Useful AI Systems Are Emerging Inside Controlled Enterprise Workflows

Across the day’s substantive discussions, the strongest AI claims shared a constraint: the technology becomes commercially useful when it is embedded inside a system that can limit it, price it, audit it, or route it through existing infrastructure.

That was not a claim every speaker stated in the same terms. It is the pattern that emerged across the Microsoft, Suno, Hollywood, crypto, stablecoin, cybersecurity, and workflow-software discussions. Microsoft’s Build strategy was framed less as a raw frontier-model race than as a bid to make Azure and Microsoft 365 the operating environment for agents. Suno’s funding case rested on retention, paid usage, and a belief that music becomes participatory media. Creator films are working, in Samir Chaudry’s account, not because YouTube simply replaces Hollywood, but because internet-native attention can be paired with development, craft, and theatrical distribution. Stablecoins become more practical when they connect to payroll, cards, local banking, and spend controls. Cybersecurity gets larger when AI accelerates both vulnerability discovery and attacks, because enforcement points and ground truth matter more, not less.

That frame matters most in Microsoft’s Project Solara. The device itself looked easy to question. The architecture behind it was harder to dismiss.

Microsoft’s Build announcements put the company directly into foundation models, agents, and AI hardware. John Coogan described Microsoft as now “in the foundation model game,” pointing to MAI Code 1 Flash and MAI Thinking 1 as its first coding and reasoning models. The pitch around them, as Coogan presented it, was not that Microsoft had clearly surpassed the frontier labs. It was that Microsoft could offer models with attractive cost-per-token economics, deployable through Azure, and suitable for enterprise customization.

The more consequential question was whether Microsoft can make the cloud, rather than the phone or PC, the center of agentic computing.

At Build, Satya Nadella introduced Project Solara as a new class of device for agents. The stationary version was designed for a desk, built on MediaTek silicon, and integrated with Hello for Business so that walking up to the device securely signs the user in. Microsoft’s slides described the experience as “grounded with Work IQ” and oriented around “Think, plan, delegate.”

The portable version looked less like a phone than a smart badge or key card. Nadella held it onstage and said that, using his fingerprint, he could unlock it and securely access his agents. In the demo, the device surfaced a task: “gather content for your social media post from today.” The source visuals showed a badge-like device with an employee-style display reading “Madison Product Designer,” reinforcing the enterprise-access-card framing rather than a general consumer-phone replacement.

That form factor immediately raised the obvious objection. Jordi Hays asked why anyone would want it instead of a phone app. Coogan did not claim to know. His best argument was that a dedicated agent device might follow the “dumb phone” logic: not a device for consumption, scrolling, or watching video, but a lightweight tool for delegating work that can later be reviewed on a desktop.

The stronger version of the argument came through Ben Thompson’s framing, which Coogan quoted and unpacked. Thompson called Project Solara “vaporware at this point,” even though Microsoft showed real devices and named Qualcomm and MediaTek as chip partners. But Thompson also found the concept “extremely compelling.” In his read, the key shift was that wearable or portable devices are normally limited by their interaction model: they are useful only when the human is actively using them, and being “in the loop” on a wearable is awkward. With agents, the useful work can happen after a brief interaction, in the background, in the cloud.

That makes Project Solara less about a badge and more about an architecture. Microsoft does not control a mobile platform like Apple does. It has every reason to promote a model where the cloud is the hub and devices are spokes. But Thompson’s argument, as relayed by Coogan, was that this model may fit agents better anyway. Agents operate across apps, data stores, and devices. The phone can be one access point, but if it is locked down, it may be a poor hub.

The enterprise version is clearer than the consumer version. Enterprise context and compute already live in the cloud. A company could mandate that employees carry these devices as secure badges, with the device functioning as a thin client into enterprise agents running inside Microsoft Azure and Microsoft 365. Chats, emails, calendars, contacts, OneDrive, SharePoint, Teams, and Outlook data are already inside the Microsoft world.

That is why Coogan tied Project Solara to Thompson’s thesis that “thin is in” in the AI era. If compute is constrained to the data center, and if serious agent work happens in the cloud, then a thin access device can make sense. The Solara badge, in that view, is almost pure interface.

The hosts remained skeptical of the hardware itself. Coogan said he would try the badge but questioned whether he would reach for it instead of his phone. He also said he would get little benefit personally because he is not someone who runs his life in Outlook, Microsoft Teams, and Microsoft 365. Hays put it more bluntly: “You gotta be all in. You gotta be pushing your chips in.”

