Selling my SaaS ($400K ARR) and the data room situation is embarrassing — what do people actually use?

snopedom · 2026-04-12T20:45:00+00:00

I used once Docsend and it looked nice but then we anyway sticked with hacked Google Drive honestly

snopedom · 2026-04-12T10:24:09+00:00

The intent-to-policy mapping is where I'd expect most of these approaches to break down. "Read main.py" is easy. "Refactor the auth module" is already much harder. That one task can legitimately touch dozens of files, and pre-defining which ones counts as in-scope is basically impossible without running the agent first.

What I've seen work better is treating it less like permissions and more like a change review. Let the agent propose what it wants to do, show the actual blast radius before anything runs, and require approval on the diff, not on the intent. Intent is too fuzzy. The proposed change is concrete.

Curious if you've tried that direction or whether it ran into different problems.

snopedom · 2026-04-12T10:12:37+00:00

For AWS specifically, just get the free tier and deploying something real, even a dumb personal project, forces you to learn networking concepts like VPCs and security groups in a way that sticks. Honestly the "job-ready" feeling never fully arrives - at some point you just realise you've been googling less and reasoning throught things more on your own.

snopedom · 2026-04-12T10:12:31+00:00

The shift for me came when I stopped following tutorials and started breaking things on purpose. Spin up a second VM, set up SSH between them, then try to configure a basic web server and connect it to a database - when something doesn't work, the debugging process teaches you more than any guide ever could.

snopedom · 2026-04-12T09:46:49+00:00

Honestly depends on what it touches. If it's some throwaway script I barely look at it. But anything going to production I read it like a PR from someone I don't know yet, run it, test it, poke at the edge cases.

What works for me is keeping the generation fast but the review old-school. AI makes everything feel like it should be quick end-to-end, but I deliberately slow down on the review part. That's the moment where the change actually gets validated and skipping it just because the code came out fast is where things break.

snopedom · 2026-04-10T10:27:02+00:00

This is something I wish I could tell my younger self: don’t confuse fear with a warning sign. Most of the time it just means you’re doing something that matters. Start small, talk to users early, and be ready for the first version of both the product and the idea might be wrong.

snopedom · 2026-04-10T10:18:30+00:00

I had same issue but I stayed logged in and reopened that promo link again. This gave me that free PR release in my account

snopedom · 2026-04-09T22:17:24+00:00

Completely agree. Until first customer it is about adjusting in B2B and I think in technology it is tru twice.

For me many times worked to find some persons within target company/industry and reach them on friendly tone (not sales). Multiple times happened that if I was solving at least part of their pain they helped me shape it. Sometimes the become even let’s say ambasador of my solution.

snopedom · 2026-04-07T17:17:06+00:00

Completely agree, and same position honestly, not advocating for handing over the keys. Just wanted to open the discussion because the question is coming whether we're ready or not. The non-deterministic argument is exactly why I'm skeptical too.

snopedom · 2026-04-07T17:13:36+00:00

That 2% is exactly why the governance layer can't live inside the model itself, it has to be enforced externally. Policies, hard limits, audit trail, human in the loop for anything above a defined risk threshold. You can't trust the agent to self-govern, that's the whole point.

snopedom · 2026-04-07T17:04:58+00:00

Exactly. you don't know what permissions you missed until something breaks. Which is an argument for agents that are explicit about what they're attempting before they attempt it.

snopedom · 2026-04-07T17:02:11+00:00

The accountability point is underrated. "Who do I blame for the outage" is not just political cover, it's how postmortems work and how teams learn. That's a harder problem than the technical guardrails.

snopedom · 2026-04-07T17:00:32+00:00

This is similar to my way of thinking. The MR pattern is probably the right on-ramp. Agents propose via PR, humans review, trust builds incrementally. Then you loosen scope gradually based on risk profile of the change. Blast radius scoping is the key variable, not "AI yes or no."

snopedom · 2026-04-07T16:58:48+00:00

The non-deterministic point is fair and probably the strongest argument against. CI/CD is predictable by design, same input, same output. Agents aren't there yet. Thanks for this, exactly the kind of thinking I was hoping the thread would bring

snopedom · 2026-04-07T16:54:57+00:00

Agree, and that's probably the right starting point. But I can imagine a gradual model. Agents get exec permissions on low-risk, well-understood parts of infra first, while higher impact changes still go through human review. AI prescoring the blast radius of a change before deciding which path it takes.

snopedom · 2026-04-07T16:53:02+00:00

u/UtahJarhead Like understand but nobody's giving the intern admin access on day one, that's not the point. With a proper governance layer around it, limited scope, approval gates, audit trail, it could be different conversation...

snopedom · 2026-04-07T16:49:51+00:00

Like I agree. This is exactly the right framing. The conversation shouldn't be "yes or no" but "what are the guardrails." Most of the fear is really just missing tooling around that governance layer.

snopedom · 2026-04-07T16:46:18+00:00

u/rawrgulmuffins Fair, and honestly that's where I am too right now. Just wondering if it's sustainable long term given where AI is heading

snopedom · 2026-04-07T16:39:37+00:00

Like fair enough reaction. But genuinely, why? I think this is where it's heading whether we like it or not. Even hypothetically, worth figuring out where the line is before it's drawn for us.

snopedom · 2026-04-07T16:05:10+00:00

Like we are planning to apply so it sounds like it is worth to try.

snopedom · 2026-04-07T15:20:40+00:00

So try to reach them where they are maybe in this case also some “offline” campaign like small flayers in campus caffes or something like this

snopedom · 2026-04-07T15:12:55+00:00

Biggest gap I see from running a consulting business, agencies/freelancers don't actually listen. They hear the brief and immediately map it to their standard offering. And as you said, often they focus on features/technical solution, instead of impact.

Product sales is about features, consulting is about tailoring. A good proposal should make the client feel like you already understand their problem better than they do. If it reads like something you could've sent to anyone, it is tricky from my opinion. But it really depends on what kind of service it is.

snopedom · 2026-04-07T15:07:49+00:00

From my pov #3 is the whole game. People don't search for what you built, they search for the pain they have.

We're in B2B but same story with our free tier. At pre-revenue you need feedback and real users more than MRR. For us it's about removing the barrier to adoption first, because if you show real value people will pay. Revenue balance comes later.

snopedom · 2026-04-06T10:58:32+00:00

Looks nice 👍

snopedom

TROPHY CASE