Foundations: the lens you carry all week
Understand the system you're walking into, and what your job is inside it.
The job, stated plainly
Your job is not to sell an IDE. Your job is to walk into a large company's existing engineering system and show, concretely, two things: where an AI coding tool makes good changes easier to produce, and where it makes evidence cheaper to generate — all without dismantling a control someone needs to keep their job, pass an audit, or sleep at night.
That framing matters because the buyer is rarely the developer who loves the product. The buyer is a VP of Engineering, a Head of Platform, or a CISOChief Information Security Officer. The executive who owns security; usually the hardest and most important person to win over. who has been burned by tools that promised speed and delivered audit findings. They have a delivery system that already works — imperfectly, expensively, but it ships and it passes SOXSarbanes-Oxley Act. A US law that forces companies to keep auditable controls over any system that affects their financial reporting.. Your credibility comes from respecting that system, not from telling them it's broken.
Cursor is not a parallel SDLC. It does not replace your pipeline, your CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship., your branch protections, or your reviewers.
It helps teams execute their existing standards with better context, faster feedback, stronger repeatability, and governed autonomy.
If a sentence you say implies 'throw out your process,' you've lost the room. Reframe to 'execute your process better.'
Hold both halves of the job in tension at all times. Easier to produce is the developer-joy story — the demo, the velocity. Cheaper to evidence is the executive story — the audit trail, the AI-code tracking, the deterministic logs. The first gets you in the door; the second gets you the enterprise contract. A field engineer who only tells the first half sounds like every other vendor.
"We're not asking you to change how you ship. We're making the system you already trust faster to run and cheaper to prove."
Self-check
The five-layer delivery system
Every large engineering org, whether they've drawn it or not, runs a delivery system you can decompose into five layers. Four of them are flow — work moving from idea to running software. The fifth is a control plane that spans all four. This is the lens you carry all week: when you look at any customer environment, you map their tools onto these layers and ask 'where does Cursor make this layer better, and which layer must I never disturb?'
Layers 1–4 are flow: value, engineering, release, operations. Layer 5 is the control plane (separation of duties, ITGC, audit, access) spanning all four. Cursor improves 1–4 and must respect 5.
The four flow layerswhere Cursor adds leverage
Intent: requirements, tickets, designs, acceptance criteria. The 'what' and 'why.'
Cursor leverage: pulls Jira/Linear context into the change, drafts from acceptance criteria, keeps the implementation tied to intent.
The build: writing, refactoring, testing, reviewing code. The dense core of the day.
Cursor leverage: this is the home turf — context-aware edits, agents, tests, BugbotCursor's automated PR reviewer that posts inline findings and can push fix commits from isolated VMs. pre-merge review. The biggest velocity gains live here.
Shipping: CI/CDContinuous Integration / Continuous Delivery. The automated pipeline that builds, tests, and ships code so changes reach production safely and often., build/test gates, environment promotion, change approval (CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship.), feature flags.
Cursor leverage: generate and maintain pipeline config, IaCInfrastructure as Code. Managing servers and cloud resources through version-controlled config files (e.g. Terraform)., release notes, and the evidence that gates were satisfied.
Running it: monitoring, incidents, on-call, rollbacks, postmortems.
Cursor leverage: triage from logs/traces, draft fixes against an incident, generate runbooks and postmortem first drafts.
Layer 5 — the control planespans all four; you respect it, you never bypass it
Layer 5 is not a flow layer. It is the set of controls that cut across the other four to satisfy regulators, auditors, and risk: separation of dutiesNo single person can author, approve, and deploy the same change. The core control AI autonomy has to respect. (the author can't also approve and deploy), ITGCIT General Controls. The baseline IT controls auditors check: who can change what, how changes get approved, and how systems are run. (IT general controls — access management, change management, operations), audit trail, access control, data residency. In a SOXSarbanes-Oxley Act. A US law that forces companies to keep auditable controls over any system that affects their financial reporting.-relevant shop these are not optional and they are not yours to redesign.
The cardinal sin is implying Cursor lets a developer skip a control to go faster — e.g. 'the agent can just deploy straight to prod.'
That sentence ends enterprise deals. Autonomy in Layer 2 is great; autonomy that crosses a Layer 5 boundary (author = approver = deployer) is a separation of dutiesNo single person can author, approve, and deploy the same change. The core control AI autonomy has to respect. violation an auditor will flag.
Cursor makes Layer 5 cheaper to satisfy (better evidence, AI-code tracking, audit logs) — it never removes the control.
| Layer | What it is | Cursor's role |
|---|---|---|
| 1 Value | Intent / requirements | Improve — context in, intent preserved |
| 2 Engineering | Build / test / review | Improve — biggest leverage |
| 3 Release | Ship / gate / approve | Improve — config + evidence |
| 4 Operations | Run / respond | Improve — triage + drafts |
| 5 Control plane | SoDSeparation of Duties. No single person can author, approve, and deploy the same change. The core control AI autonomy has to respect., ITGCIT General Controls. The baseline IT controls auditors check: who can change what, how changes get approved, and how systems are run., audit, access | Respect — make cheaper to satisfy, never bypass |
Self-check
QWhich statement correctly describes Cursor's relationship to the five layers?