Microsoft’s agent story is therefore narrower and more coherent than a broad consumer device pitch. It is not “everyone needs a second phone.” It is: if your company lives inside Microsoft’s cloud, Microsoft can offer a controlled, secure, agentic interface to that world.

Microsoft’s Scout agent, Coogan said, is the company’s first proactive AI agent for Copilot. The striking part was its dependence on OpenClaw. Alex Heath had posted that Microsoft was embracing OpenClaw, and Coogan summarized Heath’s view: when Scout is released more widely in the summer, it will be powered by OpenClaw, and Microsoft will contribute its security guardrails back to the project’s open-source ecosystem.

The appeal is that Microsoft can adopt a powerful open framework without letting it roam unbounded. Coogan described OpenClaw as powerful but rough-edged. He mentioned earlier concerns around Meta AI and Instagram account theft as an example of what can happen when agentic capabilities escape clean constraints. Inside Microsoft’s ecosystem, by contrast, an OpenClaw-powered agent can operate across spreadsheets, PowerPoints, databases, email, and documents while remaining inside an enterprise boundary.

The walls of the garden, in Coogan’s framing, become part of the safety argument. “If you’re all in on one walled garden, the walls are actually somewhat safe,” he said, with some reservation.

Heath’s broader argument was that Microsoft is acting like a platform company rather than trying to own too much of the stack. Coogan summarized Heath’s view this way: you embrace a growing open framework when you believe you can control the ground it stands on. Microsoft can do that inside Copilot, Azure, and Microsoft 365. Apple, by contrast, may benefit indirectly from OpenClaw-driven Mac Mini purchases, but Heath thought it was unlikely Apple would create the kind of white-glove OpenClaw experience Microsoft is building with Scout.

Coogan expected Apple’s AI path to look different. With WWDC approaching, he guessed Apple might show Siri working better, shortcut integrations, stronger question-answering, and perhaps Gemini under the hood. He framed that as a prediction, not a reported fact. What he did not expect was an OpenClaw-like agent that could “worm its way into every other app.”

The MAI model announcements fit the same enterprise logic. Coogan emphasized Microsoft’s claim that its pretraining data was “clean” and that it had not distilled from another lab. This matters because enterprise buyers want confidence that a model will not create downstream legal or compliance problems. Microsoft’s pitch, as Coogan presented it, is that it has sanitized the training data and avoided distillation, giving companies a safer baseline model.

He contrasted Microsoft’s customization approach with Amazon’s. In Coogan’s description, Amazon offers mid-training: a company can take a checkpoint from pretraining and add relevant data. Microsoft is offering more of a reinforcement-learning or post-training route. In both cases, the business pitch is similar: start with a capable model that runs efficiently on Azure, fine-tune it for the company’s work, deploy it on known infrastructure, and know the cost per token.

Heath added that the right comparison for MAI Thinking 1 may not be OpenAI or Anthropic, but Meta. He said Microsoft’s thinking model was “quite competitive” with Meta’s model, which he found notable because Microsoft’s MAI team has not had the same aura around it. Meta has built hype around MSL and TBD Labs through the talent war around figures such as Nat Friedman, Daniel Gross, and Alex Wang. Microsoft has Mustafa Suleyman, but less public mystique around the team.

Microsoft, then, was not presented as the new frontier leader. It was presented as building the enterprise stack around agents: good-enough proprietary models, clean-data claims, customization tooling, Azure economics, OpenClaw inside Copilot, and new devices that make the cloud the hub.

Mikey Shulman said Suno had raised “a little over $400 million” in a round led by Bond, with new investors joining and existing investors participating. A lower-third on the source identified Suno’s valuation as $5.4 billion.

The business case was traction, not a need to cover runaway inference or training costs. Every time Suno releases new products and models, Shulman said, more people come to the product and more people stick around. Usage retention, paid retention, the share of users coming three or more days a week, and session time were all improving. He said those engagement metrics were up about 50% in the previous six months.

For Shulman, revenue is a trailing indicator of product quality. Retention is the cleaner sign that people are returning because they love the product. Suno has a generous free tier, so he distinguishes between usage retention and paid retention. Both matter because free users who keep returning may still show that the product is becoming part of their creative life.

