“When a paradigm shifts, everyone goes back to zero” (Joel A. Barker in his book “Future Edge”).
These days I find two types of people when talking about AI. The first type consists of those who doubt AI can do things properly. In my space, specifically, that would be coding. The argument goes something like “we certainly use AI for things like documentation, but of course it can’t code like a human…”
The second type consists of those who already use AI for coding. Again, in my space, these would be people who already have AI agents coding.
I’m in the second camp, where we’re increasingly using autonomous AI agents. Further, I have never seen a productivity boost like this in my life, and I don’t expect to see anything similar again.
In my mind, I compare today’s shift to watching “Mad Men” and seeing only paper and rotary phones on the desks. Every time I see it, I wonder how people could work like that. Having a laptop without a desk sounds totally fine, but having a desk without a personal computer feels absolutely useless.
It is important to note that the current paradigm shift is two-phased. The first phase was synchronous work with AI. I assess my own productivity gain in programming when working synchronously with AI (using something like Windsurf, Cursor, or the Claude Code extension) at a single order of magnitude.
However, the second phase is Agentic AI. Essentially, this is where autonomous agents read tickets and build code. That second phase is being actively explored right now, and it gives at least one more order of magnitude of productivity boost when done correctly.
Agentic AI is not a solved problem yet, though. I can name the following areas that are all in play right now (and this is a non-exhaustive list):
- Agent Orchestration Harness (this has many similarities to the multithreading problem)
- Token Economy
- Security & Governance
I focus mostly on the Security & Governance piece and a little bit on Orchestration. There are mainly two schools of thought in relation to Security right now:
- Checks on individual actions by agents (evaluate each action, and prevent it if you see anything malicious)
- Sandboxing
I believe that today, in 2026, only sandboxing can serve as a primary control. Essentially, it is impossible to predict every action that an agent may take, and when I read about checks on individual actions, I always think about parental controls. Maybe such controls work now (though I’m not sure about that), but in the early days they never worked. Kids would almost always find a way to break them. Also, kids were usually smart enough to circumvent those controls only when parents were not around, so they could access protected content repeatedly.
Sandboxing is a totally different model – it’s based on the premise that the agent lives in an environment where it can do anything it wants and still do no harm. This is what I call the Zero-Trust Model for AI Agents, and it’s the philosophy we’re building ReARM around.
A practical prototype that I have working – and will be showing starting next week – is an agent running on a VM with limited permissions that can use ReARM’s new DevOps module to build and automatically deploy what it is allowed to, then run the test suite, verify, and deliver its work in a complete Pull Request.
Whatever the agent commits, the code will never reach higher-level environments (i.e., staging, production) because the releases are gated by lifecycles and approvals managed by ReARM. Some of those approval controls may even be owned by other agents. We can even put automated rules in place, for example automatically rejecting a release if critical vulnerabilities are discovered.
Six years ago I wrote a piece “Take The Fear Out Of Git Push“, about how to give human engineers the freedom to move fast without fear of breaking production. The answer wasn’t to watch every keystroke, but instead to put the right guardrails on the path between commit and production: reviews, gates, lifecycles, approvals. Today, the same applies to agents. We don’t need to police every action they take; we need to treat them like any other contributor, with proper governance and gating. That’s what ReARM does.
The Paradigm Shift is here. A few years from now, watching a team cod and review every commit manually will feel like watching the Mad Men office – quaint, slow, and impossible to imagine going back to. The question isn’t whether agents will be doing the work. The question is how fast each of us will adapt. I’ve been building ReARM in different iterations for seven years. The earlier versions were for humans. The current one is for agents, and it looks like the agent use case is what the whole thing was always quietly heading toward.
When a paradigm shifts, everyone goes back to zero.