Good People, May 2nd

🤝 Good Morning and welcome back to Good People, a weekly newsletter for 30,000+ elite engineering and product talent who will miss the ChatGPT-Glazing era.

👮‍♂️ AI vs AI: The Zero-Cost Attack Era and Outtake's Defensive Revolution: The full deep dive on Outtake.ai is here, exploring how autonomous AI agents are fighting back against the tsunami of AI-generated scams that threaten to reshape digital trust forever.

🦺 Are Platform Squads a Startups' Secret Weapon: Platform engineering is no longer just for tech giants – startups with 40-80 engineers are now creating dedicated squads that deliver 30% faster shipping cycles and dramatically improved developer satisfaction. See why this specialized role is becoming essential infrastructure at high-growth companies and how startups are using them for a competitive edge.

🔥Hot Startups Hiring: As always, we have a fresh batch of startup roles hiring in SF, NYC, and Remote. Don’t like Crypto? Only looking for Frontend roles in healthcare? If you’d like to get personalized opportunities each week, fill out our new Opportunities Survey and we’ll make sure you’re only receiving the roles that matter to you.

In 1962, the U.S. Congress passed the Tariff Classification Act, which amended the Tariff Act of 1930 to implement new tariff schedules. In particular, the act included Tariff Item 807.00, which eliminated tariffs on products that were assembled abroad from U.S. parts. This seemingly minor policy change had far-reaching effects: semiconductor companies, starting with Fairchild Semiconductor, began moving assembly operations to Asia to take advantage of substantially lower wages. This policy shift, combined with basic economic incentives, fundamentally reshaped the global technology landscape in ways that are still playing out today.

Why start an article about AI and cybersecurity with a discussion of 1960s tariff policy? Timely, yes I know. Sometimes small technical or economic shifts create fundamental changes in power structures that reverberate for decades. We are witnessing such a shift today, but this time the impact isn't coming from government policy – it's coming from the collapse of what we might call the "cost of digital violence."

In his 1997 book "The Sovereign Individual," James Dale Davidson and Lord William Rees-Mogg advance a provocative theory: the most important variable in human political history is the relative cost of offense versus defense – what they call the "cost of violence." When defense is cheaper and more effective than offense, power fragments. When offense becomes cheaper, power consolidates.

Consider medieval Europe, where castle walls provided effective defense at a reasonable cost. A local lord could build a stronghold that would require a much larger attacking force to overcome. This asymmetry – cheap defense, expensive offense – created a landscape of distributed power with numerous small fiefdoms and city-states.

The invention of the cannon fundamentally altered this equation. Suddenly, castle walls were vulnerable to a technology that could efficiently breach them. As Davidson and Rees-Mogg write, those who could afford cannons – initially just two countries – gained dramatic advantages, leading to the rise of empires and the fall of feudalism. The relative cost of offense had dropped, changing the power structure of Europe.

This framework provides a powerful lens for understanding our current digital moment. As Outtake.ai founder Alex Dhillon puts it: "What just happened is the cost of offense on cyber just went to zero. LLMs make it zero dollars to be an asshole online now."

The rise of generative AI has dramatically reduced the cost of conducting digital attacks. Creating convincing phishing emails, fabricating fake websites, generating deepfake videos, producing synthetic voices, and launching social engineering campaigns – tasks that previously required significant skill and resources – can now be automated at massive scale with minimal investment.

In late 2022, a fake tweet claiming Tesla was accepting Dogecoin as payment went viral. The Tesla stock briefly spiked before the hoax was exposed. Around the same time, deepfakes of prominent figures promoting crypto scams proliferated across YouTube. These weren't isolated incidents – they represented the new reality where AI makes creating convincing digital forgeries nearly effortless.

This is the world Alex Dhillon observed after leading AI products at Palantir, where he'd worked closely with security-conscious organizations. When Dhillon founded Outtake.ai in October 2023, his team of Palantir veterans weren't just launching another cybersecurity startup – they were responding to the fundamental shift in the digital attack landscape.

Outtake's mission is straightforward but ambitious: protect, understand, and license the online identity of the people and brands who influence our society. The company describes itself as a "content intelligence" platform, using AI to monitor rich media (video, images, audio) across the web to defend against impersonation, deepfakes, and brand abuse.

