undefined | Better HN

0 pointshackitup73y ago0 comments

Cool, glad you enjoyed it (I enjoyed yours as well).

The developer-first security angle is interesting – not sure if you include this in your categorization of security, but what I most frequently see SaaS companies / developers struggling with is data governance. For example, ensuring that they can comply with GDPR or CCPA deletion requests, store data in local geos, etc. A lot of this gets built by SaaS companies in-house.

The flexibility piece is different but comes up in sales more IME. Essentially every CRUD action in an enterprise SaaS app ought to be logged and accessible by API (which creates the same root problem of requiring a lot of developer time). But it manifests very differently in sales cycles from complying w/ GDPR:

* Regulatory compliance is often more of a box checking exercise for buyers (like SOC2)

* Having flexibility to log and manipulate everything via API is often a line-by-line evaluation of "can you meet X use case that we have for data integration" or "can you handle Y risk that we're worried about"

Good luck building Boxy!

0 comments

caloique3y ago

Cool insights, thank you for taking the time to go deeper. I'll share it with the team to explore further. Good vibes!

j / k navigate · click thread line to collapse

0 pointshackitup73y ago0 comments

Cool, glad you enjoyed it (I enjoyed yours as well).

* Regulatory compliance is often more of a box checking exercise for buyers (like SOC2)

Good luck building Boxy!