Introduction to the Alphalist Podcast -- Tobias Schlottke: Welcome to the Alphalist Podcast. I'm your host, Tobi. And the topic for today is SaaS. Meet Sabrina Farmer: GitLab's CTO -- Tobias Schlottke: DevSecOps with Sabrina, and today with me, Sabrina Farmer, CTO of GitLab. GitLab is well known, I think, to our guests. We have like seven billion of market cap, um, in yours. No, the public market, I just checked. Uh, congratulations. Tobias Schlottke: But yeah, thanks for being my guest.
Sabrina Farmer: Thank you, Toby. I'm excited to be here. Happy to talk about what GitLab's doing or anything in the DevSecOps space. Tobias Schlottke: Yeah. Maybe we first start with you. Sabrina's Lego Hobby -- Tobias Schlottke: Um, like for the people that can't see you right now, you have a ton of Lego in the background. Is that, is that your hobby or what?
Sabrina Farmer: Yes, maybe I have a Lego problem or I love them. I love them. I build them every weekend. I love to create new things. I love to find new sets. Uh, and it's a real conversation starter. Everyone who has a meeting with me discovers something new in the background. So it's a good icebreaker.
Tobias Schlottke: And what, what, what do I see there? Like, what is the weirdest thing? I mean, there's the GitHub, GitLab logo, obviously. There's like huge lego heads, like, I don't know, like a football, um, Sabrina Farmer: robot. Tobias Schlottke: crazy. When, when did that happen and why?
Sabrina Farmer: I mean, I've always been A big fan of Lego and like figuring out how to build things on my own. Um, but I think when COVID hit and, you know, we were really locked in, I think my collection really boomed cause I could get them shipped. And I could do them every day if it was a problem. Tobias Schlottke: So home office worked well for you. Sabrina Farmer: Yes. Yeah. Remote Work at GitLab -- Tobias Schlottke: And it still does because at GitLab you're fully remote, right?
Sabrina Farmer: we are, we are fully remote. And they've always been remote, so it wasn't something that started, um, during the pandemic. SID started the company This way. And, you know, when I joined, I think one of my favorite things someone said to me was, we work with the best talent anywhere in the world.
Sabrina Farmer: And, um, I've really discovered that to be true, that they really embrace us. Asynchronous work and, and getting the best out of their people, which means being flexible about the hours in which they work. And I'm amazed at how great it, it is working in this way. And I think, you know, I worked remote before during the pandemic, but I didn't appreciate, Um, how different it could be when you fully embrace it. Sabrina Farmer: So kudos to Sid for discovering this early on.
Tobias Schlottke: I guess, um, GitLab was then like one of the first or first and biggest companies to really adopt at large scale, right? Building Trust and Accountability at GitLab -- Tobias Schlottke: How does, for you, you guys, like, how does trust work, um, in that, um, like in the personal relationship, but also, um, on a, on a work level? Like, how do you make sure that accountability and, and, and trust really, really works?
Sabrina Farmer: I think that, you know, it's more, we write our values out, but I think what's impressive is that people really live by the values and they hold each other accountable. So everything is, is documented in the handbook. And, you know, if you. do something that's that people feel like is not true to the handbook, they will call you out on it and, and say, look, if you want to do something different, update the handbook, communicate what you're doing.
Sabrina Farmer: So it's not like you can't change here. It's just like, make sure people know what's going on and the why behind. You know, doing something different so that they can embrace it and support you. And so, I mean, I think it's a commitment at all levels that people have here.
ReadMe at GitLab -- Tobias Schlottke: Um, I, I still remember I had the former CTO Eric in the podcast as well, and he basically, I think he told me about your read me, um, idea that like everyone has a read me and you basically document like your, all your, your personal, uh, let's say special things is that, does, does that still exist? Sabrina Farmer: It's optional. It's Tobias Schlottke: That's optional. Tobias Schlottke: Okay. But I guess your readme then says something about Lego or?