The company’s pricing remains simple: a free tier, a $10-per-month tier, and a $30-per-month tier. The higher tier includes more usage and additional power features. Like other AI products, Suno also sells overages when users hit caps. Shulman said some users spend hours a day in the product, reach their limits, and keep paying for more.

Coogan raised the gross-margin complexity of AI subscription products. Some customers may use so much compute that they are gross-margin negative, while others pay for the best product but use it occasionally and are highly profitable. Shulman responded that Suno’s margins are “pretty okay” because music models are small.

The more important difference is consumer psychology. Workplace SaaS is often paid for by an employer; consumer entertainment is paid for directly by the person trying to enjoy it. That makes Suno’s job harder. The product has to deliver enough value without making users constantly worry about credits.

Coogan asked whether Suno would eventually need advertising because consumer entertainment is hard to monetize at scale. Shulman disagreed with the premise, or at least with Ben Thompson’s likely version of it. He cited roughly 800 million streaming music accounts and said a little less than half pay. Around 300 million people paying for streaming music, in his view, is already a large consumer-payment market. He expects a large fraction of those streaming subscribers to subscribe to Suno over the long run.

The larger claim is that music has had little innovation in the end-user experience for a long time. Streaming services largely look the same: all the world’s music on your phone, available for listening. If music becomes something users can play with, remix, personalize, and create around, Shulman argued, there is room for multiple music subscriptions in the way people subscribe to multiple video games or video streaming platforms.

Hays pressed him on the scale of the opportunity. He said he could easily imagine Suno as a $10 billion company but had a harder time seeing it as a $100 billion company. Shulman said that question has followed the company at every scale. People asked how many people “really want to create” when Suno had $100,000 in revenue, and they ask it at $100 million in revenue. His answer is that every product improvement broadens the audience. In demos, when someone is guided through the “magical moment,” their eyes light up. The company’s work is to let people reach that feeling on their own.

Mikey Shulman argued that AI music is becoming less controversial because more people are using it, including inside the music industry, even if they are not talking about it. As “everybody knows that everybody knows,” the practice normalizes. Consumers soften when they play with the product and realize it is fun, or when they discover that music they like already contains AI-generated elements.

Coogan connected that normalization to Martin Scorsese appearing in a Black Forest Labs video discussing AI in filmmaking. In that demo, Scorsese used AI for a pre-visualization or storyboarding-like workflow, describing a town that did not feel modern — narrower streets, cobblestones, a twisting main road — and seeing images generated from the prompt. Coogan’s point was not that Scorsese was using AI end-to-end, but that a filmmaker of his stature calling it useful changes the conversation.

Music has an analogous workflow. Songwriters can use Suno to make low-fidelity productions or demos for artists. Those demos may later be replaced by non-AI or minimally AI production, but the tool can make the early creative step easier.

Hays asked whether a major artist still has the opportunity to be an AI first mover. His imagined version was not an anonymous AI-generated track, but a major artist openly documenting how Suno entered the creative process. The tool might contribute one riff, one idea, or one early sketch, then be transformed by traditional producers and songwriters. Hays wanted the public framing to be “another instrument in the room,” not a replacement for musicians.

Shulman said that moment has not fully happened yet, though Suno is already present in popular music. At some point, he said, someone will document and celebrate the use of these tools in making music, and that will be a huge cultural moment.

Then he described the next one: an artist releases an album “meant to be Suno’d by their fans.” That would make AI music not just a production tool but a new fan format. Fans would not merely listen; they would create around the artist’s release.

The technical discussion around Suno clarified why music models may develop differently from coding or chess models. Coogan asked whether Suno’s model intelligence is “spiky,” improving dramatically in particular genres the way language models improve in coding when labs add targeted data or reward structures. Shulman said Suno tries not to leave its fingerprints on the model because the team should not be the arbiter of good and bad music. It can identify corrupt files or low-quality sound, but it cannot reliably say that a song with 10,000 YouTube plays is worse than one with 10 million.

Coding and chess have objective answers. Music does not. That means techniques based on verifiable rewards do not transfer cleanly. Suno is therefore less interested in making the model exceptionally good at one genre and more interested in finding “anti-spikes”: places where it is bad at jazz or country and needs to be improved.

The open platform question came up through viral formats. Coogan imagined users screenshotting text messages and having Suno produce not just a song but the edited viral video format around it. Hays wanted a Slack integration that turns the workday into an hour-long song for the commute home. Shulman said the amazing thing is that Suno is becoming a platform where others build on top. Suno will not invent every cringey text-message video or workplace integration. Others can.

