IT teams manually cobble together procedures for device swaps, missing steps (like using TAP instead of password resets), creating security gaps (disabling MFA temporarily), and lacking visibility into which users have completed migration.
A guided runbook platform specifically for device lifecycle events — provides best-practice templates for common scenarios (phone swap, laptop replacement, OS migration), tracks each user through the workflow, flags security anti-patterns (like disabling MFA), and generates compliance reports.
Freemium — free templates, paid for automation integrations and audit trails
Real pain confirmed by Reddit signals — IT teams are genuinely struggling with MFA/identity migration during device swaps and creating security gaps. However, this is episodic pain (happens during rollouts, not daily), which reduces urgency. Teams suffer through it every 2-3 years during hardware refreshes, then forget about it until next time.
TAM is narrow. Target is IT ops teams at 100-2000 device companies using M365/Intune — maybe 50-80K companies globally. At $200-500/month average, that's a $120M-$480M TAM ceiling. Respectable for a bootstrapped SaaS but not venture-scale. Expanding to all device lifecycle events (onboarding, offboarding, OS migration) widens it, but it's still a niche within IT ops.
Mixed signals. IT ops teams at mid-market companies have notoriously tight tooling budgets and strong 'we can script this ourselves' culture. The pain is real but episodic — hard to justify monthly SaaS spend for something needed intensely for 2 months then rarely. Compliance/audit angle improves WTP for regulated industries (healthcare, finance). The free template play may cannibalize paid conversion.
Very buildable as MVP. Core is a workflow engine with conditional steps, user assignment tracking, and pre-built templates. No deep infrastructure integration needed for v1 — templates can be informational with manual execution. Intune/Graph API integration for automation is well-documented. Solo dev could ship a functional MVP (templates + tracking + basic compliance flags) in 6-8 weeks.
Clear gap exists. Rundeck is too generic and DevOps-focused. MDM tools manage devices but don't guide humans through swap procedures. Process Street is generic checklists without IT intelligence. ServiceNow is overkill. Nobody is offering: pre-built device swap runbooks + security anti-pattern detection + per-user migration tracking + compliance reporting, all in one purpose-built tool for mid-market IT teams.
This is the critical weakness. Device rollouts are project-based, not continuous. A company does a bulk swap, uses the tool intensely for 1-3 months, then churns. To survive as subscription: must expand to ALL device lifecycle events (onboarding every new hire, offboarding, break-fix replacements, OS upgrades) to create ongoing usage. Without this expansion, it's a professional services or per-project pricing model, not SaaS.
- +Clear competition gap — no purpose-built tool exists for guided device swap workflows with compliance guardrails
- +Pain is validated by real IT practitioner discussions with specific, articulable frustrations
- +Security/compliance angle adds urgency and budget justification beyond convenience
- +Low technical risk — MVP is a workflow engine with templates, well within solo dev capability
- +M365/Intune ecosystem is massive and growing, providing a clear distribution channel
- !Episodic usage pattern threatens recurring revenue — bulk swaps happen in bursts, creating high churn risk unless scope expands to continuous device lifecycle events
- !IT ops 'build vs buy' culture is strong — many teams will say 'I can build this in PowerShell and a SharePoint list' even if they shouldn't
- !Template-led freemium may give away too much value — the templates ARE the product for many teams who just need the checklist, not the automation
- !MDM vendors (Intune, Jamf, Kandji) could add guided workflow features as a checkbox, commoditizing the core value prop
- !Mid-market IT tooling budgets are tight and procurement cycles are slow — selling $300/month tools to IT managers requires champion-building
General-purpose runbook automation platform for IT operations. Lets teams define multi-step workflows, delegate tasks, and audit execution across infrastructure.
Enterprise technology lifecycle management platform. Tracks devices from procurement to retirement with workflow automation for onboarding/offboarding.
Apple device management
General-purpose checklist and workflow SaaS. Teams create recurring checklists with conditional logic, approvals, and integrations.
Enterprise ITSM platforms with asset management, workflow automation, and change management modules.
Web app with 3-5 pre-built runbook templates (phone swap with MFA migration, laptop replacement with Intune re-enrollment, OS migration). Each template is a step-by-step workflow with conditional branching. Core features: (1) assign users to a rollout batch, (2) track each user's progress through the runbook, (3) flag security anti-patterns with warnings (e.g., 'You are about to disable MFA — use Temporary Access Pass instead'), (4) export completion report. No Intune API integration in v1 — keep it informational/manual. Ship it, get 10 IT teams using it during real rollouts, then add automation.
Free: 3 templates, up to 25 users per rollout, community-maintained templates. Paid ($199-399/month): Unlimited rollouts, custom templates, audit trail exports, team collaboration, security compliance reports. Enterprise ($custom): Intune/Graph API automation, SSO, API access, custom compliance frameworks. Upsell path: per-rollout pricing option for teams that won't commit to monthly ($99/rollout) to combat churn from episodic usage.
8-12 weeks to first paying customer. Weeks 1-6: build MVP with templates and tracking. Weeks 6-8: beta with 5-10 IT teams from Reddit/sysadmin communities. Weeks 8-12: iterate based on feedback, launch paid tier. The Reddit sysadmin community is an ideal early distribution channel given the idea originated from that pain signal.
- “We have a procedure but it doesn't seem like the best”
- “Apparently we missed something in testing”
- “we have to disable MFA on their account”
- “treating device enrollment and MFA transfer as one atomic step, because they're not”