For those in the know... what are the best patterns out there for doing this at the moment?
Post-LLM validation. We're currently working on this at https://github.com/guardrails-ai/guardrails
Readit Newssafeerm commented on Launch HN: DryMerge (YC W24) – Automate Workflows with Plain English · Posted by u/samuelbrashears
safeerm commented on Ask HN: Main things to consider when building an app for business/enterprise? · Posted by u/AM1010101
I started a side project turned bootstrapped B2B SaaS that was eventually acquired, so I can share a bit of what I learned. Some day I’ll write up a longer list of lessons.
Security - complexity will absolutely kill you. I know it’s fun to experiment with Kubernetes and multi-region infrastructure deployments, but that does nothing but increase your attack surface. When we were acquired, I had a single static website hosted on AWS S3, one RDS database, and a handful of Lambda functions behind an API Gateway. You still need to follow best practices: use TLS for all connections, encrypt customer data, properly segment application users, OWASP top 10, etc. but that’s much easier to do with a simple application. Minimize application dependencies, scan them for venerabilities using free tools like Snyk, and keep things up to date.
Compliance: Depending on your domain, you may need to get a SOC II report at some point. Don’t do it until you need it, but when you do, just pay a company like Secureframe (full disclosure: I’m an advisor for them, but there are other similar companies).
Single Sign On: we used Auth0, which was great until we reached 10(?) enterprise connectors and it went from free to $15k/yr. We then migrated to AWS Cognito. If I did it again, I’d just use Cognito to begin with, but wouldn’t build the integration until you actually have customers asking for it.
Marketing: my weaker spot. I was a developer, so had a skeptical view of marketing. We tried a lot of things (agencies, paywalled content, contract writers, etc). I’m still convinced that the highest impact marketing was deeply technical content (doesn’t even need to be about the product, just the same problem space) that was published on our blog for free with a link at the bottom to our product. Simple and effective. Reddit ads on niche subreddits were helpful, especially with getting early users. Marketing agencies are probably overkill until you’ve got actual PMF.
Sales: you need to do the selling. Don’t hire a salesperson until you’ve got a significant number of users. “But I won’t have time to develop if I’m selling.” Yes, exactly. And you won’t have anyone buying if you spend all your time developing and not talking to users. It’s critical that you personally talk to every user as much as possible.
Pricing: I made the mistake of underpricing the product for a long time. I thought developers would love the low cost model. In reality, their companies were paying, and, when you give someone a company credit card, they’re a bit more willing to pay more for a good product. You can still price lower than the competition to get users in the door, but don’t try to be the bargain app. Monthly subscriptions are good, annual are better, but bring tougher sales cycles (enterprises will want to negotiate the contract, add their own legal terms, etc).
It’s a bit tough to give much more advice without knowing what domain you’re operating in, but hopefully that was helpful!
Good advice!
safeerm commented on Momento launches out of stealth with a serverless cache techcrunch.com/2022/11/02... · Posted by u/jedberg
I worked with Khawaja and Daniela at AWS. They always were strong advocates of developer experience and it really shows with Momento. Congrats on the launch!
Like the other comments mentioned your post misses of how transparent AWS has been in price reductions in the past.
More importantly, S3 now has several tiers of pricing depending on how frequently you access the data. So maybe lately they haven’t reduced the pricing of the top tier of S3 but they’ve made it significantly cheaper for other use cases of data. That is very contrary to the comments being made of innovators dilemma.
(I used to work at AWS but have no knowledge about pricing decisions)
safeerm commented on Why companies move off Heroku (besides the cost) blog.porter.run/why-compa... · Posted by u/jusrhee
Alternatives to Heroku besides Porter?
if you're interesting in moving off Heroku to AWS without the complexity of Kubernetes, I would love to chat with you. safeer [at] tinystacks.com
I switched from Heroku to AWS, then eventually back to Heroku. Heroku to AWS was for cost reasons (cut monthly costs by roughly 35%) but wasn't enough savings to justify hiring a devops person. As soon as there were too many issues I didn't know how to fix (setting up everything Heroku offers was hard and likely done wrong, which made ongoing maintenance some level of hell), I switched back to Heroku where the lack of devops needs basically paid for itself.
This is very, very true. One of our customers described it really well “The nightmare of DevOps kept us from managing AWS directly, but with TinyStacks we can scale a billion+ requests a day in audio advertising leveraging the full power of AWS.”