Samir Chaudry argued that the recent connection between YouTube-native creators and Hollywood is not simply overdue; it is arriving because the relevant generation is now old enough and experienced enough. When Samir started on YouTube, Kane Parsons was five years old. These are internet-native filmmakers, not traditional filmmakers using the internet as promotion.

Samir gave three reasons the moment is working.

First, Gen Z IP often does not resemble legacy IP. Backrooms began as a 4chan image and became a collaborative internet story. It feels, in Samir’s words, like something millions of people had a hand in creating. When that becomes a theatrical release, viewers may feel they are watching something they participated in, not just a franchise handed down from a studio.

Second, internet filmmaking teaches attention discipline. Samir cited Corey Barker, director of Obsession, who said that on the internet, “the audience is begging for a reason to leave, and you have to convince them to stay.” Hollywood has historically had more entitlement: a star, a marketing budget, and a theatrical ticket could carry the audience into the seat. YouTube creators learn that a viewer can click away at any moment, so the story must work frame by frame.

Third, Hollywood craft still matters. Samir rejected a simple “Hollywood is dying” narrative. Hollywood talent — cinematographers, screenwriters, set designers, and other craftspeople — is available and powerful when paired with internet storytelling acumen. Theaters are also available. Markiplier, he said, put his movie into 4,600 theaters himself. The worlds are not just colliding; they are starting to supply what the other side lacks.

Horror has been the proving ground. Samir pointed to the RackaRacka brothers signing with A24 and making Talk to Me for about $4 million, which he said ended up making just about $100 million. He said Obsession was made for about $1 million, Focus purchased it for around $15 million, and it had generated $148 million not even a month in. Horror is historically cheaper to produce, and he compared the pattern to The Blair Witch Project.

He also expected Hollywood to overreact. Agents will likely ask every creator talent whether they have a horror script. But the real lesson, in his view, is that internet-native storytellers can reach millions, fill theaters, and do so at costs far below traditional blockbuster budgets. He contrasted this with The Mandalorian, which he said cost $265 million all-in and had made $247 million at that point.

Coogan asked whether YouTube creators will now be given permission to make more fiction, rather than remaining inside explainers, podcasts, commentary, reaction videos, and other established formats. Samir thought horror and animation were the most likely areas. He cited The Amazing Digital Circus from Glitch, whose first few episodes crossed half a billion views. Horror, animation, and video-game-adjacent storytelling work well on YouTube; other genres may emerge more naturally from Instagram and TikTok, and whether those become feature-length films remains unclear.

The more institutional implication is that YouTube becomes a real incubator of IP and talent. Hollywood executives have long understood that creators can make money from brand deals and AdSense, but Samir said the recent movies proved that natively internet-built IP can make “real money” through traditional film economics.

That also changes what Hollywood scouts should watch. Samir said Backrooms was found by a 27-year-old staffer poking around YouTube and Reddit. His advice was to watch Reddit closely, especially where large communities are building worlds in real time. He mentioned Dream SMP in Minecraft, Red vs. Blue with Halo, and GTA RP as examples of interactive storytelling and world-building that create not just an audience but a “mobile audience” invested enough to move with the IP.

Samir Chaudry identified development as the missing layer between creator audiences and durable Hollywood IP.

Creators with large audiences often know how to earn attention, but that does not automatically mean they know how to build durable global IP. Kane Parsons, Samir noted, was signed at 16, and A24 mentored him from ages 17 to 20. A24’s strength is not just capital or distribution; it is knowing how to make something culturally relevant and iconic. Kane had help with screenwriting and is looking for a collaborator for Part 2.

Samir warned that the likely Hollywood reaction — find creators with scripts, put money behind them, move fast, try to make $150 million — may miss the slow craft development that made the successes possible. Financing is not the hard part because creators know how to make things cheaply. The risk is too much money too early.

Coogan made a similar point in response to a question about YouTubers’ passion projects. Many creators grow around a highly optimized format: title, thumbnail, hook, structure, repeatable views. Then they make a more personal project, and only the true fans show up. Coogan argued that monetizing a passion project is almost an oxymoron. If the creator deeply cares about it and knows what it should be, they should either fund it themselves or work with a trusted financier who will not intervene. He pointed to Markiplier and Curry as examples where limited budgets and fewer strings may have protected the work.

