elad Gil to discuss the firm's $6.3 billion agreement to acquire American Express Global Business Travel — what Elad calls the world's first AI take private. Taubman explains how Long Lake's horizontal AI platform, Nexus, deploys across services verticals to drive growth rather than cut headcount. The firm buys and holds, Berkshire-style, betting that compounding AI productivity gains over years beats any short-term flip. ## [00:00] Alexander Taubman Introduction Elad Gil opens by noting that Long Lake has already done roughly 30 acquisitions under its AI-transformation thesis before landing Amex GBT — the world's largest corporate travel platform — for $6.3 billion. > *"Long Lake recently announced their intent to acquire American Express Global Business Travel for $6.3 billion in what I believe is the world's first AI take private."* ## [00:30] Long Lake's Nexus Platform Nexus is model-agnostic and sits between foundation models and the data sources, skills, and workflows of each acquired business. About 80% of the infrastructure is shared across verticals; the remaining 20% is deployment work — mapping workflows, cleaning data sources, and embedding engineers in the field. What once took over a year now lands within days of an acquisition close, delivering immediate time savings that Long Lake channels into growth rather than cost cuts. > *"We're actually not really focused on cost saving. We're actually focused on driving growth and customer experience. That's our big — and what we've seen it's a much more powerful model because it's our view of AI is it's incredibly positive sum."* ## [03:35] Retention and Talent Flywheel Employees equipped with Nexus handle more customers, make fewer errors, and earn more — and leaving means returning to the mundane work Nexus eliminated. That friction is becoming a genuine talent magnet. Portfolio companies that were growing 0–5% annually are now growing 20%+ organically. > *"If you now leave Long Lake or one of our partner companies to go to a competitor you have to start doing all this mundane work again that you 25%, 30% of your day — you have to go do that again. And the thought of it — it's like giving up email or something."* ## [05:01] Acquisition vs. Offering Software Selling software into services businesses means accepting a thin feedback loop and no control over change management. Owning the company puts Long Lake's engineers in the same room — often literally the same state — as the field workers whose pain points they're solving. The skunk-works colocation model tightens the loop from months to days. > *"Our team views our employees and our team members in the field as the customer and that feedback loop internally — that's the other point. We have a much tighter feedback loop."* ## [06:57] Building Long Lake's Founding Team Long Lake was purpose-built to fuse three disciplines: private equity M&A, applied AI engineering, and change management. The first 20 hires all came through network — engineers who had been co-founders or CTOs of applied AI startups but couldn't crack services-industry distribution. M&A leads came from GTCR, Blackstone, TPG, and HIG, attracted specifically because those firms are not AI-native. > *"There felt like a huge, huge gap and so a lot of the folks that came together for our founding team actually were founders before in technology. Many of them had their own startups on the engineering team."* ## [10:37] Taking American Express Global Business Travel Private Amex GBT was on Long Lake's whiteboard of target industries because corporate travel is mission-critical and high-cost-of-failure — a missed trip is a real business loss. Founded in 1915 by American Express to evacuate Travelers check customers from Europe during World War I, the 111-year-old franchise has already charted an AI transformation roadmap publicly. Long Lake's plan is to deploy Nexus on top of that existing strategy and give every travel counselor AI superpowers. > *"Imagine basically your travel counselor with AI superpowers. That's kind of the future we envision for AMEX GBT's customers."* ## [13:36] Taking Berkshire Hathaway's Approach to Management Traditional PE loads companies with debt, cuts, and flips in three to five years. Long Lake explicitly rejects that model: the compounding effects of better tools → better people → better customer outcomes → faster growth take two to five years to crystallize, and selling at that point would forfeit the advantage. The Danaher and Transdigm operating playbook — consolidating fragmented industries with a differentiated system — is the explicit reference point, applied to services with AI as the edge. > *"You're going to build the best company in the industry and then you're going to sell it? That just doesn't make sense to me. I'd want to own that company forever and compound on that advantage for decades to come."* ## [16:37] How AI Strategy Makes Long Lake Stand Out Enterprise AI remains roughly 1% penetrated in real use cases. Sellers choose Long Lake over traditional PE because the offer includes permanent capital, an engineering team that moves in for years, and a platform deployable on day one. Founders and management teams are encouraged to roll equity into the new structure so they participate in the upside. As Long Lake's track record builds, Taubman expects cost of capital to fall — making the firm an even more competitive bidder without needing to win on price. > *"Having a long-term permanent capital partner is already a wonderful thing but having that partner with deep applied AI engineering expertise and a platform that you can deploy day one — that's really resonated."* ## [19:32] AI Makes Services Scale Labor-intensive services businesses face a brutal growth tax: adding 20% more revenue often requires hiring 20% more staff, keeping only 20 cents of each incremental revenue dollar after labor costs. Nexus raises existing team productivity 30–40%, breaking that equation. Portfolio company CEOs — some running businesses for decades — describe this as the best stretch of their careers because they are finally growing with software-like incremental margins. > *"When you make your existing teams 30 to 40% more efficient and they can handle more customers, it changes the whole mindset of the organization. Now you're growing. You look like a software company now where you're now growing with high incremental margins."* ## Entities - **Alexander Taubman** (Person): Co-founder and CEO of Long Lake Management; led the $6.3B Amex GBT take-private - **Elad Gil** (Person): Host of No Priors; independent investor and serial entrepreneur - **Long Lake Management** (Organization): AI-driven roll-up firm; acquires and transforms services businesses using Nexus - **Nexus** (Software): Long Lake's horizontal AI platform; model-agnostic, 80% shared infrastructure across verticals - **American Express Global Business Travel / Amex GBT** (Organization): 111-year-old corporate travel platform; subject of Long Lake's $6.3B take-private bid - **AI take-private** (Concept): Acquiring a publicly listed company with the explicit intent of AI-transforming its operations — Long Lake's deal with Amex GBT is described as the first of its kind - **Danaher / Transdigm** (Organization): Operating conglomerates cited as the model for Long Lake's long-term, compounding acquisition strategy