Reference customer — Northstar Financial
Carry one reference account in your head all week so every abstract point has a concrete home. Northstar Financial is our running example: a 200-engineer fintech, SOXSarbanes-Oxley Act. A US law that forces companies to keep auditable controls over any system that affects their financial reporting.-relevant, with a real, messy, large-company stack. When you learn a concept, immediately ask 'how would I say this to Northstar?'
- Engineers
- ~200
- Codebase
- Java monolith + TypeScript services + Terraform (IaCInfrastructure as Code. Managing servers and cloud resources through version-controlled config files (e.g. Terraform).)
- SCM / tickets / CI
- GitHub Enterprise · Jira · Jenkins
- Artifacts / runtime / flags
- Artifactory · Kubernetes · LaunchDarkly
- Observability / ITSM
- Datadog · ServiceNow
- Compliance posture
- SOXSarbanes-Oxley Act. A US law that forces companies to keep auditable controls over any system that affects their financial reporting.-relevant; 5 environments; formal CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship. (Change Advisory Board)
Map that stack onto the five layers and the conversation organizes itself. Value: Jira. Engineering: the Java monolith, TS services, GitHub Enterprise reviews, Terraform. Release: Jenkins, Artifactory, K8s deploys, LaunchDarkly flags, and the CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship. gate across 5 envs. Operations: Datadog and ServiceNow for incidents. Control plane: SOXSarbanes-Oxley Act. A US law that forces companies to keep auditable controls over any system that affects their financial reporting. requires that the person who authors a change cannot single-handedly approve and deploy it — the CAB and GitHub Enterprise approvals are the separation-of-duties enforcement.
Where Cursor lands at Northstar
- Engineering (L2): context-aware help across a 15-year Java monolith and modern TS services — the model carries the codebase context a new engineer would take months to build.
- Release (L3): drafting and maintaining Terraform and Jenkins config; generating release notes and the change-ticket evidence the CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship. needs.
- Operations (L4): triaging a Datadog alert, proposing a fix against the failing service, drafting the ServiceNow incident and postmortem.
- Control plane (L5): Cursor's audit logs and AI-code tracking make the SOXSarbanes-Oxley Act. A US law that forces companies to keep auditable controls over any system that affects their financial reporting. evidence cheaper to produce — but the CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship. still approves, and GitHub Enterprise still enforces who can merge.
When asked an abstract question, answer with Northstar. 'How does Cursor respect separation of dutiesNo single person can author, approve, and deploy the same change. The core control AI autonomy has to respect.?' → 'At a shop like Northstar, the author opens a PR in GitHub Enterprise; the agent never self-approves or deploys. The CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship. gate and branch protections stay exactly where they are — Cursor just makes the change and its evidence arrive faster.'
Grounding in a named, realistic account signals you've actually done enterprise field work.
Self-check
Contrast customer — Aurora Health
If Northstar teaches you the happy path, Aurora Health teaches you the constraint. Carry it as the counterweight: the account where you do not lead with your favorite feature, because their environment forbids it. A field engineer who only knows the easy case gets caught flat in the room.
- Engineers
- ~500
- Platform
- Azure DevOps (repos, pipelines, boards)
- Network posture
- Strict — locked-down egress, tight data-boundary requirements
- Hard constraint
- Cloud Agents are NOT approved
Cloud Agents (isolated cloud VMs, shipped in Cursor 3.5, May 2026) are a genuinely strong capability — parallel multi-repo, async report-back.
At Aurora they are not approved. Demoing them here is a self-inflicted wound: you've just shown a capability that violates their network and data posture.
Lead instead with what is approved: local/in-IDE agents, model and MCPModel Context Protocol. A standard that lets an AI agent pull in context from outside the repo, like Jira tickets or internal docs. allowlists, terminal sandboxing, RBACRole-Based Access Control. Granting permissions by role rather than configuring each person individually., audit logs. Meet the strict network where it is.
How the two accounts sharpen the lens
| Dimension | Northstar Financial | Aurora Health |
|---|---|---|
| Size | ~200 eng | ~500 eng |
| Platform | GitHub Enterprise + Jenkins | Azure DevOps |
| Top constraint | SOXSarbanes-Oxley Act. A US law that forces companies to keep auditable controls over any system that affects their financial reporting. + CABChange Advisory Board. A group that reviews and signs off on higher-risk production changes before they ship. across 5 envs | Strict network; data boundary |
| Cloud Agents | On the table (governed) | NOT approved — do not lead with them |
| Your opening move | Evidence + velocity story | Network/data-posture-safe story first |
The discipline is the same in both: read the control plane and the network posture before you choose what to show. Northstar's gate is compliance/SoDSeparation of Duties. No single person can author, approve, and deploy the same change. The core control AI autonomy has to respect.; Aurora's gate is network/data residency. Same lens, different binding constraint. Tailoring the demo to the binding constraint is the entire skill.
