Newsletter #2 September 2024

This month our newsletter has an awesome Software Startup Funding Hack, behind the scenes app building with our App Spotlight, and the value of your app may be the data.

The Software Bootstrapper’s Ultimate Funding Hack!

As an early stage software bootstrapper, you need to (a) raise money, (b) get valuable feedback on what the customer wants/needs, (c) get your minimum viable product (MVP) built, (d) get your first customer (for income, product testing, & a reference account), and (e) find product-market fit (PMF). What if you could do all five at once without any equity dilution? Sounds too good to be true, right? I’ve done it and I’ve helped others do it…it works. This is a shortened version of a blog post found here.

How this hack works. You need to sell a prospect on a development project. This can be done as a push: you sell your product idea to the prospect; or a pull: you ask them what they need built. Then you sign them up for a project to build the product, the MVP. In the process of doing this, you need to make sure that you retain rights to the code and the ability to turn it into a product you can sell to others.

Why would they allow you to sell it to others? There are a number of reasons, which I think of as arguments you can make to that initial customer:

1. By selling to others, I’ll be adding tons of cool features to the app that you’ll love;
2. I’ll host run your app, on your cloud account, at my cost so you don’t need additional people to keep it running;
3. I’ll be busting my butt to make you happy, so you’ll give me great references;
4. Unlimited licensing: Instead of paying per user forever, you get a fixed price paid up front which can save you a lot of money.

You could offer to maintain it (fix bugs and add features) for free, but their constant stream of requests when they “go live” could be costly to offer for free. They may start asking for integrations with other tools and more. This could also be a good revenue stream for your startup. BUT, any new features other clients pay for, they get for free.  

The customer paying for this project will provide all sorts of product requirements and feedback which will help you get to product market fit (PMF) faster than building what you want.

As I like to say: “there are no solutions, only trade-offs.” The trade-off in this scenario is that it typically takes longer to sell a paid project than to sell them an existing product, since it requires more consensus, money, and trust in you. But, it is well worth it to have a customer, reference, product, all without you investing your own money or bringing on an investor.

Carbonetes: Your All-in-One App Security

Carbonetes delivers on a trend to combine all application security tools into a unified single tool. Carbonetes delivers this for developers using a 4-pronged approach:

#1 - Open Source Engines (see https://github.com/carbonetes/):  

1. BOM Diggity: Builds a bill of materials (BOM), then scans for secrets, dependencies, outdated software versions, and open source license types;
2. Jacked: A vulnerability scanner (get Jacked, not hacked)
3. BrainIAC: Infrastructure as Code (IAC) scanner to find misconfigurations.

#2 -  Lite App (run on your own infrastructure): This provides everything the individual programmer could need at no charge. It includes a policy engine, CI/CD integrations, vulnerability prioritization and license management. 

#3 - Enterprise SaaS: Everything in the Lite app, plus IAC auto-fix, SCA auto-fix, RBAC/Team support, malware scanning, APIs, governance & compliance, asset management, SSO/SAML, Jira and Slack integrations.

#4 - Enterprise (run on your own infrastructure): Coming Soon. Everything in #3 with an updated UI and ready to be run on-premise or the cloud.

There are three powerful market trends in cybersecurity that we capitalize on with Carbonetes: 

1. Shift-Left Security: Instead of separating the application programming and security functions, security is increasingly “shifting left” or becoming the domain of the developer who is responsible for securing their own code;
2. Consolidation: Companies don’t want to assemble 8 different security tools to address 8 problems in 8 different ways with 8 different workflows, policies, and dashboards. They want one unified solution;
3. Automation: There are a number of factors driving this trend: AI, the use of microservices with their own development cycles, and more. The bottom line: securing applications is increasingly automated. 

Carbonetes recently moved from AWS to OCI and we will be officially launching the application with Oracle in the Fall of this year. In the meantime, feel free to try the Lite or SaaS solutions today www.carbonetes.com. 

Employee Spotlight: Moises Dela Cruz

Name: Moises Dela Cruz
Position: Technical Lead, Carbonetes

Say hello to Moises Dela Cruz, our go-to guy for all things tech at Carbonetes. As our Technical Lead, Moises brings a mix of innovation and precision to the table, ensuring our projects are top-notch. His deep knowledge in software development and cloud security keep Carbonetes on the cutting-edge of the rapidly evolving cybersecurity market.

What makes Moises stand out is his ability to solve problems with ease and his genuine passion for what he does. He’s not just a leader; he’s a mentor who’s always ready to share his wisdom with the team. Outside of work, Moises keeps up with the latest tech trends, always looking for new ways to push boundaries 

“As a technical lead for the past five years, I've had the privilege of guiding the team through some exciting and challenging products. My role as a software engineer has allowed me to not only dive deep into the technical aspects but also to lead and collaborate with an incredibly talented group of individuals. I’ve enjoyed being able to shape the direction of our work, ensuring we deliver high-quality solutions while fostering a culture of learning and growth. Watching the team succeed and helping others develop their skills has been one of the most rewarding parts of my journey, so far. The team never settles for what we've accomplished and keeps striving for improvement. We continually innovate, seeking out fresh ideas and advanced technologies to elevate our solutions. Our dedication to excellence motivates us to refine our work, surpass expectations, and provide top-tier security solutions that adapt to the changing demands of our users.” 

- Moises 

Random Thought: The Value is in the Data

In the world of software development, many entrepreneurs focus heavily on building applications that deliver valuable functionality and benefits to users. While this is essential, it’s important to recognize that the real gold often lies in the data generated by these applications. Data has the potential to offer profound insights into user behavior, industry trends, and new business opportunities that may far exceed the initial value of the software itself. In fact, companies like Facebook and Bloomberg, among many others, have built their entire business models on the strategic use of data, creating ecosystems that thrive on the insights gleaned from user interactions.

Take Facebook as an example. While the social media giant’s application enables people to connect, share, and communicate globally, its real value is in the immense amount of data it accumulates. Facebook’s ability to analyze user behavior, preferences, intentions, and social connections has allowed it to build one of the most effective targeted advertising systems in the world. By leveraging this data, Facebook generates 150 billion dollars in revenue, proving that the true value of the platform isn’t in its functionality, but in the data-driven insights derived from its users' activities.

Another excellent example is Bloomberg, a financial software company that provides real-time market data, news, and analytics to professionals. Bloomberg's primary asset is its access to vast amounts of financial data and its ability to transform that raw data into actionable insights. The company's financial terminals are valued not just for the platform itself but for the exclusive data that users can access. In this case, the value of Bloomberg’s software is deeply intertwined with its ability to leverage data and present it in a way that is highly useful to its customers.

For software entrepreneurs, the lesson is clear: having a data strategy is crucial to long-term success. You need to think beyond the functionality of your application and consider how you can ethically leverage the data your platform accumulates. This could mean selling aggregated trend reports, providing insights for industry benchmarks, or even creating new revenue streams through data-driven advertising. As long as you operate within your terms of service, there are significant opportunities to unlock value from data that can drive growth and open new business possibilities. What is your strategy to unlock the value in your data?

MPH International helps you build market-winning mobile and web apps. We're experts in cutting-edge GenAI and we have deep expertise in oil & gas, banking, cybersecurity, and SaaS applications.