The “Adobe Gap” is closing and opening a security black hole in the process.
Most SaaS companies thrive in the Adobe Gap. This is the friction between an employee needing one specific task, like merging a PDF, and not having the budget or the patience for a six-month procurement cycle.
The vendor argument is that you buy platforms, not features. But for a technical generalist with a deadline, a platform is just overhead. If they only need that feature once a quarter, they won’t ask for a license. They’ll find a shortcut.
I’ve spent my career in cybersecurity and IT operations. I’m a technical generalist, not a developer. My coding usually topped out at a 20-line script or some complex regex for data handling. Anything bigger meant a proper tool and a procurement process that took months.
That changed with the November 2025 AI inflection point.
For those of us watching, that was the ten-day window where the industry crossed an invisible capability line. GPT-5.1 introduced adaptive reasoning, Gemini 3 Pro integrated natively with the browser, and Claude 4.5 finally broke the 80% mark on autonomous coding benchmarks. AI moved from being a chatbot to being an agent.
Recently, I had a PDF task that needed a license I didn’t have. Before November, an AI might have given me a guide on how to do it manually. This time, it just wrote the raw code to do the job directly. It built a bespoke solution in seconds.
The code wasn’t professional-grade. A senior dev would probably wince at the logic. But for the vast majority of business needs, “it works” is the only metric that matters to a frustrated employee.
This is the reality. It’s the death of utility SaaS and the birth of a massive shadow IT crisis.
When anyone can prompt a custom tool into existence in thirty seconds, the procurement barrier disappears. So does the security perimeter. We are looking at a future of disposable codebases: thousands of “good enough” scripts running critical data with zero patch management. We’re seeing tech debt buried in local environments that no security team will ever audit.
The November shift made the cost of solving your own problems effectively zero. But it also made the cost of creating your own vulnerabilities zero, too.
If your software solves a problem that can be scripted in a single prompt, you don’t have a product. You have a countdown timer. And if you’re a CISO, you don’t just have a shadow IT problem. You have an invention problem.