From Cloud-Native to AI-Native: What Actually Changes
The Fifteen-Year Echo
Fifteen years apart. Same stage. Different world.
In 2010, Adrian Cockcroft stood on the QCon stage and told the audience that Netflix was running its entire business on a public cloud. Most people in the room thought he was crazy.
Fifteen years later, Cockcroft was back at QCon, this time explaining how he manages swarms of autonomous AI agents that produce several days’ worth of code in fifteen minutes [1]. The audience reaction was different. Nobody called him crazy. They were taking notes.
Security Is Job Zero — Even (Especially) in the Age of Coding Agents
$20 and Two Hours
On February 28, 2026, security startup CodeWall gave an autonomous AI agent a single input: a domain name. Two hours and approximately $20 in API tokens later, the agent had full read/write access to the production database of McKinsey’s internal AI platform, Lilli [1] [2].
The attack vector? SQL injection — a vulnerability class from the 1990s. But in a novel context: the injection was in JSON keys, not values, which standard security scanners missed [3].
The Coding Agent That Doesn't Code
The Friday That Wrote Itself
Last Friday, I used a coding agent for eight hours straight. I didn’t write a single line of code.
I prepared a customer meeting by pulling context from Slack threads, calendar events, and our CRM. I researched a technical paper on geometric memory architectures and wrote a structured analysis. I collected travel expense receipts from my email — train tickets, hotel invoices, an Uber receipt forwarded from my personal phone — downloaded the PDFs, and assembled them into an expense report. I curated a reading list from articles I’d bookmarked throughout the week. I drafted the research note you’re reading the seeds of right now.