Samir also addressed AI-generated films. Asked when one person might prompt their way to a 30-minute film that earns critical or audience attention, he said the first obvious examples are more like Spencer Pratt’s AI-heavy mayoral ads: short, shareable, clearly AI, and accepted as part of the story being told. He thought short animated films may be the first real format, perhaps within a year or two.

But he also suggested that internet fatigue may help theaters. He said he personally feels it and has seen data suggesting Gen Z screen time is starting to drop after spiking. AI tools will matter, but the physical theatrical event may also regain value.

That was part of why Backrooms’ physical sets mattered. Coogan observed that Backrooms began as CGI and VFX work in Blender and After Effects, and that a community had modeled 3D assets around it. One might expect the film adaptation to remain heavily CGI. Instead, they built 30,000 square feet of physical set. Coogan saw the original CGI almost as an audition for underwriting the physical buildout.

Samir said that if the movie had been CGI, he would have asked why it was not simply made for YouTube. The tactile set made it an event. Interviews were conducted in the Backrooms. There was a DJ set from the Backrooms. People visited the Backrooms. A24 turned the physical environment into a full 360-degree experience.

The lesson is not that internet IP replaces Hollywood craft. It is that internet-native attention, collaborative lore, cheap production discipline, Hollywood development, physical event-making, and theatrical distribution can now combine in ways that neither side could do alone.

Tom Farley traced his crypto exposure back to 2013, when he was at the New York Stock Exchange and learned about blockchain from Dan Romero. Romero, then headed west to start a blockchain company, described smart contracts as a programmable finance layer that could disintermediate institutions like the NYSE. Farley met Fred Ehrsam and the NYSE invested $10 million into Coinbase.

The investment was public and, Farley said, hugely valuable for Coinbase because the NYSE brand validated the company. On the West Coast it was celebrated as the coming together of traditional finance and crypto. On the East Coast, it looked weird.

Farley’s original thesis was that blockchain would become a programmable finance layer for institutions. He said that thesis was wrong in timing and adoption path. Retail, not institutions, came first. Institutions arrived much later.

He rejected the idea that crypto has already been an unqualified success. There have been few successful companies relative to the attention and capital poured into the sector. The disruption to traditional finance has been small. There have been winters, frauds, scams, “fart coins,” and “monkey drawings.” He is not in the industry for those, though he acknowledged they brought attention and money.

What makes him optimistic now is that the warm-up act may be ending. Blockchains have been battle-hardened, he said. Regulators have become more accepting. He pointed to acceptance of blockchain rails for serious use cases in Hong Kong, Singapore, Europe, and now the United States. He described FIT21 as ratifying stablecoins and giving them “papal blessing,” and said the Clarity Act, if passed, could be the largest regulatory or legislative step yet.

His ten-year view is that the global securities market moves onto blockchain rails. He put crypto at $2.7 trillion and the global securities market at $270 trillion. That 100x scale difference is where he sees the parabolic opportunity.

Farley said money market funds and U.S. equities are already moving onto blockchain rails, and he pointed to industry players including the NYSE, DTCC, electronic brokers, Kraken, and Binance as working on tokenized stocks. Fixed income tokenization is also appearing, in his account. Those examples, as Farley framed them, mark the beginning of crypto’s institutional phase.

Hays asked whether cost or speed matters more, especially 24/7 trading. Farley said the answer depends on the constituent. For liquid U.S. securities such as Nvidia, incremental demand often comes from abroad. Singapore is 12 hours away. Investors there do not want a derivative or IOU; they want the actual stock. Trading 24/7 can add liquidity and lower the cost of equity for companies.

Issuers may care less about speed than new functionality. Farley mentioned naked short selling, which is illegal but is possible in an intermediated system where ownership is buried through layers of brokers. On blockchain rails, the question is simpler: are the shares in a wallet or not? Issuers may also want to pay dividends in stablecoins or reward long-term holders. Farley cited Eric Ries’s Long-Term Stock Exchange idea and said rewarding long-term holders is hard if the issuer cannot see who owns the security and how long they have held it. With blockchain, the wallet history makes that visible.

For investors, the benefit is more straightforwardly cost and settlement speed. Instant settlement has value. But the largest claim is structural: if the securities industry moves on-chain, crypto’s institutional phase becomes much larger than its speculative phase.

Farley also treated compute futures as a plausible future market, but not an easy one. Asked whether compute could be traded like a commodity, he said successful futures contracts depend on standardization and commoditization. Compute has a harder path because “a GPU is not necessarily a GPU”: an A100 and a Blackwell are not interchangeable in the way commodity contracts prefer, and providers have a vested interest in not being commoditized. He still suspected a market would emerge, but “probably” over a couple of years.

