▮▮▮ The Warmup · Worked sample ▮▮▮

Walkthrough.

Setup, brief, and source management on one synthetic profile.

Product Leader mode · Financial Services · a cloud security startup

Phase 01

Setup.

First run

You have never run the Warmup before. It walks you through four questions, builds your source suite, shows it for review, and saves your config to WARMUP.md at your project root.

Start with
warmup setup
Which mode fits you best? CISO Mode is built for security executives — threat intel, CVEs, sector advisories. Product Leader Mode is built for PMs and CPOs — competitor moves, market signals, AI releases. Custom Mode is for anything else. What does your morning look like?
product leader. fintech security startup. want competitor moves, funding rounds, AI tooling
Product Leader Mode. A few quick questions. What's your product area — what specifically are you building?
cloud security platform. compliance automation, threat detection for financial services
Got it. Who are you watching? Name your main competitors — 3 to 6 is enough to start.
Wiz, Orca Security, Lacework, Snyk, Datadog Security
Building your source suite now. I'll pull from Tier 1 regulatory sources, analyst firms, and the competitor newsrooms. One more: any specific people you want to track — execs, analysts, investors in your space?
not for now
Deliverable · Config

WARMUP.md · saved to project root

Source suite ready. 22 active sources across 4 tiers.

Product Leader · Financial Services · a cloud security startup

Tier 1 — Authoritative
SEC EDGAR · CISA Alerts · NVD CVE · Crunchbase
Tier 2 — Research
Gartner · Forrester · CB Insights · a16z · Anthropic · OpenAI Blog · Google DeepMind · arXiv cs.AI
Tier 3 — News
TechCrunch · The Verge · BleepingComputer · SecurityWeek · Wired · Hacker News (YC)
Tier 4 — Vendor Intel
Wiz Newsroom · Orca Blog · Lacework Blog · Snyk Blog · Datadog Blog

Phase 02

Run the brief.

Each morning

Config is saved. Now you run it. The Warmup reads your sources, runs the link safety verification, synthesizes the five sections, and delivers a live HTML document. One line in chat. The brief is the artifact.

Start with
run warmup  or  start my warmup
Deliverable · Brief

Product Leader · Friday, May 15, 2026 · Last 48 hours

5 sections · 22 sources · 10 domains scanned · all clear

a cloud security startup · Financial Services

Company Intel
No new SEC filings or press releases in the last 48 hours.
SEC EDGAR, Company Newsroom Tier 1
Clean window. Nothing to flag before the morning standup.
Competitor Moves
Wiz expands platform to cover AI workload security — new capability announced at RSA.
Wiz Newsroom Tier 4
Coverage includes model inference endpoints and training pipelines. Positioned as an extension of existing CNAPP. Watch for customer adoption signals in G2 reviews over the next 30 days.
Snyk raises $150M Series G at $7.4B valuation, accelerates into enterprise compliance.
TechCrunch, Crunchbase Tier 3
Round led by existing investors. Stated use: enterprise expansion and regulatory compliance tooling. Direct pressure on compliance automation positioning.
Lacework lays off 20% of workforce, consolidates product lines.
The Information, BleepingComputer Tier 3
Second reduction in 18 months. Platform consolidation suggests they're narrowing to core CNAPP. Potential opportunity to pick up displaced customers.
AI and Tooling
Anthropic releases Claude 4 with extended context and improved code reasoning.
Anthropic Tier 2
200K context window now standard. Relevant to detection-rule generation and compliance doc summarization use cases.
GitHub Copilot adds security vulnerability scanning to pull request reviews.
GitHub Blog Tier 2
Now flags OWASP Top 10 issues inline. Could shift developer expectation of where security feedback lives — worth watching for positioning impact.
Market and Funding
Gartner publishes updated CNAPP Market Guide — consolidation trend accelerating.
Gartner Tier 2
Report cites 40% of enterprises planning to reduce security vendor count by 2026. Platforms with integrated compliance and detection favored over point solutions. Useful data point for enterprise sales conversations.
DORA compliance deadline extended 6 months for Tier 2 financial institutions.
European Banking Authority Tier 1
New deadline: January 2027. Extends the window for compliance automation selling motion in EU-headquartered financial services accounts.
Social Signal
Security engineers on Hacker News debating whether CNAPP vendors oversell detection accuracy.
Hacker News (YC) Tier 3
Thread has 140 comments. Consensus: false positive rate is the #1 evaluation criterion. Unverified community signal — but consistent with what we hear in customer calls.
Link Safety Verification 10 domains · 11 urls · 0 flagged
wiz.io Clean
techcrunch.com 2 urls Clean
crunchbase.com Clean
theinformation.com Clean
bleepingcomputer.com Clean
anthropic.com Clean
github.blog Clean
gartner.com Clean
eba.europa.eu Clean
news.ycombinator.com Clean

Phase 03

Manage sources.

Anytime

Your source suite is yours. Add sources you find useful. Exclude ones that are quiet or off-topic. The Warmup shows the proposed change and confirms before writing.

Examples
show my warmup sources add The Information to my warmup exclude Orca Blog from warmup
exclude orca blog from warmup — it's been quiet for months
Orca Blog is currently active in your Tier 4 sources. I'll move it to Excluded Sources — it stays listed but won't be fetched in future briefs. Confirm?
yes
Done. Orca Blog moved to Excluded Sources. Your WARMUP.md is updated. 21 active sources remaining.

Know what moved. Then go move things.