IMO, there is no better way to learn about the big picture and how to communicate clearly and succinctly than by reading Annual Shareholder Letters from CEOs. Some of the best written letters are from Jeff Bezos (Amazon), Warren Buffet (Berkshire), Larry Fink (Blackrock) and Jamie Dimon (JPM Chase). This past week Jamie is back with his letter reflecting on 2023 and looking ahead to 2024. We also have a new addition, Andy Jassy from Amazon, former leader of AWS. So let’s dig in deeper.

First, there are super powerful statements on the future of AI. Here’s Jamie Dimon’s view:

While we do not know the full effect or the precise rate at which AI will change our business — or how it will affect society at large — we are completely convinced the consequences will be extraordinary and possibly as transformational as some of the major technological inventions of the past several hundred years: Think the printing press, the steam engine, electricity, computing and the Internet, among others.

Here’s Andy Jassy from Amazon:

Last but certainly not least, Generative AI may be the largest technology transformation since the cloud (which itself, is still in the early stages), and perhaps since the Internet. Unlike the mass modernization of on-premises infrastructure to the cloud, where there’s work required to migrate, this GenAI revolution will be built from the start on top of the cloud.

Digging deeper into Jamie’s comments 👇🏼 you can see we are still in the early innings.

In fact, notice the clear statement that its 400 use cases in production are AI & ML meaning most of this is NOT GenAI based yet. The next sentence specifically spells that out: "We're also exploring the potential that generative AI (GenAI) can unlock across a range of domains. If interested in last year’s commentary you can find it here in What’s 🔥 #336.

Next up, both CEOs write extensively on company culture, thinking long term, and constantly challenging assumptions.

Jamie Dimon has a whole section titled Management Lessons: Thinking, Deciding and Taking Action - Deliberately and with Heart. In it he lays out the OODA Loop borrowed from the military which stands for “(Observe, Orient, Decide, Act — repeat), a strategic process of constant review, analysis, decision making and action. One cannot overemphasize the importance of observation and a full assessment — the failure to do so leads to some of the greatest mistakes, not only in war but also in business and government.”

You need to shed sacred cows, seek out blind spots and challenge the status quo.

Very often companies or individuals develop narratives based upon beliefs that are very hard to dislodge but are often wrong — and they can lead to terrible mistakes. A few examples will suffice. Stripe, Inc. built a payments business by working with developers — something we never would have imagined but might have figured out if we had tried to seek out what others were doing in this area. Branches were being closed, both at Bank One and Chase, because the assumption was that they would not be needed in the future. We underinvested for years in the wealth management business because we were always focused on the value of deposits versus investments. Question everything.

Use your brains to figure out the truth — not to justify what you already think.

It’s often hard to change your own attitudes and beliefs, especially those you may have held on to for some time. But you must be open to it. When you learn something that is different from what you thought, it may affect many conclusions you have, not just one. Try not to allow yourself to become rigid or “weaponized,” where other employees or interest groups jazz you up so much that you become a weapon on their behalf. This makes it much harder to see things clearly for yourself. When people disagree with you, seek out where they may be partially right. This opens the door for a deeper understanding and avoids binary thinking.

It's hard to see certain long-term trends, but you must try…

Andy talks about Amazon’s culture as focused on customers and primitives.

At our best, we’re not just customer obsessed, but also inventive, thinking several years out, learning like crazy, scrappy, delivering quickly, and operating like the world’s biggest start-up.

We spend enormous energy thinking about how to empower builders, inside and outside of our company. We characterize builders as people who like to invent. They like to dissect a customer experience, assess what’s wrong with it, and reinvent it. Builders tend not to be satisfied until the customer experience is perfect. This doesn’t hinder them from delivering improvements along the way, but it drives them to keep tinkering and iterating continually. While unafraid to invent from scratch, they have no hesitation about using high-quality, scalable, cost-effective components from others. What matters to builders is having the right tools to keep rapidly improving customer experiences.

The best way we know how to do this is by building primitive services. Think of them as discrete, foundational building blocks that builders can weave together in whatever combination they desire. Here’s how we described primitives in our 2003 AWS Vision document:

“Primitives are the raw parts or the most foundational-level building blocks for software developers. They’re indivisible (if they can be functionally split into two they must) and they do one thing really well. They’re meant to be used together rather than as solutions in and of themselves. And, we’ll build them for maximum developer flexibility. We won’t put a bunch of constraints on primitives to guard against developers hurting themselves.  Rather, we’ll optimize for developer freedom and innovation.”