A possible Friday SpaceX IPO prompted Farley to recall Alibaba’s Friday IPO at the NYSE. He remembered being extremely nervous, with Jimmy Lee asking whether the exchange had tested the system before an expected flood of retail orders. For a SpaceX IPO, Farley expected extreme volatility in the first hour and meaningful price discovery through the day. He did not see the weekend itself as a major issue absent substantive new news, but he argued that capital-formation mechanisms can be improved and said blockchain technology could help smooth future processes.

Henri Stern described Privy’s launch with Deel as a move beyond simple stablecoin payout. The partnership lets contractors receive stablecoins globally and then do more than just hold them.

Stern described three pieces. First, any business can pay contractors in stable assets if the contractor chooses, with rollout starting in Argentina. Second, Deel is launching a wallet-like account that lets users receive payments, hold a balance, earn on that balance, and spend from it. Stern said it does not look like a wallet app; it looks like an account. Functionally, it becomes a savings account in many ways. Third, Deel is issuing its own stablecoin, giving it more control over treasury management and related mechanics.

Coogan’s interpretation was direct: Deel is now in consumer fintech. Stern agreed.

Hays asked the practical question. Receiving stablecoin contractor payments makes sense. Earning on balances makes sense. But how does someone live on stablecoins in Brazil, Egypt, Thailand, or anywhere else? They need rent, food, wires, peer-to-peer payments, and ATM access.

Stern said the space is being stitched together through stablecoin cards that settle directly onto traditional Visa and Mastercard rails from a stablecoin balance. The merchant does not need to think about stablecoins; it looks like any other card transaction. At the same time, Stripe is working on the reverse path: helping merchants accept stablecoins directly if users have the balance. The goal is a multimodal platform where stablecoin and fiat rails interoperate.

China, by contrast, is not part of this adoption story in Stern’s account. Asked about stablecoin penetration there, he said stablecoins are “very much verboten” and not an active part of the market. Privy does not serve customers there for stablecoin products. He described stablecoins as a “file format for money,” with different coins analogous to JPEGs and PNGs, but said local regulation determines whether the format can be used in a country. China is not open to it today.

Asked which countries are leaning in most, Stern said the technology is naturally cross-border, so adoption shows up in corridors rather than single-country rankings. He cited U.S.-to-Mexico remittances, where Privy serves Felix Pago, which he said handles about 5% of a $60 billion annual corridor. He also mentioned UAE-to-India remittances. Mexico has significant clarity, and Latin America is seeing substantial volume.

On startup formation, Stern divided the market into software layers and local money pipes. Privy itself is cryptographic infrastructure. Other companies are building APIs and abstractions over local banking connections. He sees a large gap in localized partnerships because connecting into banking systems country by country is hard.

The second active area is agentic commerce. Founders are building control systems that let agents pay with stablecoins or fiat. The problems include service discovery, payment protocols for agentic interfaces, and metering spend so an agent hallucination does not destroy the user financially. In the background, Stern said, larger banks and institutional players are now showing up in ways they historically had not.

Nikesh Arora declared “the SaaS apocalypse dead for cybersecurity.” His argument was not that AI is irrelevant. It was that cybersecurity cannot tolerate the error rates of unaided models.

Arora said unaided models still have a false-positive rate around 25% if they are not given the right harness, context, and explanation of what the code is supposed to do. In cybersecurity, being wrong one out of four times is unacceptable. He compared the idea of replacing cybersecurity infrastructure with a raw AI model to putting OpenAI in a car and expecting it to drive without the machine-learning systems Waymo has built. “It doesn’t work like that.”

AI will enable cybersecurity, he said, but it will do so through companies that already sit at enforcement points. Palo Alto Networks sits at more than 125 million enforcement points. AI can make those points better at detecting and blocking threats, but it does not remove the need for the points themselves.

The demand-side effect is also clear. AI buildout means more data, more network traffic, and more bits that need to be inspected. Arora described cybersecurity as “the TSA of the internet”: every bit must be inspected as good or bad. If technology traffic explodes, cybersecurity demand rises with it.