Sabrina Farmer: Uh, I think that's pretty obvious the first time you have a coffee chat with me. Um, you know, I didn't publish my own readme. Um, I don't think that's unique to GitLab. I have worked with other people who felt like they needed to document their readme because their style was not the norm. And, you know, I think it's great when you do it.
Sabrina Farmer: I, I try to be very flexible, um, with, you know, I want to know what you need and, and try to flex to that so that I can get the best out of it. out of you. Um, that doesn't mean I don't have my own quirks. I'm pretty sure I have my own quirks. I think it'd be hard to document it though, Tobias Schlottke: yeah, Tobias Schlottke: we'll find out throughout the episode what what your own quirks are. Problem Solving and Computer Science --
Tobias Schlottke: Um, maybe, uh, like, yeah, briefly starting with with your earlier career. I mean, you have a crazy history. I think you, you know, You worked for NetSuite, you worked a lot for Google, you've even been like Vice President, SRE at Google, et cetera.
Tobias Schlottke: Like that's, that's like exciting. It seems to be like a lot in kind of infrastructure space, um, and, and SRE. Um, when did you discover, let's say that, that, that superpower, um, for, for infrastructure and why, like when, when, when did you get into computing and why?
Sabrina Farmer: know, I think a lot of people, especially more so my family than anybody else, is surprised that I got into technology. You know, I think it's important to know, like, I didn't grow up with a computer, you know, I wasn't born with it, but what I, what I am is a problem solver. Like I loved puzzles and, um, Word games and like, you know, you got to figure out how to unlock certain things. Um, and then when I was in university, computer science was essentially for me the study of problem solving. Um, so like most people, when I graduated, I started out as a software engineer. Um, And I did love it. Like I think for me, writing code felt like I was able to solve lots of different problems. And so I did enjoy writing code, but I got into the infrastructure space and operation space because I felt like I got to solve problems at every layer of the stack, you know, and that complexity, was a driver for me.
Sabrina Farmer: It was really motivating. And, you know, sometimes I could debug the backend or the database. Sometimes it was the front end. Sometimes it was the network. Sometimes it was the operating system. And so that, uh, diversity, of problem solving was really what drew me into production. And I think if you work in the production environment, infrastructure is just something you have to learn how to navigate, you know, starting from first principles and you get really good at it.
Sabrina Farmer: And so it's pretty normal to move into infrastructure, um, later on or any kind of specialty. I think when you work in production, you get to discover all the connective tissues of the different applications you work on and that gives you a lot of opportunity to learn what you really love. Like I think people that have worked in production I've seen go and really deep into security because they became fascinated with that aspect or went and started privacy programs because you get to see sort of where those patterns are. that, that those leaks can happen. And so I think you bring that insight and, and can specialize it for companies. Um, but yes, uh, prior, I've been at GitLab now for six months and I was at Google for, um, almost 19 years. I think it's interesting cause GitLab's about the size of Google when I started. And so the idea of getting to be part of that growth again was exciting. Exciting to me. And I think GitLab's mission of, you know, helping companies be more efficient in how they deliver their software. I did a lot of that at Google and for Google's products. I worked on all of Google's billion user products.
The Appeal of GitLab's Mission -- Sabrina Farmer: But what's exciting about GitLab is being able to help companies all around the world scale how they're delivering software, make it more efficient, make it safer. And so I felt like GitLab was the perfect fit for me and I have not been disappointed.
Tobias Schlottke: I think like the, the interesting. Aspect from my perspective about GitLab is also that you can basically help that many companies to kind of influence Positively influenced their infrastructure and the way they develop applications, right? Um, that's what, what I find, find appealing. I mean, if you just come from like operating your own life environment, et cetera, and, and, and then all of a sudden you can.
Tobias Schlottke: Influence everyone else's in a way, like indirectly through the code, through making people more productive, through letting people, putting people the right goggles on. Um, I think that's what, what would fascinate, fascinate me.
Sabrina Farmer: Yeah, it makes it really worthwhile, you know, the every day coming in and, and what I like about GitLab's approach, right, is we're not like telling enterprises all around the world, like, you know, do it this way, the one way, our way, we really try to partner. with them. And, you know, what is it that your industry needs?