Of course, this concept of primitives can be applied to more than software development, but they’re especially relevant in technology. And, over the last 20 years, primitives have been at the heart of how we’ve innovated quickly.

Finally, how does Amazon remain resilient?

Recently, I was asked a provocative question—how does Amazon remain resilient? While simple in its wording, it’s profound because it gets to the heart of our success to date as well as for the future. The answer lies in our discipline around deeply held principles: 1/ hiring builders who are motivated to continually improve and expand what’s possible; 2/ solving real customer challenges, rather than what we think may be interesting technology; 3/ building in primitives so that we can innovate and experiment at the highest rate; 4/ not wasting time trying to fight gravity (spoiler alert: you always lose)—when we discover technology that enables better customer experiences, we embrace it; 5/ accepting and learning from failed experiments—actually becoming more energized to try again, with new knowledge to employ.

Founders, I love working backwards and learning from the best run companies in the world. Build these principles into your culture from Inception and continue to hone and iterate.

As always, 🙏🏼 for reading and please share with your friends and colleagues.

Scaling Startups

# I don’t know why this is a thing but went all over X this past week - this is the right way to frame it 👇🏼

#Once again, this interview on Lenny’s Podcast with co-founder and CTO of Hubspot, Dharmesh Shah is 🔥 - here he talks about early stages of cos - trying not to die, then trying not to stagnate, and then fighting complexity - never too early to focus on simplicity

@dharmesh on why every founder is fighting the 2nd law of thermodynamics

#Love this and so true - from Adam Grant (author)

Confidence doesn't always come from believing in yourself today. It often stems from recalling the obstacles you overcame yesterday.

A history of resilience can silence self-doubt. Challenges conquered are clues to hidden strengths. 

Past progress is proof of future potential.

#Repeat after me - forget about everything you learned during ZIRP about building companies and reboot and go back to basics - click for tweet and here’s my running doc on Back to Basics Building Startups from Inception

Enterprise Tech

#The 2024 Enterprise Tech 30 released by Wing Venture Capital is here. Congratulations to portfolio companies Clay in the Early Stage (first year on the list) and Snyk at the Giga Stage! Also happy to play a small part here as one of the judges.

Some interesting stats:
* By category, 30% of the ET30 2024 companies are in AI models and tools. 25% are in SaaS, and 20% are in data platforms, ETL and BI. 10% are in cybersecurity. We describe and define our category framework, which is designed to be MECE (mutually exclusive and collectively exhaustive), in the next section.

* By stage, 90% (9 of 10) of the early stage ET30 2024 companies are in AI models and tools and data platforms, ETL and BI. 10% (1 of 10) are in SaaS. There are no cybersecurity, developer and devops tools, fintech, and defense/aero early stage ET30 companies this year.

* The mid and late stage ET30 companies are more distributed with companies in five of the seven categories in our framework. 35% (7 of 20) are in SaaS; 25% (5 of 20) are in data platforms, ETL, and BI; 15% (3 of 20) are in AI models and tools; 15% (3 of 20) are in cybersecurity; and 10% (2 of 20) are in developer and devops tools. 

* 50% of ET30 2024 companies are generative AI-native, meaning that the companies’ origins are rooted in generative AI technology. Further, an additional 13% of ET30 2024 companies are generative AI-launch, meaning that the companies have recently launched significant generative AI features or products. By comparison, 3% of ET30 companies in 2021 were generative AI.

* Product-led growth remains prominent in the Enterprise Tech 30. This year, 75% (30 of 40) of ET30 companies employ a significant product-led growth model, as compared to 63% of ET30 companies in 2019. 

*Early stage companies continue to ascend to the Enterprise Tech 30 rapidly. This year, the median time since founding for early stage companies was 1.8 years, as compared to 2.3 years for last year’s early stage cohort and 5.0 years for the 2019 early stage cohort. The pace of ascension is due to both the venture capital financing market and the tech movement in generative AI

#Another day, another Israeli cybersecurity company being sold for hundreds of millions 💰 - this time, NoName in the API security space, a super crowded space with dozens of companies, sells for an amazing $500M of cash to Akamai (TechCrunch). One caveat, the company raised over $220M in its history with $135M of that in its last round at a $1 Billion 🦄 valuation. This is another example of growth investors getting their capital back while the seed investors will I’m sure make a healthy multiple on their initial check. More on the consolidating cybersecurity industry and the game of musical chairs being played in What’s 🔥 #380 - What to expect for cybersecurity startups in 2024…

While the potential deal price is half the valuation than Noname’s last private valuation, those who invested at the early stage will receive a meaningful return from the sale. Meanwhile, the deal should allow the later-stage investors, particularly those who invested in the last round, to get a full return on the capital they put in, if not the profit that they hoped for during those heady days of 2021 when money was flowing and valuations were optimistic.