AI also improves the product. The challenge is taking model false positives from 25% down toward zero and embedding models into categories of cybersecurity where they improve protection. Internally, AI can make the company more efficient, but Arora emphasized judicious use. Palo Alto separates crown-jewel code from less sensitive tasks. For critical code, the company built its own sequestered open-source model and harness so that its code does not train anything in the public domain. For customer support tasks, it can use smaller models rather than expensive frontier tokens.

This led to a broader point about enterprise AI use. Arora said AI “democratizes intelligence.” In a company with 100 marketing people, not all are equally strong. If the company trains models on its own marketing data, it can raise the average output closer to the top performers and then rely on humans for the final judgment. The same logic applies to thousands of customer support employees: reduce variance, increase effectiveness.

But Arora drew a hard line between experimentation and business transformation. Letting employees try models is useful for learning the art of the possible. Enterprise impact comes from reimagining whole workflows. In customer support, Palo Alto is looking at diagnostic agents, data requirements, knowledge bases, product telemetry, machine learning, and LLMs together. The goal is low-single-digit false positives, not a random employee asking a chatbot to help with a spreadsheet.

He warned that “AI psychosis” sets in when users let AI evaluate itself instead of comparing its output with ground truth. He gave a concrete example from earnings preparation. His team wrote that Palo Alto had simulated a cyberattack that was possible in 24 minutes using new frontier models. When Gemini refined the language, it changed the sentence to suggest that Palo Alto had attacked in 24 minutes. Arora’s reaction was that this was exactly the kind of thing humans still need to catch.

Arora’s most important cybersecurity forecast was near-term turbulence followed by a stronger baseline. AI testing, he said, has found in six weeks what would previously have taken five to seven years to find. That creates a deluge of vulnerabilities and patches. IT departments will have to patch aggressively. The next three to six months may be bumpy. But he sees this as paying down technical debt accumulated over years. Six months from now, he expects a better starting point.

The harder long-term problem is AI’s ability to daisy-chain vulnerabilities into attacks. Defense then depends not just on finding vulnerabilities but detecting and stopping attacks in real time. That requires modernized stacks, more data, anomaly detection, and faster enforcement.

On national advantage, Arora took the optimistic side but not the complacent one. The United States, he said, is building on the lead from the last technology wave: hyperscalers, large consumer technology companies, and cybersecurity companies are concentrated in the U.S. Investments in chips, electricity, infrastructure, and cybersecurity policy all support the next AI buildout. But offense and defense remain asymmetric. Cybersecurity has to be right all the time; attackers only need to be right once. Bad actors can rent compute. The task is to keep defense moving at the speed at which offense can happen.

Arora was also spending “a lot” of time on quantum. Palo Alto launched capabilities to assess customers’ quantum cryptography readiness and wrap traffic with quantum-secure keys. The threat model is “harvest now, decrypt later”: nation states may collect encrypted classified data now and break it when quantum capability arrives. Arora said nation states will likely have quantum capability before it is commercially available, so companies should protect traffic now.

Alex Good introduced himself as someone who had been “very pilled” early on the idea that AI would destroy people’s work product. He said many people are reaching that view now, but he was processing it in 2023 and went through his own AI psychosis. Now, he said, he is “post-psychosis,” working in a Codex terminal on a protocol.

Good’s view of the crypto-AI intersection was notably unsentimental. So far, he said, it has not been a particularly good intersection. AI agents are evaluating human-written code, accelerating hacking. Protocols can be prompt-engineered into sending money. If the system can simply send assets when persuaded by a prompt, that is a problem.

What kept him interested in crypto was what he called the “doom thesis”: AI may not accelerate productivity so much as accelerate a surveillance-state world, causing capital to flee the system. He connected that to renewed interest in privacy coins such as Zcash. He also argued that Bitcoin’s thesis is weakening because it is not private and because, in his view, ownership and liquidity are increasingly shaped by Michael Saylor’s complex financial structures around MicroStrategy. Those were Good’s claims, not treated in the discussion as audited market conclusions.

Good then described a newer crypto-AI thread: useful proof of work. He said projects such as Pearl are exploring proof-of-work AI coins where GPUs are used for AI-related work while securing a network. Pearl, according to Good, is using MatMul mining and has a partnership with Together AI. He also said there were rumors of Thrive involvement and private token sales at a roughly $2 billion fully diluted valuation. He presented the pitch as miner-subsidized inference, while also questioning the economics by comparing the claimed discount with pricing he said could be found elsewhere, such as OpenRouter. The point was not that the market had settled this, but that crypto-AI builders are still searching for a model where tokens subsidize useful compute rather than simply attach themselves to AI narratives.

