Show HN: We made cloud security cost less than your team's pizza run ($30/scan)
My co-founder (Riyaz) and I built a hosted cloud security scanner for solo devs and small teams who can't justify expensive cloud security products. We've noticed teams are often hesitant to use cloud providers security tools due to fear of unexpected billing surprises.
After years of securing cloud infrastructure and applications, we noticed a gap: teams either struggle with complex provider tools or rely on open-source scanners running from laptops. While we used to recommend open source solutions, we realized the main challenge wasn't the tools themselves but maintaining consistent security scanning workflows.
We built Kloudle to make finding and fixing security issues simple, going beyond basic compliance checklists. Our pay-per-scan model ($30/scan if you have >5 issues, first scan free) eliminates the burden of unused subscriptions.
Some technical details: - Built on Google Cloud using serverless and containers for scanning - Custom ELT pipelines for misconfig evaluation - Comprehensive support for AWS, GCP, K8s, and DigitalOcean (383 security issues as of the last count) - Exploring adding support for emerging providers (like Zadara)
Interesting insights from our journey: - We discovered DigitalOcean was popular among small teams, so we built comprehensive security checks. Their security team was super friendly and we donated our entire list of checks for to them to kickoff building a foundational CIS Benchmark for DigitalOcean - Our users found creative workarounds for missing features (like using catchall emails for team access) - We handle support between founders across different time zones, covering ~18 hours daily
As a small team (<10 people), we've kept our infrastructure lean, passing the cost savings to users. While we're still adding features (team plans are coming!), we're focused on keeping things simple - including passwordless sign-in.
I handle the marketing efforts and act as the product manager. Riyaz has his hands full with making sure we keep adding new configuration security checks and evaluate how we can simplify onboarding of existing cloud providers for our users.
Our challenges include not enough paying customers giving us feedback or are willing to rate us on review websites. But the situation is slowly improving. While many product folks tell us that if the users love the product they will definitely tell others, it is possible that not everyone is open about the fact that their cloud account had many security issues.
Happy to answer questions or hear your feedback! If interested in looking at the product or even running a scan just browse to kloudle(dot)com.
3 comments
[ 0.32 ms ] story [ 21.2 ms ] thread