Sabrina Farmer: What are the challenges that you have? We have the ability to co create with them, you know, because our software started out as open source, and we allow contributors into our code base, right? We have a lot of Um, Gates to make sure that those contributions are useful and safe and all of those things, but we can build together, um, this next generation of, of the platform. Sabrina Farmer: I Helping people go beyond their limits --
Tobias Schlottke: And, um, in our pre discussion, you, you mentioned that you really like to, um, push people across the limits and, um, I think you can, you can, you can do that. Like. at first at GitLab, but through, through the software also, uh, like in every, every other company. Right. Um, how does that feel?
Sabrina Farmer: mean, I, I've always liked helping people see past their own limits, you know, I like to bring transformational change and that's what I, was looking for in, in my next role. And I think that GitLab is in a position to help people evolve the way that they work and do it in a way that makes them feel safe because we do it as a partnership with them. Um, but there's been so many changes in the industry. You know, if you think about the last decade, you know, a decade ago, computing in the cloud was only for a few companies and now everybody. is moving to the cloud or thinking about like, what's that strategy? And then today, you know, you bring in AI and everyone's looking for their, what is my AI strategy?
Sabrina Farmer: I need to have an AI strategy. And I feel like that's one of the things we think about at GitLab is like, how can we help people develop their AI strategy, but do it safely? And Make them comfortable and help them understand the responsibilities that come with it and accept the responsibilities ourselves to help them adopt it in a really responsible way. on behalf of their users, Sabrina Farmer: right? AI Strategy -- Tobias Schlottke: What is, what is then your AI strategy
Sabrina Farmer: So, uh, you know, GitLab has Duo, and one of the things we're doing with Duo is, of course, we have chat and code suggestions, but we're trying to bring AI across the entire So from planning, you know, you can look at your issue database and have it summarize it or have it deduplicate like what's in your backlog. So we have all of these tools to help the planners and managers organize their work. And then for the software engineers, you know, help them. Get started with the code, help them write tests for their code, um, secure their code, scan their code to make sure that it doesn't have any known vulnerabilities.
Sabrina Farmer: If it does highlight that, educate the software engineer so that they can fix it at the time of writing the code, as opposed to historically, I think most people have worked in production. You discovered the vulnerabilities after it's out. in, in the wild. And, Sabrina Farmer: and that's Tobias Schlottke: FTP'd into the production server and edited your files? Yeah.
Sabrina Farmer: And then, you know, so looking at the entire platform and then like, how do you bring AI to, you know, your monitoring stack and what insights do you get? And so we're trying to think it about it holistically and bring the technology. to our customers for the entire software development life cycle.
Tobias Schlottke: And does it mean you also come up with monitoring systems, et cetera, et cetera? Or do you typically partner with, with them? Like, do you typically. integrate with Datadog and New Relic and all the others, or like, how does that look like?
Sabrina Farmer: So we have our own observable observability solutions. Um, but customers can choose, you know, to have, you know, if they use Datadog, they can integrate it into the systems. We understand that that's what they need, but what we're trying to do with the DevSecOps platform at GitLab is help you reduce the number of different solutions that you have, because.
Sabrina Farmer: As you do that, you have to then integrate it back. You have to integrate all these tools together and having, you know, been in places where you adopt lots of different solutions and then you're trying to tie it all together, what you end up doing is having to create really large teams who now own managing these integrations and keeping track of how all these different solutions evolve over time and do they comply with your policy? You know, you got to keep up to date on that stuff. It's not just. At the time of purchase, you know, software evolves over time. And so you have whole teams for this. And I think, you know, Sid recognized early on that you can be much more efficient if you can integrate all of these tools into a single platform.
Sabrina Farmer: You have a single team to manage that for you. Um, and, you know, you have GitLab helping you. And so, You know, we have people, we have users who are on self manage. We have users who take our SaaS where we'll manage it. We'll manage it for you, your entire integration. And, um, you know, but there's, there's lots of different needs that we try to meet the customer where they're at. Sabrina Farmer: I
Monolith vs. Microservices? -- Tobias Schlottke: Sounds a bit as if you're more like pro monolith than pro microservice, eh?
