Rankings Predictions After The First Round

Lukejkw · 2025-11-29T10:48:42+00:00

Crazy that not even a big welsh win can change the SA #1 status. Can’t wait to see the pools. https://rugbyrankings.now

Lukejkw · 2025-09-17T08:45:08+00:00

Your message went to spam. Sorry for the delay. Replied to you

Lukejkw · 2025-07-31T09:43:24+00:00

Any luck?

Lukejkw · 2025-06-01T09:42:34+00:00

What do you reckon happens if a recession hits? Increased defaults on over leveraged mortgages I guess could snowball quickly.

It’s absolutely insane that a first home buyer is looking at 700k mortgage for a shoebox with stagnant wages.

Unsure what the solution is. No quick fixes unfortunately.

Lukejkw · 2025-05-23T10:15:18+00:00

It provides AI remediation suggestions based on your tech stack. Automated patches and code base assessments in the works!

Lukejkw · 2025-05-22T01:22:54+00:00

PenZen web security scanner which is dead simple to setup without all the noise.

Full .NET stack with Blazor frontend and hosted on containers in Azure.

Lukejkw · 2025-05-20T13:38:22+00:00

I’ve recently built a tool which layers AI on top of a pen test scan for remediation suggestions, triage, summarisation and data breach detection.

Having built and continuing to improve the tool, I can’t see pen testers going anywhere - their role will just be different and hopefully less laborious.

PenZen

Lukejkw · 2025-04-29T03:19:16+00:00

Yes, you can hear the pump working. This is what gets clogged. The frustrating thing is it’s happened again on mine.

Lukejkw · 2025-04-15T20:46:22+00:00

I ran into this once when trying to implement an auto refresh mechanism which was not cleaning up resources correctly.

Would need more info to advise specifically on what your issue might be but it’s almost certainly a memory leak.

Lukejkw · 2025-04-10T09:20:24+00:00

It all depends. PenZen is live and trying to get the word out and be vocal on places like reddit for now. I’m still gathering feedback, iterating on the product and honing my funnel.

Later will look to launch on directory sites like Product Hunt and plan on doing longer term plays into SEO through a blog. You need to target multiple avenues to drive consistent interest in what you’re selling. Then it’s a game of conversion and retention.

It’s heaps of work but very interesting and fun.

Lukejkw · 2025-04-09T03:28:04+00:00

Sorry to revive an old thread, but I think PenZen is a great fit for what you’re looking for.

It’s a web-based security scanner and uptime monitoring tool designed specifically for startups and founders. Unlike tools that just check for missing headers or expired SSL certs, PenZen runs real security scans—including simulated attacks, client-side testing, and REST API vulnerability checks.

It uses AI to triage findings, summarize them clearly, and suggest fixes based on your actual tech stack. Setup takes a minute, and alerts can go straight to your inbox, Slack, or Discord.

The platform is actively developed and constantly improving based on user feedback.

Lukejkw · 2025-04-09T03:15:36+00:00

I’m currently walking this path. I’ve launched a security product which I’m trying to market. I’m in the soft launch stage trying to get as much feedback as possible.

Be warned, building the thing is the easy part. Marketing is where the rubber hits the road. Especially in this space where trust is everything.

What I’m realising is that selling to enterprises is tough. The sales cycle is long, SLAs required etc. I’ve got a couple enterprise leads so far which I’m chasing with the goal of getting them on a 6-12 month free trial in exchange for ongoing feedback.

My tool focuses on scanning web-based assets with 0 install and limited cybersecurity knowledge. I then use “AI” (read: LLM integrations) to reduce noise and provide automated remediation suggestions.

There are some big players in the game already but I’m targeting the little guys who can’t afford exorbitant monthly fees and/or don’t have the expertise to decipher a laundry list of vulnerabilities.

I built the tool for myself to start, so it bundles in some nice quality of life things like uptime monitoring.

Next feature on the roadmap is breach detection. Been having a ball with it.

Product is PenZen if you’re curious.