The deal values the company at about 15X annual recurring revenue, the person said. Noname’s approximately 200 employees are expected to transition to Akamai if the sale closes.

#Forgot to add this to last week’s post about YC’s batch - many are training their own AI models (Jared Friedman, Partner, YC)

(0/25) Here's a list of 25 YC companies that have trained their own AI models. Reading through these will give you a good sense of what the near future will look like.

#Why it’s still so early for AI…if a problem can’t be solved, just wait a week or two

#Pay attention - Intercom completely rebranded as AI-first company and crushed it’s messaging

#Google Cloud Next was this week and it was all about AI - here’s more from TechCrunch on Gemini Code Assist, it’s Github Copilot competitor - notice supports on-prem deployments

Even more so than the Duet AI version, Code Assist is also a direct competitor to GitHub’s Copilot Enterprise and not so much the basic version of Copilot. That’s because of a few Google-specific twists.

Among those is support for Gemini 1.5 Pro, which famously has a million-token context window, allowing Google’s tool to pull in a lot more context than its competitors. Google says this means more-accurate code suggestions, for example, but also the ability to reason over and change large chunks of code.

“This upgrade brings a massive 1 million-token context window, which is the largest in the industry. This allows customers to perform large-scale changes across your entire code base, enabling AI-assisted code transformations that were not possible before,” Brad Calder, Google’s VP and GM for its cloud platform and technical infrastructure, explained in a press conference ahead of Tuesday’s announcement.

Like GitHub Enterprise, Code Assist can also be fine-tuned based on a company’s internal code base.

Another feature that makes Code Assist stand out is its ability to support codebases that sit on-premises, in GitLab, GitHub and Atlassian’s BitBucket, for example, as well as those that may be split between different services. That’s something Google’s most popular competitors in this space don’t currently offer.

Google is also partnering with a number of developer-centric companies to bring their knowledge bases to Gemini. Stack Overflow already announced its partnership with Google Cloud earlier this year. Datadog, Datastax, Elastic, HashiCorp, Neo4j, Pinecone, Redis, Singlestore and Snyk are now also partnering with Google through similar partnerships.

#Speaking of Snyk (a portfolio co) and Gemini Code Assist, here’s more on how Snyk allows developers to secure code at the speed of AI…

Gemini + Snyk: Security and velocity
Snyk is the only security companion for developers that keeps pace with AI coding assistants. We provide automated fixes and in-line security feedback with unparalleled speed and accuracy — whether the code originated from human coders or AI assistants. We allow developers to keep moving within their workflows without slowing the pace of development.

This new partnership allows developers to build secure applications while harnessing Gemini's creativity and productivity. Snyk delivers a security companion right within the Google Cloud Code IDE, giving security teams guardrails early on so they can confidently sign off on adopting AI coding assistants and providing developers with trusted and impartial security visibility and fixes.

#So what happened to Devin your AI programmer? Here’s SWYX’s review after getting early access

You should ignore the comments of everyone here who hasn’t personally used Devin

Anyone who follows my alt knows that I’ve been hammering the shit out of it since @ScottWu46 gave me unrestricted access

With Devin we have:
- shipped Swift code to Apple App Store
- written Elixir/Liveview multiplayer apps
- ported entire projects in:
   - frontend engineering (React -> Svelte)
   - data engineering (Airflow -> Dagster)
- started fullstack MERN projects from 0
- autonomously made PRs, fully documented

I dont know half of the technologies I just mentioned btw. I just acted as a semitechnical supervisor for the work, checking in occasionally and copying error msgs and offering cookies. It genuinely felt like I was a eng/product manager just checking in on 5 engineers working concurrently. (im on the go rn, will send screenshots later)

Is it perfect? hell no...

#Why is observability so expensive and how to rethink (Matt Klein - founder of Envoy) - a number of startups going after this space as Datadog bills continue to 📈 and every company is looking to cut costs on runaway software bills

The real root cause of the current cost crisis
By now it is hopefully clear what the real root cause of the current cost crisis in observability tooling is:

The adoption of large scale service/function architectures have vastly increased both the need for observability as well as the possible production points of telemetry. Over the past 2 decades infrastructure as a service providers and open source have made it easier and easier to produce voluminous amounts of telemetry.

Engineers have to pre-define and send all telemetry data they might need – since it’s so difficult to make changes after the fact – regardless of the percentage chance of the actual need.