Sabrina Farmer: mean, I think we are, uh, I don't think we're pro anything. We recognize the need for, for both of them. I would say having. Managed both, I think, at, you know, while at Google, I had to break up lots of monoliths over time, and, and I can tell you that sometimes you can go too far, you can, um, create too many microservices that, you know, give you a different kind of complexity, hard to rationalize with complexity, so there's pros and cons to both sides.
Tobias Schlottke: Well, I have to admit, like, at least in my mind, the trend kind of de accelerated a bit, right? Like, they're It's not for everyone, right? And especially a solution that needs to be like GitLab, that needs to be flexible and easy to maintain and install. Um, I don't know. It would be weird if you come with, uh, I don't know, a swarm of Docker containers that, um, all independently communicate with each other through some service mesh. Tobias Schlottke: I'm not sure.
Sabrina Farmer: Exactly, exactly. Ruby -- Tobias Schlottke: And, and your whole stack still runs on, on Ruby, right? I
Sabrina Farmer: Yeah, so it, it started out as, as Ruby. I think when you, you know, for an application developer, Ruby can abstract a lot of complexity away from you, um, and help you build and, and iterate very, very quickly. And then over time, you know, it, it can, as you scale, run into limits. And I think you have to manage through Those limits, but you don't throw the baby out with the bath water, right?
Sabrina Farmer: There's a lot of, a lot of advantages to it, but you know, we have a mix of, uh, different development here at GitLab. Tobias Schlottke: can imagine. Yeah, it evolves. Right. What is DevSecOps -- Tobias Schlottke: But, but back to the, to the idea of DevSecOps, could you quickly explain it? Like not everyone's familiar with the term, I think.
Sabrina Farmer: Yeah. So, um, as you're building software, right, you have your software engineers and they're all building different parts. And so you need to integrate all of. The code together, you need to build it and then you need to deploy it and you also need to secure it. So in a lot of different environments, some people have different teams that do all those different things.
Sabrina Farmer: And each of those teams can select their own tools or create in a lot of, in a lot of places, people create their own way of, of doing that. And over time, it gets more and more complex. So what we try to do is streamline it all end to end. And over time, we've filled to the gaps, right? So it's not just about build the software, integrate the software, and deploy the software. We realized, like, you want to get early, earlier on in that development life cycle, right? So build in planning and design and integrate all of these tools together, and that's what GitLab does. So it takes it from early planning out to deployment.
Tobias Schlottke: Which means that you basically have issue tracking, you have like a whole platform, you don't have the systems to deploy them, like you don't have a cloud, right? But, but you basically have the right, like, tools to measure your application and production, as you said, as you stated. And, um, is it still, um, I mean, GitLab comes from Git and Git is, is a VCS, is it still focused around the code mostly, or like, does it all evolve from the code?
Tobias Schlottke: I mean, I guess the, the, the best spot to find like early indications for security issues, for example, is still ~GitLab.~ In many cases, the code. Um, and if you run infrastructure and code, then you can also spot it in the code, like, or many, many issues in the spot. Like how's that these days?
Sabrina Farmer: Um, I mean, I think that, um, You know, identifying the vulnerabilities, right? We try to do it earlier on. So as people are coding it along the way, but as we understand the patterns, right, for, uh, for vulnerabilities, we can start to catch them earlier in the cycle. So when you're writing code, you can scan it.
Sabrina Farmer: When you're writing code, you can scan it when all it's fully integrated. So you can see those, um, the connective tissues, the vulnerabilities that happen in between. Those pieces. And then, um, and so not just after deployment, do you identify those patterns, right? That's too late and it comes at the expense of your users. Sabrina Farmer: And so we're trying to pull it in earlier.
