[DistractionRect]

Edit: my first comment was a bit harsh.

The more toned down version is I find the whole thing suspect. It costs someone time to do this, so "free" doesn't scale. That someone would want to Trivy install, tuning, monitoring for "free" in return for remote access seems like a big red flag.

[frantic2821]

It's an unused account as I created a new one using my company email! Every account has started somewhere? I'm a new hire to market the side projects we are starting on and getting user feedback, understanding the problem more to solve it.

And yes, the current model cannot scale for sure as there's a human piece at the end. We aren't looking to scale at the moment, just exploring if there can be a solution to this space we can come up with.

Again, like I mentioned above, just looking for users we can actually help as this is a common problem many face if they aren't at a big organization.

Also mentioned this isn't our main business, something we are experimenting with hence we are in closed beta and offering to do it for free for only a few. We have human labour costs to lol

We offer to install it for you for ease or can guide you on installing it yourself, and we will obviously be signing NDAs and whatever a user would like to build trust. We are literally in the business of DevOps..nothing malicious my man, just exploring a different kind of MVP but I understand the distrust

[DistractionRect]

Seems like you started a reply before my toned down edit. Apologies for the harshness. I can understand it as a way to explore the problem space more and probably as a funnel to upsell other devops services.

I also get that products, and people, have to get a start somewhere - unfortunately scammers and mal actors look similar. I figured it was worth raising for others to consider, but did so near the bottom on the comment chain rather than top level so as to not derail discussion.

Edit: fighting autocorrect, detail -> derail

[frantic2821]

all good! I'm pretty new to the entire tech space as I'm the new hire brought in, so I understand and your response also helped me understand I should try building more trust in the copy

Yeah a possible upsell or doesn't have to be if this service is actually useful to anyone out there. We will potentially start charging a small fee (dependent on so many other factors, but hey you'll be getting an actual human expert in this age of automation to speak to eitherways) on this months from now - we haven't decided or thought of anything further as we don't know yet if people feel this is enough of a pain to be open to solutions, as obviously one can do it themselves to but at what cost of time?

any other feedback you may have on such a service or legitimate places to find users this can help would also be appreciated!

[frantic2821]

no worries, lol I responded before to your original comment before I saw the edit.

it's 'free' only for the closed beta as duh we are clearly stating there's a human expert at the end who will be reviewing and going through with it.

We also know this model is not going to scale because of the human aspect, but we know this is a problem most people face if they are from small organizations, so we are looking to see how we can solve for steps AFTER the scan. This is just our first step as we try to learn more.

Trivy was the choice of scanner for now, but we don't tend to stick with it as there can be better scanners out there depending on the environment- it's just what we chose for the start, open to discussions if a user has a preference for a different scanner