Building, breaking,
and securing the cloud.
Long-form notes on AWS, GCP, Azure, Kubernetes, compliance, and the engineering decisions pre-seed and seed founders face. New posts every Monday and Thursday.
Cloud Egress Costs in 2026: AWS vs GCP vs Azure for High-Traffic SaaS Startups
Egress is the line item high-traffic SaaS founders underestimate. AWS, GCP, and Azure all dropped exit fees in 2024 under the EU Data Act, but day-to-day egress still varies 10-40 percent. The honest 2026 breakdown with public pricing tables and six tactics to cut the bill.
PCI DSS 4.0 in 2026: The 9 Most-Missed Requirements for Pre-Seed Fintech CTOs
13 min·May 19, 2026AWS vs GCP for Indian Fintech: The 12 Decision Points No One Writes About
14 min·May 15, 2026AWS S3 Block Public Access: Four Settings, What Each One Does, and Why You Need All Four
8 min·May 12, 2026I Audited Five OTT Platforms With Browser Devtools. The Cache Headers Told a Story.
11 min·May 7, 2026What SOC 2 Actually Costs an Indian Seed Startup in 2026: A Line Item Breakdown
Indian seed-stage SaaS does SOC 2 Type II for ₹8-14 lakh all-in. The same opinion letter costs ₹34 lakh+ if you copy the Western default stack (Vanta + Big-4 + US pen test). Customers can't tell them apart. Here's the line-item breakdown grounded in 12+ Indian-market sources, not US enterprise aggregators.
13 min read·Apr 23, 2026Ghost Hunter: The $28,000 Question Your Dashboard Won't Answer
Every cloud bill tells you what went up. None of them tell you why. Ghost-hunter is an AI investigator that reasons through your bill the way a senior SRE does: one hypothesis at a time, read-only, every command validated before it runs.
8 min read·Apr 19, 2026I Looked at 30 Startups' Infrastructure. Every Single One Had the Same Problem.
After reviewing 30 startups under 50 engineers, a pattern emerged: the CTO is doing everything, security is on nobody's plate, and one bad day is all it takes. Here are the 7 things I found in every single one.
6 min read·Apr 12, 2026RBI Compliance for Fintech Startups: Security Checklist 2026
A practical infrastructure checklist for fintech CTOs. Covers RBI cybersecurity framework, data localization, VAPT requirements, and the mistakes that trigger enforcement actions.
10 min read·Apr 5, 2026DPDP Act Compliance for Startups: What Your Dev Team Needs to Build Before May 2027
DPDP Act enforcement starts May 2027. Here is exactly what your startup needs to build, with penalties up to INR 250 crore for non-compliance.
9 min read·Apr 5, 2026AWS IAM Audit for Startups: A Step-by-Step Guide to Finding and Fixing Risky Permissions
Learn how to run a practical AWS IAM audit for your startup, find overprivileged roles, and fix the misconfigurations that lead to breaches.
5 min read·Mar 26, 2026Cloud Cost Optimization for Startups: Cut AWS Bills Fast
A practical guide for startup engineers to reduce cloud spend using proven cost optimization techniques that do not sacrifice performance.
4 min read·Mar 26, 2026