The company's rapid growth is especially striking by security startup standards. This trajectory has attracted significant investor attention, with the company securing $20 million in funding – a $16.5 million Series A led by CRV after a $3.5 million seed round from Slow Ventures, Night Ventures, Mantis VC (founded by The Chainsmokers), former OpenAI chief research officer Bob McGrew, and others.

What makes Outtake's approach different from traditional brand protection or anti-phishing services is its fully autonomous, AI-driven methodology. Rather than simply alerting clients to potential threats, Outtake deploys what they call "agentic AI" – essentially autonomous agents that can search, classify, and neutralize threats in real time.

Let's break down what happens when a brand like Bank of America faces an impersonation attack today. Scammers might create fake customer support accounts on social media platforms, impersonating the bank to trick customers into sharing sensitive information.

Before AI, this was labor-intensive: criminals had to manually create convincing fake profiles, actively respond to customers, and maintain their operations. The friction inherent in this process naturally limited the scale of such attacks.

With generative AI, however, creating hundreds or thousands of convincing profiles, complete with believable responses, costs almost nothing. Dhillon explains:

"But you can imagine you throw LLMs on top of this, and you're like, wait a minute, I can get a hundred fake customer support things going. And it's like $3 and no work for me. And so the volume on this attack approach just exploded over the last year and a half."

Outtake's approach to this challenge has three components: search, classification, and removal.

The search phase is more complex than it might initially seem. Traditionally, companies would employ people to search for brand mentions using various keywords. But effective searching requires understanding context and continuous adaptation. For example, if Bank of America starts promoting mortgages in Texas, scammers will quickly adapt their tactics to mirror this specific marketing angle. The search terms need to evolve along with the brand's activities and the tactics of attackers.

The classification phase involves determining what's genuine versus harmful. When examining a social media account or website, humans intuitively assess multiple factors: Is the language professional? Does the branding look authentic? Is there suspicious activity? Training AI models to make these determinations with high accuracy is complex.

Finally, the removal phase requires automating the legal process of taking down infringing content. The Outtake team has developed software that can inspect code on malicious websites and then quickly draft legal documents to request takedowns – a process that previously required hiring expensive lawyers.

The technical infrastructure supporting all this must operate at massive scale. Outtake processes over 100 terabytes of content daily, monitoring everything from social media platforms to domain registrations, app stores, and advertising networks.

The rise of zero-cost digital attacks has profound implications for how organizations must think about security. Traditional cybersecurity approaches that rely on human oversight and manual intervention simply can't keep pace with the volume and sophistication of AI-generated threats.

Similarly, traditional security vendors are attempting to extend human-centered security practices to the AI era. Outtake represents a fundamentally different approach – one where AI systems autonomously defend against other AI systems with minimal human intervention.

This approach is necessary because the economics have changed so dramatically. In a world where attacks can be generated at near-zero cost, defense must similarly scale without linear increases in cost. Only AI systems can provide this level of scalable defense.

The AI-Defense Equilibrium framework helps us understand not just Outtake's business prospects, but the larger implications for digital security in this new era:

Outtake isn't alone in recognizing the need for AI-driven defense. The cybersecurity landscape is evolving rapidly to address the threat of AI-generated attacks.

What gives Outtake a potential edge is its deep focus on agentic AI. If their agents truly are more autonomous and effective than competitors', Outtake could maintain a technological lead even as the market grows more crowded.

The collapse in the cost of digital attacks will have far-reaching consequences. When impersonation, phishing, and other forms of digital deception become trivially cheap to execute at scale, the very foundation of digital trust is threatened.

This leads to several potential futures:

Outtake is betting on the first scenario – that advanced AI defense can effectively counter AI-driven attacks, maintaining a baseline level of digital trust. Their early success suggests there's merit to this approach, but the challenge will be staying ahead as offensive capabilities continue to evolve.

The rise of zero-cost digital attacks represents one of the most significant shifts in the security landscape since the emergence of the internet itself. Generative AI has fundamentally altered the economics of offensive actions online, creating an urgent need for equally scalable defensive measures.

Outtake.ai exemplifies the new paradigm of automated defense – using AI not just to detect threats but to autonomously disrupt them in real-time. Their approach recognizes that the volume and sophistication of AI-generated threats have outpaced traditional human-centered security models.

As we navigate this new frontier of AI-on-AI competition, one thing is clear: the cost of digital violence has fundamentally changed, and our defensive strategies must change with it. In such an environment, automated defense isn't just a competitive advantage – it's an imperative.