"Tell me your hardest 'no' before I show you anything — I'd rather demo what you can actually deploy than dazzle you with something your security team will veto."
Self-check
QAt Aurora Health, which is the safest capability to demo first?
How to use this week
This week is structured to build the lens, then load it with ammunition. Treat the five-layer model as the spine and everything else as muscle hung on it. Every module should resolve back to one question: where does this make good changes easier to produce or evidence cheaper to generate, without disturbing Layer 5?
- 1Internalize the lens (this module). Five layers, the thesis, the two accounts. If you can't draw the five layers from memory, you're not ready for the rest.
- 2Run every later concept through the lens. BugbotCursor's automated PR reviewer that posts inline findings and can push fix commits from isolated VMs.? Engineering-flow leverage with pre-merge review evidence. Cloud Agents? Engineering/release autonomy — governed. Audit logs? Layer 5 made cheaper.
- 3Anchor each concept to Northstar and stress-test it against Aurora. If it only works at Northstar, you've found a constraint to flag, not a feature to lead with.
- 4Practice the one-liners aloud. Interview-grade means you can say the thesis and the SoDSeparation of Duties. No single person can author, approve, and deploy the same change. The core control AI autonomy has to respect. line cleanly under pressure, not just recognize them.
- 5Separate the verified from the perishable. Know which stats are durable claims and which need 'verify before quoting.'
For any feature you learn, finish this sentence before moving on: 'This helps produce good changes / evidence them more cheaply by ___, and it respects Layer 5 because ___.'
If you can't fill in the Layer 5 half, you don't yet understand how to sell it to an enterprise.
Self-check
Verified facts — the durable ammunition
Enterprise credibility dies on a wrong number. Carry the verified facts precisely, and flag the perishable ones as 'verify before quoting' rather than stating them as gospel. Below are the load-bearing claims for the foundational pitch.
SOC 2 Type II; AES-256 at rest; TLS 1.2+ in transit; annual third-party penetration testing.
Privacy ModeCursor's setting that routes requests under zero-data-retention terms so providers don't store or train on your code. + zero-data-retention terms — but ZDRZero Data Retention. A contractual guarantee that the model provider won't store your code or train on it. does NOT apply when you use your own API keys. Know this caveat cold; it comes up with security teams.
Private connectivity via AWS PrivateLinkAn AWS feature that keeps traffic to a service on your private network instead of the public internet. + Cloudflare Tunnel. SSOSingle Sign-On. One company login (usually via SAML or OIDC) instead of a separate password per tool. (SAMLAn enterprise standard that powers single sign-on./OIDCOpenID Connect. A modern standard that powers single sign-on, built on OAuth.), SCIMSystem for Cross-domain Identity Management. A standard for automatically creating and removing user accounts when people join or leave., RBACRole-Based Access Control. Granting permissions by role rather than configuring each person individually., model/MCPModel Context Protocol. A standard that lets an AI agent pull in context from outside the repo, like Jira tickets or internal docs./repo allowlists, hooks, terminal sandboxing, audit logs, AI-code tracking.
- Fortune 500 reach
- Enterprise page cites trusted by 64% of the Fortune 500
- Box case study
- 85%+ daily active; 30–50% throughput; 80–90% less migration effort; +75% usage in 6 weeks via mentorship
Agent surface & Bugbotcurrent, but mark dates
| Item | What to say | Caution |
|---|---|---|
| Cursor 3.1 (Apr 2026) | Added CLI /debug | Tie versions to dates |
| Cursor 3.5 (May 2026) | Cloud Agents in isolated cloud VMs (terminal/browser, parallel multi-repo, async report-back) + Composer 2.5 | Not approved everywhere (see Aurora) |
| BugbotCursor's automated PR reviewer that posts inline findings and can push fix commits from isolated VMs. (June 2026) | ~3x faster, ~22% cheaper, ~10% more bugs found; 90% of runs <3 min; Autofix via isolated cloud-VM agents, ~35% of autofix changes merged; custom rules via .cursor/BUGBOT.md | '~70% flags resolved pre-merge' is older/directional — verify |
| Organizations | GA to Enterprise (~June 2026): one admin plane over many teams, each with own security/governance/budget; Groups for cohort model-access/spend/agent permissions | Recent GA — confirm before quoting |
Pricing — directional only
- Business/Teams list ~$40/user/mo.
- Enterprise is negotiated, with volume discounts at 100+ seats.
- Never quote enterprise pricing as a fixed number — it's negotiated. State the list anchor and pivot to value.
BugbotCursor's automated PR reviewer that posts inline findings and can push fix commits from isolated VMs.'s '~70% of flags resolved pre-merge' is an older directional stat.
Organizations GA timing (~June 2026) and any feature-version claim — dates move; confirm.
Anything you'd put in a slide for a CISOChief Information Security Officer. The executive who owns security; usually the hardest and most important person to win over.: if it's a number, source it the day you say it.
"We're SOC 2 Type II with AES-256 at rest and TLS 1.2+ in transit — and one caveat I'll surface before your security team does: zero-data-retention does not apply if you bring your own API keys."