Tobias Schlottke: That means basically most common example, I guess, is credentials in code still these days, or Sabrina Farmer: I think, you know, people have learned a lot of lessons of that, right? You want to Sabrina Farmer: be scanning your
Tobias Schlottke: learned. Yeah. Sabrina Farmer: Um, and so identifying that for people and trying to get their secrets out of Code and give them other options for that is definitely a pattern that, you know, many people have learned the hard way and we try to circumvent it for, for our customers, you know, as they onboard, we can highlight these things. for them and help them secure over time. Tobias Schlottke: And that's, that's actually a good, good thing to have.
Creating Teaching Moments for Developers Using AI -- Tobias Schlottke: And what, what, what other patterns do you have and what, what are the ones you're most excited about? Sabrina Farmer: Um, patterns in security or in Sabrina Farmer: how people are Tobias Schlottke: security and security and, uh, well, your whole DevSecOps cycle, like, um, what, what are the best spots where you think, like, it's like people don't know about it and everyone should know,
Sabrina Farmer: I'm most excited about is that, um, I think a lot of what we're doing today, right, especially integrating the AI, is that we're, we can upskill the developer And, and teach them as they're writing the code, right? Like, Hey, you're writing vulnerable code and this is why, right? And you capture that moment. where they can learn, right? And not, and not repeat it over time. I think if you think about when I started my career and you learn it in production and you write a post mortem and you try and put some controls in place to not have it happen again, Especially because I worked on so many different product areas, um, you'd learn it in maybe one product, but that doesn't mean that your second product or third product was going to learn the same lesson. And I think that by putting it, built it into the platform, these moments of education It's going to change the way people work. It's going to raise the bar and level of the talent that you have. And I think that's what I'm most excited about. So it's not like one particular vulnerability. It's like, oh, yeah. We've caught a moment to teach someone that like, Oh, that's the buffer overflow or, Oh, that's your, your, your sending, um, a raw command in, and that's gonna, you know, exploit it, or, Hey, you're actually gonna, you know, risk your credentials, right? That there, there's some oversharing here. And, and it's those moments that I'm really excited about, um, because now everybody can, can, become more secure savvy, which is important.
Tobias Schlottke: which Sabrina Farmer: And hard to scale, Tobias Schlottke: right? Sabrina Farmer: really hard to scale. And I think that lots of companies try to do it with education. And I think that when you can build it into the tools, which is what we're trying to do at GitLab, I think that's really where the power is.
Tobias Schlottke: So, I mean, education is still required for everyone who's not working in code, right? I mean, the. The human error is still, I think, the biggest weakness in the chain. And, and that like necessarily doesn't, doesn't only affect coders, but, but I think the biggest impact is still like the, I don't know, the guy that walks into a company and says, yeah, I have to, I have to look at your, your server room.
Tobias Schlottke: Like, let, let me, let me check, let me check your, your data center. I'm working here. Sabrina Farmer: I haven't yet solved social engineering, Toby, but, uh, give me some time. Tobias Schlottke: Okay. Future of Security in Next 5 Years --
Tobias Schlottke: Um, what do you think, um, security will look like in five years? I think like, I mean, social engineering will most likely stay there. But, um, like when you look at your, the space where you can be active and where you can influence, um, the, the, the world of security of tomorrow, like how do you think it will look like? 1. More Data Privacy Aware --
Sabrina Farmer: Um, I think that people are becoming more privacy savvy. Right, and I think how people are managing data is a really interesting opportunity. You know, I think that for a long time, building data agnostic systems were very powerful, right? It really helped large tech companies. do more, use the same technology in lots of different ways.
Sabrina Farmer: But I think that, you know, privacy is something that you should feel deeply responsible for. And so I think as people are writing code and managing data, I think the future is, um, protecting that data along the way and not just relying on infrastructure to secure your data. I think that it's going to be something that's built. more into the code, um, and how people are managing and thinking about data. And I, I think that has always been an, um, a rich, um, space for people. And I think often how you manage data too often is, um, an afterthought, like, what is this data? How am I processing? Who am I sharing it with? And I think that, um, Governments have picked up on this and, and put more restrictions on how you can manage data. And I think that we've thought about that and being able to build a policy engine into, you know, GitLab has been really important so that you can put like, what does compliance look like? And how can you ensure that, you know, That all of your software engineers are building compliant code, and we can put those policies and controls at the hands of the security administrators.
