It's a hard problem - and depends on your target market. That being said, in my experience most companies with the maturity to go hunting for a tool like this will also have established vendor security requirements. On a baseline "trust" level - having an identity associated with the project beyond a new "brand" can help bridge that gap, especially if there are folks with strong personal reputations attached.
In the long term, you'll find many of the largest possible customers will demand an on-prem option, and/or some level of external attestation (e.g. a pentest, SOC2, etc.)
I acknowledge this is a lot to throw at someone getting a product going, and don't want to be discouraging, but security products have an even larger expectation - especially because I expect your buyer and user personas to be security-centric
This is the MVP of a startup I've been working on. The core idea is to create a real-time information/collaboration hub for incident response. One place for info, designated teams/roles/plans, and integrations with commonly used systems.
There's still lots of work to be done, but I'd really love some feedback and direction from anyone interested. Thanks for checking it out!