He distinguished this from stake-based networks such as Render and Bittensor. Pearl, as he described it, is closer to an architecture-level shift because the network is secured by GPU operation, not merely staking.

Good’s own protocol thesis is different. Crypto’s open-source nature makes it unusually well suited to AI-assisted development. Codex and other agents are effective in crypto, he said, because the code is public and in the training data. If a developer builds shielded transactions and wants to compare against Railgun’s implementation, an AI agent can inspect it. That is unlike old Fortran code locked inside a financial institution and absent from the training set.

This creates what Good called an OPEX efficiency argument. Crypto has historically been wasteful: conferences, foundations, and heavy engineering costs. Because it is software-native and open source, AI could reduce engineering labor significantly.

His account of escaping AI psychosis was practical. The first phase is the fear that one’s work is meaningless because AI will do it better. Then, by using the tools, the user discovers that AI is impressive in domains they do not understand and weaker in domains they deeply understand. The way out is not denial. It is trying to obsolete your own previous work first and identifying new capabilities that AI makes possible.

Good’s example is a “data lake” for his crypto project: hundreds of contributors doing tasks, with their aggregate intelligence summarized by AI into actionable trade ideas. Inspired by Palantir’s ontology work with unstructured corporate and government data, he wants to apply similar methods to r/WallStreetBets-like trading information and other market alpha sources.

He also argued that AI is changing markets themselves. Investors increasingly paste transcripts and earnings releases into AI systems. Those systems have different biases from humans, in Good’s account. A complex company like ASML may bore a human listener halfway through an earnings call, but Claude may find the details highly engaging. Good thinks this changes which stocks attract attention. Previously boring B2B companies such as HPE, Micron, and SanDisk can become more legible to retail investors because AI systems help parse complex equity stories.

He expects the same dynamic in crypto: coins with complex technical stories, including Zcash and its privacy technology, may benefit because users can ask an AI to explain why the technology matters.

On entertainment, Good argued that AI’s enterprise focus has crowded out consumer media in the short term. Anthropic, in his reading, is not prioritizing images or video, and OpenAI has constrained Sora because compute is scarce. That may help companies like Suno, whose most intense potential competitors are deprioritizing entertainment. But as AI costs fall, he expects entertainment use cases — games, generative content, AI-enabled IP universes — to accelerate.

The late examples returned to the same constraint that ran through the institutional AI discussions: AI becomes useful when it is embedded in a workflow with boundaries, records, and human control.

Matthew Prince of Cloudflare, according to Coogan, said bots had passed human traffic online for the first time in internet history, with bots at 57.5% of traffic. Coogan connected that to agentic browsing: every time a user fires off a task, agents may hit hundreds of pages through tool calls and reasoning traces. The internet is increasingly being read and operated by software on behalf of users.

In accounting, Eric Glyman presented Stack as an AI operating system for accounting firms. The product’s launch video positioned Stack against ad hoc AI usage: prompts for variance analysis or vibe-coded reconciliation tools may work sometimes, but they break when security, auditability, and accuracy are non-negotiable.

The source video showed Stack reconciling accounts and posting journal entries while the voiceover described one secure place to orchestrate “AI coworkers for accounting.” It emphasized real accounting work rather than a generic chatbot: booking transactions, amortizing prepaids, reconciliation, ERP connections, firm-specific process learning, human approval before posting, and a complete audit trail.

Stack’s pitch is to orchestrate AI coworkers for accounting in one secure place. It handles end-to-end work such as booking transactions, amortizing prepaids, and reconciliation. It connects to ERPs and client systems, learns firm-specific ways of working, gives humans the final say before anything posts, and records every action for auditability.

Coogan said that this had been Ramp’s vision since launch: not just corporate cards or spend management, but deeper automation of finance work. The AI moment makes that older vision more executable.

The same workflow framing appeared in Black Forest Labs’ Scorsese video. Martin Scorsese was shown using FLUX 2 as a visual ideation tool, describing a non-modern town with narrow cobblestone streets and a twisting main road, then asking for the camera to be higher looking down. He compared it to Cecil B. DeMille having production designers create oil paintings.

Coogan called “cinematic intelligence” a strong tagline for Black Forest Labs. Hays emphasized the more modest but important claim: AI is a tool in a workflow. It may not make the next Martin Scorsese movie this year, but it can help him think through what to work on next.