secrets - A Saas in the cyber security space

2022 is in full steam and I’ve spent all of January/February thinking about whether my next Saas idea makes sense and if there is a big enough market to pursue it.

Contemplation phase is over (it was sweet while it lasted 🍹) and this post is about sharing my intentions.

Testing the waters

While I tried to reach out to stakeholders/potential customers, I found it incredibly hard to connect to the kind of people that I wanted to (IT decision makers). Not only is it hard to get them to talk to you or provide feedback, but it’s even harder to find an audience that is large enough to draw a conclusion from.

Better people skills, a larger network, or a bigger Twitter following might have helped, but since I had neither I decided that I might as well get started.

The only real benchmark is a market launch!

So, what is this Saas all about?

secrets.so (shoutout to @tdinh_me for introducing me to the .so TLD) will be a platform to securely share/retrieve sensitive information (passwords/API keys/cryptographic keys/database connection strings/credentials/hidden URLs) outside your organization. Our service will ensure that shared secrets are one-time viewable only and also expire automatically.

Adding a time component to the sharing/retrieval process makes it extremely difficult for any 3rd party to gain access to privileged information.

Why not just plain text?
Sending any type of credential in plain text (Emails, Skype, Slack, MS Teams, Discord) carries the risk of them being exposed later on (even much much later).
That can be stolen equipment, hacked email accounts, printed documents, and so on and so forth...

The Solution

This problem can be solved by hiding the secret-to-be-shared behind a vanity URL that can be viewed only once before its content is deleted forever.

We plan on offering an API & a web-app first, adding in plugins for widespread communication tools (Slack, MS Teams, Discord) as well as browser addons later on - all to lower the friction when using a service as such.

I hope I outlined my idea well enough so that it makes sense. Please let me know what you think - I'm curious to hear your opinion.

Summary

While this idea is nothing new (every idea already exists 😎) I have a couple of additions/features up the sleeve that I haven't seen elsewhere yet.

I'll follow up with another post talking about the tech stack as well as a deep-dive in terms of features.

I’m stoked 🚀 about this new adventure and will of course #BuildinPublic over on Twitter. If you are interested, please do follow me at @TheHuethman for regular updates.