Sabrina Farmer: . And the more we can help companies embrace that, the more excited I am about our platform,
Tobias Schlottke: Well, I still remember when GDPR hit, like, um, it was kind of a surprise where most developers I know, um, actually thought, well, hmm, I don't know if this is like meaningful, but it in a, in a, in a, in an interesting and positive way influenced the, the world, how we think about data, right? Um, Gitlab's CEO Challenge: Encourage developers to innovate and automate away historic challenges like Log4js --
Sabrina Farmer: for sure. Yeah. And I think also, you know, with a lot of the AI technology that's coming out, you see a lot of opportunity to automate. A bunch of this stuff. And I think, you know, Sid saw this early on. We had a summit earlier this year and he always does his CEO challenge. And, you know, he threw out the challenge saying, what if, what if log4j hit again?
Sabrina Farmer: And, and for people who don't remember what happened in log4j, it was a lot like the GDPR fire drill, right? Where all of a sudden you had to figure out where am I vulnerable? Where am I using this stuff? There was a lot of people. Searching code and looking for things and then evaluating what was running in production, even at the biggest tech companies. It wasn't an easy question to answer. And so at the summit, Sid said, if this happened again, can, can the platform you know, solve this problem for our customers. And that went, at first I saw how broad he went with the solution of like, find the vulnerabilities, fix the vulnerability, report on the vulnerability and the scope and then, and then roll it out.
Sabrina Farmer: And I was like, Oh my God, that took an army of people in, at the time that we had to look up Log4j. And I was like, that's really hard. We only have a few days to come up with the solution. And. I have to say the engineering team came together with the security team. They knocked this out. So we had a demo in like three days that we could show that we could do this, that a vulnerability report could come in and you could come in in the morning and have an entire inventory of where you were vulnerable, have the MRs to examine how to fix the problem.
Sabrina Farmer: And then you could trigger a button and roll it out if you chose to do that. Um, but I was, I was amazed. And I was like, this technology has come so far and it really showcased the power of a platform, right? And having all of this stuff integrated together, and that's really what's going to unlock a lot of efficiency, improvement, and, um, confidence, right?
Sabrina Farmer: That you are. Um, able to build safe software that is compliant. You can respond quickly to security alerts and your users can trust that about you because you can certify it. Tobias Schlottke: Did you, did you roll out that, that prototype that you built there? Like, did you really ship it as a product or is that part of your solution now?
Sabrina Farmer: Um, we have talked about it, right. In, in, uh, part of Duo's workflow and, um, you know, our teams showcase the different things that they can do, but I think it's an exciting evolution. Um, and very practical in, in how I can, um, be useful to companies. And I love the ideas about how would you use workflow?
Sabrina Farmer: That's been really exciting to hear the different ideas of how to streamline things that you used to have to hire for. Um, or hire contractors for, um, that's the real opportunity with, you know, all of these automation tools that are coming out, um, leveraging AI. Choosing AI models --
Sabrina Farmer: And, you know, the AI models and the different companies investing in it, they're improving the context windows all the time. And so with a little bit of patience, like more and more, it enables you more and more. And one of the things we do is we get to be model agnostic. We get to pick the model that best suits the problem space.
Sabrina Farmer: Um, And that's been really powerful and we get to partner with the different model providers to learn about what's coming and how to best leverage that responsibly for our users. I do think that as you're, as leaders are thinking about adopting AI, you have to think about, all the consequences of your choices.
Sabrina Farmer: And, uh, we recognize that early on, and that's why, uh, GitLab published the AI Transparency Center, so that you could see, like, this is what we're holding the models accountable to. This is what we certify. Make sure that your data doesn't go out of the system, that you understand how it's being used, because, uh, You know, if you go out on your own, you have to do all of this diligence independently, and we try to help you cover that, uncover that, and build it into your contract so you can have confidence that we're making these choices.
