Everyone told us to build a SaaS.
The market for security automation is huge. Competitors like Tines or Splunk charge $50k a year for their platforms. The margins are great if you can close the deals.
But we are engineers. We hate sales calls. We hate gatekeeping security behind massive contracts.
So we took our platform, ShipSec Studio, and released it under an Apache license.
It replaces the messy Python scripts most companies use to glue their security tools together. Now anyone can drag and drop a workflow to scan for secrets or check cloud compliance without paying a dime.
We are betting that building a massive user base is worth more than a few high-touch enterprise deals right now. We want to be the standard, not the luxury option.
If you want to support this approach, a star on our repo would mean a lot.
you can search shipsec studio and you will find our repo
Would love to hear thoughts on this "open core" strategy from others who have gone this route.
We gave up on selling enterprise software and just open sourced it
byu/Deep-Bandicoot-7090 inEntrepreneur
Posted by Deep-Bandicoot-7090
2 Comments
Have you seen any increase in user engagement since going open source? Curious if you’ve noticed a shift in community support or contributions. Also, how are you planning to monetize in the long run, or is the focus purely on building the user base for now?
Most teams frame this as a values decision, but it is usually a capacity decision. Enterprise sales is not just revenue, it is an operating system you either build for or quietly avoid.
Open sourcing often reads as generosity on the surface. Underneath, it is a bet that adoption can substitute for alignment, and that governance can wait until later.