Something different this week. I got an email from an aspiring SaaS bootstrapper. Let's call him John. John explained his working situation at a tech startup and his dream to start a SaaS in the cloud security space by himself.
He also had some pretty good questions. I asked John if it was OK if I answered them in the form of a blog post. He agreed, so here we are.
The mail
John expressed that he is stuck. Some analysis paralysis I'm sure —we'll get to that below. In his own words:
Here is where I am stuck.
a) I can't be a one person startup offering security for enterprises; they just don't trust that.
b) I find product market fit very hard. I have a POC that no one wants. I don't know what industry gaps are in its entirety, as it's a fast-paced industry. While I occasionally interact with security experts, it's far from pinpointing a specific problem.
Given that, what is your advice to me:
1) How did you start your product market fit?
2) Did you identify the gaps through consulting?
3) After bootstrapping, how did you evolve your idea for the product?
4) What mechanisms worked best for you to bootstrap?
That's a lot of questions. Let's dive in. But before that, a small disclaimer that everything here is just my opinion. Obligatory Big Lebowski meme below.
My answer
Let's just start at the the top
a) I can't be a one person startup offering security for enterprises; they just don't trust that.
Yes, you are right. And you answered your own question. First, do not start with selling to enterprises. Start with selling to smaller companies. Enterprises are the end game. The world is absolutely chock full of smaller companies that you have never, ever heard of that still would consider your product.
Second, be open about your company size and reflect it positively in other things: personal service, lower pricing, quick responses, newer features, no "call us for pricing" sales BS, quicker releases etc. etc. But still, going for IBM / Shell / GE / Bank of America type enterprises is a no go.
b) I find product market fit very hard. I have a POC that no one wants. I don't know what industry gaps are in its entirety, as it's a fast-paced industry. While I occasionally interact with security experts, it's far from pinpointing a specific problem.
This is big. I might have misunderstood, but you need to own your domain. You have to be a security expert to start doing this. This probably explains why your Proof of Concept is not getting any response. People buying your product expect you to be a security expert.
Of course, there are a million counter examples but I think any SaaS bootstrapper should really try to scratch their own itch. I've been working with IT monitoring solutions for 20 years. I found some solutions lacking or just old and cumbersome. That's why I started Checkly.
1) How did you start your product market fit?
This is a sneaky answer. First, the market was already proven. Checkly is a product that directly competes with existing, successful solutions. Second, I'm not sure I have "fit" yet. I understand "product market fit" to be the moment people are banging on your door to be let into your product. Throwing money at you.
Maybe I'm too hard on myself, but having 40+ customers and a bit over $1000 MRR is going in the right direction, but not there yet.
2) Did you identify the gaps through consulting?
I was a consultant for a long time (Hi CMG and Xebia!) and monitoring was always a part of jobs I did. But I would not start with consulting to find your "gap". It will be a self fulfilling prophecy. A solution looking for a problem.
Checkly was mostly dreamed up when working at unumotors.com as their IT boss. Unit and integration testing was 💩 because early startup. The CEO (Hi Pascal!) called me at night that signups and other things broke. I wanted a simple dashboard that actively checked these things. I hated what was out there...
3) After bootstrapping, how did you evolve your idea for the product?
How do you iterate on a product? This is an absolutely fascinating topic. This is what worked for me.
- Take your time. Think years.
- Be a deployment machine. Take every measure so you can deploy (and rollback) new stuff. This mostly means sticking to well known — boring — platforms and tools. I use Heroku, Postgres and AWS. Every possible friction will keep you from pushing that next release. Eliminate them
- Don't fiddle with your tech stack too much. I run on a Bootstrap 4 Alpha release and have all kinds of dependencies that are old, but fine. Only when security is impacted, do I actively upgrade.
- Keep two TODO lists. One prompted by your customers feedback, one with your own stuff. Read this post on how I get customer feedback. Now balance them. When items match on both lists, you know there is work to do.
- Write just enough tests. Not too much, not too little. It can suffocate your momentum.
- Look really, really carefully at competitors. Not to imitate features or copy them. But too see what decision making they went through. See if you can deduce and analyze why a competitor has a "thing". This will help you think about your own "things".
- Say "no" a lot to all kinds of silly, but well intentioned requests. Don't be a dick about it.
4) What mechanisms worked best for you to bootstrap
I think you mean what marketing and publicity things have worked best. John's actual email mentions freelancing, consulting, giving conference talks and meetups.
The above I didn't do or they didn't work. What works for me now is blogging and giving away free stuff, like Puppeteer Recorder and Puppeteer Sandbox. I can literally see people signing up through those two channels.
I tried Reddit, Twitter and Codefund ads. The results were pretty terrible compared to the freebies and blogging. This is a lot of work though. No free lunch and no magic bullet. I spend probably 50% of my time on any of these "marketing channels".
banner image: "Poem by Ariwara Narihira". (from the series One Hundred Poems Explained by the Nurser), Katsushika Hokusai, 1835-1836, Japan. Source