Sabrina Farmer: responsibly. Getting developer buy in with AI -- Sabrina Farmer: I think there's no one answer to that. I think it's all of the above. I think you have people who like change. They see change as opportunity. And so AI, they're on their own. They're like, what can this do for me? How can this make my life simpler? And then you, you have the other end of the spectrum where they're like, You know, AI is going to get rid of me and it's going to eliminate my role.
Sabrina Farmer: And, and, and, and fear can, can feed in there. I think that, you know, I think it will change the way that we work. I don't think it will eliminate, you know, um, jobs in the same way that maybe sometimes is reported into the press. I think what, what I've learned in trying to get people to embrace it, adopt it and learn, learn from it is, um, I've started at the top.
Sabrina Farmer: So I took my senior leaders and I said, you need to go figure out how, how you use Duo every day. And then you share that story with the team. And then we'll ask the team to share how they are. leveraging it and what lessons that they're learning. And so it became this, um, a much more positive, like, Hey, this was useful to me.
Sabrina Farmer: Let me share it with you. And so people started to learn from each other and, and share stories together. And that actually helped us also improve the product, right? Because someone was like, Hey, this wasn't useful at all. And here's a video of me trying to use it. And that became motivation for the teams developing that was like, Oh, that's not the experience we wanted.
Sabrina Farmer: Let's, let's figure out how to make this better. Um, and then you get like, you get kudos. And so then you're more encouraged, right? There's a positive feedback loop for embracing this technology. And I think that's really helped us internally at GitLab. Use AI to free you up so you can think strategically --
Sabrina Farmer: Yeah, it really can be, to your point, it can be an accelerator for you, right? For me, I find that it frees up a lot of that startup cost, right? It frees me up to do that, and I get more time to do deeper, deeper thinking and more strategic thinking. Like, I don't think AI is strategic, right? I don't think
Sabrina Farmer: Today, today it's not strategic, it's insightful, right? And that can accelerate what you decide to do. Um, but it, it is just a tool. It is just, um, a helper for you. Um, and I think that that's, I'm excited to see where people take the next generation of products, right? Into, um, how, um, We think and interact and, and perform and get our jobs done.
Sabrina Farmer: I think that's more exciting. Um, and I think you can be a part of it if you're embracing this and, and looking at it as if it's an accelerator. Like, how can this accelerate what I want? Um, And I think if you approach it that way, one, you'll get a lot more out of it. And, um, you'll be intentional about what, how you use it. Use AI Responsibily - do due diligence --
Sabrina Farmer: I do think, you know, you highlighted something is like people who think AI just solves the problem and, and, and you don't have a responsibility to make sure you understand what it did or check what you, what it did. I've seen people say, Oh, the AI is going to test my code. And, you know, they throw their code over and.
Sabrina Farmer: The AI says all green, right? And then you learn the hard way if you push on, on green. So, you know, you still have, um, you still have a lot of responsibility and accountability to even trusting the AI. And that requires some diligence on your part. And I think you have to indoctrinate that into your organization to feel accountable to, to do due diligence with this technology, because it is still in its infancy.
Sabrina Farmer: At least generative AI is still in its infancy, even though AI has been around a long time, and people are using it for the first time. And we're going to discover a lot about what it's good for and what it's not good for. And I think people should set their expectations for that. You know, you can adopt this AI tool and then be disappointed, but you should be like, what is the opportunity that's coming? The Importance of Documentation and Transparency --
Sabrina Farmer: I think that there is a strong culture, a strong handbook culture here, um, to document, to be very transparent, um, in order to do exactly what you said, right? Like, there is, it's very easy to rely on tribal knowledge. I think a lot of companies, um, Do that. And it takes a long time to onboard people when that's the kind of culture and environment that you're fostering.
Sabrina Farmer: Um, everybody's got to keep everything. And I think at GitLab, it's handbook first, right? If it's not documented in the handbook, you can pretty much expect people are not going to consistently And I think that they, they indoctrinated the teams very early on. So when you onboard, you get a reading list, right?