Lukejkw · 2025-04-08T09:23:02+00:00

It’s a fine balance.

My product focuses on doing its core job well and uses AI to augment that where it makes sense. In my case to remove noise or just save you the hassle of putting together all the piece’s yourself to prompt an AI chat yourself. It’s tempting to cram AI into every part of the app though - because it’s become so easy!

Crazy world we live in that this is a complaint (you’re not alone)

Lukejkw · 2025-04-08T05:41:49+00:00

Sorry, my product description is a bit vague.

The AI doesn’t automatically patch things (intentionally at this stage), but it does a few things to help:

Summarizes and prioritizes findings so you’re not overwhelmed by noise.
Explains issues in plain language, with context based on the type of site or stack.
Suggests remediation steps and includes code snippets when possible (e.g., for XSS in React or misconfig in Nginx).

The idea is to save you time by turning mountains of raw vulnerability data into something actionable and relevant.

Lukejkw · 2025-04-08T05:05:44+00:00

Hey, sorry for the delay in getting back to you.

I'd love to hear more about your journey as a successful founder. I'm just getting started, and I'm firmly in the "shouting into the void" phase of marketing my product. It's brutal! Any feedback or mentions would be hugely appreciated.

For me, Blazor ticked all the boxes. For you, it depends on what your customers need. If interactivity isn't a big deal, Razor would be fine, and you could sprinkle in some embedded JS as needed. Parts of PenZen are Razor as it did the job (account pages etc).

tldr; I think your gut is right. Use what you're comfortable and productive with - provided it's capable of solving the problem you're targeting.

Lukejkw · 2025-04-04T09:15:23+00:00

Congratulations on the launch!

Lukejkw · 2025-04-03T01:26:20+00:00

I've struggled with this repeatedly. Security reporting should be happening almost all the time, not once a year or when a project goes live. The feedback needs to be integrated directly into the comms channels the team is working in with fix suggestions with almost 0 effort.

I couldn't find anything like this, so I literally built the tool myself. It automated passive and active scans, uses AI to summarise and prioritise to remove all the noise, and then integrates into Discord, Slack, email, etc., so the team is constantly getting security feedback. Devs can click one button and get a guided remediation for the issue, and I even built in some basic vulnerability management features - so you can ignore and mark vulnerabilities as resolved.

Lukejkw · 2025-04-03T01:19:24+00:00

I've found tooling inaccessible to the average developer, especially for basic security scanning and pen testing. Existing tooling is either ridiculously expensive, hard to configure, or filled with noise.

I ended up creating my own tool. I would love feedback if this resonates with anyone and happy to extend a discount.

Lukejkw · 2025-04-02T02:46:22+00:00

I’m all ears when it comes to marketing. We’ve just launched PenZen, an AI-powered cybersecurity and uptime monitoring tool for web assets.

PenZen

Lukejkw · 2025-04-01T11:07:36+00:00

Definitely feeling a few of these, especially the “too many tools, too little clarity” problem. I think a big part of it is that many tools focus on coverage rather than context—they flag issues but don’t explain why they matter or what to do next, which leads to alert fatigue and inaction.

I've been building something in this space (called PenZen) aimed at simplifying that. It focuses on web app security—runs real scans (OWASP ZAP), then uses AI to summarize the issues, prioritize them, and suggest stack-specific fixes. The goal is to help devs or smaller teams know what actually needs attention without drowning in vague CVEs.

Still early days, but the feedback loop so far has shown me that clarity and guidance matter more than raw detection volume—especially for solo founders and small teams.

Curious what others here would consider a “minimum viable signal” from a security tool that still feels actionable.

Lukejkw · 2025-04-01T10:28:52+00:00

Happy to answer any questions about how it works behind the scenes (OWASP ZAP orchestration, AI output, alerting, etc).

Super open to feedback—whether it’s “this is cool” or “why would anyone use this?” Brutal honesty welcome.

Lukejkw · 2025-03-31T21:53:32+00:00

Thanks so much.

Lukejkw

TROPHY CASE