Built it, scrapped it, built it again.
We launched SecAlerts after building it twice. What makes the second version better? It does less.
We made the usual mistake of over engineering the original product and spending too much time solving potential problems of non-existent users. We were delaying our MVP for fear of not catering to every potential feature request when we didn't really know who those users were or what they wanted, let alone if they would part from their hard-earned cash.
We built user management, we built reports, we built recurring payment systems, CVE management, feature after feature, none of which was being used. A big call had to be made. Scrap the product and scale it way back or try to sell a solution without a problem. With a small team building this in our spare time, the path forward was clear. Lower the surface area. Cut it right back to the core product and get it in the hands of our market.
Version 2 was born... a weekly newsletter.
The simplest, low-fi, low barrier-to-entry product that people could use right away. We even decided on an indefinitely free model, with no concrete plans for a paid version.
From here we plan to build a loyal customer base, learn what it is that they really need, solving real problems. So far it's worked out! We went from an overly complicated SaaS application with less than 10 users to a simple newsletter with over 200 subscribers and real engagement.
The lesson we learnt is almost a cliche in the startup world by this point but it's tough to learn and tough to remedy nonetheless. Lower your scope. Lower the amount of things to focus on and do them well. If you're interested in your application's security then feel free to subscribe to vulnerability alerts below.
. . .
If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.