Sabrina Farmer: You get a checklist of like all the things you need to look at. And I think as a manager, as things evolve in your team, you have a responsibility to go and make sure your handbook pages are up to date. And I think that, We have a lot of tools that, you know, as you do an issue or as you write code, it will automate making sure the documentation gets updated along the way.
Sabrina Farmer: So it's not an afterthought, right? It's part of your process and your workflow. And these workflows are defined in a very intentional way. I will say it's a bit of a culture shock, you know, coming from an environment where you're like, Oh, we had it all figured out. And then you come somewhere. Where, um, no, they live by, if there's not an agenda, there's not a meeting, right?
Sabrina Farmer: And that agenda is like 24 to 48 hours ahead of time so that your global team sees it. And we record meetings and meetings can now be transcribed. So there's no excuse for, you know, not knowing what's going on. And, um, You know, luckily you can watch meetings in like one and a half, 2x time, so it doesn't take as long to do it asynchronously, um, as maybe participating in the meetings live, which I think is a, I've really enjoyed it.
Sabrina Farmer: Like, I've learned so many things, and I, I've said this to my team many times, is like, I'm going to be a better leader than I ever was because of, you know, Because of my experience at GitLab. Final Thoughts and Reflections --
Sabrina Farmer: I would Record all your meetings! That's been amazing. By the way, I was really intimidated by it, Toby, if I was to be honest. Um, but I really embraced it. I have just been like, what a huge advantage. But I would say that my top tip for leaders is to, um, to lead with intention. Right, to know, you know, as you're going to ask people to do something, be very clear about why you're asking and what you want to see get out of it.
Sabrina Farmer: Um, and so I think leading with intention is a big one for me. I, I've worked in tech for a long time. I love tech, but for me, the choices that I make. um, need to be in service of something. And I'm, I'm always very focused on the end user, you know, like what will this mean for our users? What does this mean for our customers? Sabrina Farmer: So that we make good technology choices, um, for them first. Satya Nadella as inspiration --
Sabrina Farmer: Oh, that's a fascinating question. Um,
Sabrina Farmer: I would probably pick, I would pick Satya Nadella. And I'll tell you because he's such a different leader, um, for Microsoft, right? If you've, Watched Microsoft's Evolution, um, I think he looks, thinks about things differently and, um, I, I've seen him talk and, and it's pretty easy to get inspired by him, um, of how he thinks about competition and how he thinks about growth and, um, Um, so I'm just curious to have such a large company that does so many different things, like, what his day to day looks like.
Sabrina Farmer: Yeah, I mean, I think, having spent so much time at Google, I have an expectation of, you know, how deep the leaders are into their topic, like, um, You know, you need to be very technical to lead these large scale products, and so, uh, his portfolio is really big, and it's, you know, it's, uh, mature, and so, yeah, I'd be curious about how deep he's in to each of the different products. Sabrina Farmer: Oh, my gosh. Um,
Sabrina Farmer: I I think it would be hard for me to say anything to the young Sabrina and have her believe me. You know, I'm, I'm, I'm, uh, traditionally pretty cynical, you know, and I think, I just would not have believed my future self to tell me You know, that one I'd ever be a CTO, or would be a VP, or would make decisions that affected billions of people, like, and yet that is my truth, um, so I think, I, I don't think she would believe me anyway, right, but I could.
Sabrina Farmer: I would tell her, like, you know, everything you can dream of, you're, you're gonna exceed it, because that's been my experience so far. Um, and I think that's why I'm, you know, back to your point earlier, where you said, I like to test the limits. It's like, I like to say what I think my limit is, and then I challenge it.
Sabrina Farmer: And I think that's been the key for all the things that I've been, that I've achieved. Right, is if I thought, oh, there's a limit here, I always just tested that limit and often would be really surprised at what was possible. And so I genuinely give that advice to people now, is like, try to figure out what your limits are and then, and then test them. Sabrina Farmer: Just try. Sabrina Farmer: Yeah, Toby, super fun.