The ZIRP era and its “free money” coincided with the previous 3 points, leading to a bonanza of telemetry output, with little to no regard given to the cost of production or storage...

What if we were to apply the control plane / data plane split to observability? And taken to its extreme, what if the data plane is the original source of telemetry before moving outside the process to be filtered, transformed, and stored by sometimes many proxy layers, at substantial cost? What if by default we never send any telemetry at all?

#Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed! (Security Week) - this is a matter of when, not if - solutions like Smallstep (a portfolio co) can help manage those rotations at scale

“It can take a decade or more [for large organizations] to swap out cryptographic infrastructures,” he continued. “If quantum at scale happens within seven years from now, then we’re in deep trouble because we haven’t begun that migration yet. The cryptographic infrastructure, especially around things like software updates, software signatures and all that stuff, is fundamental to the security of the internet.”

Bocek agrees that QuantumBleed is the biggest mid to longer term threat we face today. He is slightly more optimistic than Blauner. He believes that if we really begin to understand the importance of the issue, we can achieve it in less time. But it’s still a mammoth task.

“RSA is the foundation on which we’ve built modern cybersecurity, modern digital commerce, and modern social media. How do I know I’m actually connecting my phone to Facebook, or YouTube, or Zoom? How do I know my app is really connecting to the cloud? It’s because of RSA – and when that crumbles, everything else stops working.”

It will crumble. We cannot stop that. All we can do is replace RSA with something that will be QuantumBleed resistant. That will require swapping out all of RSA usage and replacing with NIST’s quantum proof encryption algorithms. “That cannot be done overnight,” he said. “It’s a migration that will be measured in years, not months. So, get started now.”

#We have a data problem - not enough to train future models (WSJ)

OpenAI Chief Executive Sam Altman has indicated the company is working on new methods to train future models. “I think we’re at the end of the era where it’s going to be these giant, giant models,” he said at a conference last year. “And we’ll make them better in other ways.” 

OpenAI also has discussed creating a data market where it could build a way to attribute how much value each individual data point contributes to the final trained model and pay the provider of that content, people familiar with the matter said. 

This same idea is being discussed within Google. But researchers have so far struggled to build such a system and it isn’t clear whether they will ever find a breakthrough.  

#The nightmare install process of ERP Systems - seeing lots of founders who want to reinvent ERP with AI but when you read this, you will understand how ingrained these systems are - not saying it cab’t or won’t be done but beware…

I spent 20 years as a management consultant.

Made Partner in my 30s.
Led teams of 100+ people.
Run 9-figure client portfolios.
Lived and worked in 4 continents.

I can tell you: ERP implementations are a NIGHTMARE. Always the same challenges.

Logo changes but issues don't:

🧵

#Chainalysis is more like an enterprise software company than a crypto one - Haun Ventures buying secondary (The Information)

Founded in 2014, Chainalysis sells compliance software that detects risky crypto transactions to customers including other crypto companies, banks and government agencies. It was one of the biggest beneficiaries of the crypto funding boom, raising money in later rounds from investors including Singaporean sovereign wealth fund GIC and Coatue Management.

Chainalysis was able to continue growing revenue through the crypto market meltdown that started in mid-2022, thanks to its government contracts and work generated by blowups including the bankruptcy of FTX, whose new management tapped Chainalysis to help track down customer funds. In 2022, it roughly doubled its revenue, CEO Michael Gronager has previously said.

Still, its pace of growth slowed last year, with Chainalysis finishing 2023 at about $190 million in ARR, up roughly 30% to 40% from the prior year, another person said. It expects its ARR to reach $250 million this year, the people said, which would put its growth roughly in line with that of the previous year. That projection implies Haun Ventures has been buying shares at around 10 times Chainalysis’s expected ARR this year, the people said, which would only be slightly below where some of the top publicly traded software companies, such as Snowflake and HubSpot, are valued.

Markets

#ZIRP - are we making a comeback?

#IPO at what size? From Kellblog, Dave Kellogg 🧵

The first three software companies I worked at all went public in the $30M to $50M revenue range. 

Now, we're saying they need to be $700M or they're sub-scale. 

This locks individual investors out of the market for innovative companies. You could buy Business Objects or Oracle at $200M in market cap. Now you have to wait until maybe $5B. 

Whole asset class (growth tech equity) is now only available to private investors via 2+20 fee structures. 

The losers here are employees, founders, angels, and individual investors. (And no, selling into opaque secondary markets with high transaction fees and strict approvals is not a great alternative.)