Last week we launched our Engineering Compensation Calculator—a zero-fluff tool powered by thousands of verified offer letters from VC-backed startups. Try it out!

Let's break down why this role is exploding, what these teams actually do, and why it might be your next career move.

Shipping software has never been more complex. Between service sprawl, infrastructure complexity, and compliance requirements, engineers face major cognitive overhead before writing a single line of business logic.

Enter platform engineering squads: small teams creating internal "products" (Internal Developer Platforms or IDPs) that abstract this complexity, giving product teams paved roads to production.

The numbers don't lie: Gartner predicts 80% of large orgs will staff platform teams by 2026, up dramatically from 45% in 2022. This isn't just an enterprise trend – the CNCF's 2024 survey shows 58% of organizations already run at least one hosted or installable IDP, with another 21% planning to add one in the next 12 months.

What's particularly interesting for our community is that PlatformEngineering.org notes mid‑stage startups are now hiring their first "Platform Lead" when they hit between 40-80 total engineers. If you're at a Series B/C company, expect to see this role emerge soon.

A typical platform squad consists of 4-6 engineers supporting 40-100 product devs (roughly a 1:15-20 ratio) by owning:

The concept of "golden paths" is central here. Netflix pioneered this approach with opinionated templates that get a microservice to production in under 30 minutes. This model has become the benchmark for reducing cognitive load on product engineers.

What's new in 2025 is the AI layer being added to these platforms. Backstage GPT plugins now surface runbooks and fix recommendations directly in the portal, cutting cognitive overhead even further. This means product engineers spend less time Googling error messages and more time building features.

Abstract benefits are one thing, but concrete examples bring the value to life:

A scale-up SaaS company added just two platform engineers and moved from manual Helm charts to Humanitec. The result? Deploys per week jumped 4×, while their "change failure rate" dropped by 20%.

A fintech mid-stage startup adopted Backstage + Port to clean up 120 microservices and triaged over 700 unowned repositories into a catalog. Developer satisfaction increased by 18 points in their annual survey.

An e-commerce unicorn replaced ad-hoc Terraform with golden-path modules, resulting in infrastructure tickets dropping from 25% to just 8% of all JIRA work.

The platform engineering space is evolving rapidly as AI capabilities are integrated. Here's what's happening now:

This human-AI collaboration model is showing early promise in reducing toil while maintaining control.

If you're an engineer with systems thinking and a knack for developer experience, platform engineering offers an excellent career path. It combines deep technical work with high organizational impact – a perfect recipe for career growth.

For hiring managers, consider that a small platform team investment (remember, just 4-6 engineers) can dramatically boost your entire engineering org's velocity.

We've seen a surge in platform engineering roles across our portfolio companies over the past six months. If you're interested in exploring opportunities in this space, grab time on our calendar [here] to discuss how your experience aligns with what top startups are looking for.

Good people know good people – if you know someone who'd be perfect for a platform role, forward them this email!

Tired of duct‑taping regexes and half‑awake humans to catch the next fraud spike? This two‑digit‑ARR, single‑digit‑headcount startup turns compliance into an SDK: AI agents already beat human reviewers (95 % accuracy, sub‑second latency) for glob‑size marketplaces. You’ll push code this week that guards billions tomorrow.

Imagine every LP update, audit trail, and scenario model flowing through one realtime backend—no more month‑end Excel marathons. Fresh off a $25 M+ Series A, this NYC‑born company is rewiring how funds close books and forecast billions. Greenfield code, zero legacy.

Sick of 3 a.m. Slack pings about stuck Kubernetes jobs? Backed by tier‑1 AI and GPU funds, this $18 M seed outfit plugs agents into K8s, Snowflake, and Grafana to auto‑detect drift and PR the fix while you dream. They need a Staff Infrastructure Lead to handle <50 ms pipelines at 100 M events/day.

Copy–paste a URL, and boom—money’s there in three seconds. This stealth‑scale payments team is collapsing remittance friction with browser‑native links and L2‑speed rails. Backed by top crypto + FinTech VCs; Series B chatter already buzzing. Architect tomorrow’s rails while the team’s still <20 heads.

Still Here? Then why not book a call with our team! We’d love to help you find your next role. Grab a quick 15-minute consultation call with our recruitment experts to learn more about these opportunities.

Have a friend, colleague or classmate who might be interested? Feel free to reply with their email or forward this to them. We offer very generous referral incentives 💰

Not interested in receiving this? Hit unsubscribe below (I will miss you though).