Avoiding the Entangled Mess

B2B product teams move fast. The priority? Finding product-market fit in a competitive landscape.

But in the rush to build and ship, the foundational aspects of running a well-structured AWS organization are often neglected. This oversight can lead to costly problems, technical debt, security vulnerabilities, compliance headaches, and operational inefficiencies that are difficult (and expensive) to untangle.

We've seen this pattern repeatedly, from early-stage startups to scale-ups and even well-funded unicorns.

AWS offers a powerful ecosystem for B2B product teams, providing the essential building blocks to help teams focus on delivering value to customers. The Serverless revolution, in particular, has allowed teams to develop and deploy applications without the burden of infrastructure maintenance.

Time and time again, we see teams adopt modern application development and delivery techniques, but organization management and even IaC adoption to manage organizations seem to fall by the wayside.

The Reality of an Entangled Organization

Without strong foundations, AWS environments often evolve into The Entangled Mess.

Some common symptoms include:

• The 'Wild West' AWS account - A single account hosting everything from test environments to production workloads. It's the 'Wild Wild West' anything can and will happen!
• Security risks - Overly permissive access, long-lived credentials, and inadequate auditing.
• ClickOps over Infrastructure as Code (IaC) leads to inconsistent environments and a lack of version control.
• Lack of organizational controls - No standardization, unclear policies, and a "black box" setup.
• Lack of secured and efficient AWS account access features hampers production and impacts security. 
• Slow turnaround times - Delays in spinning up new environments or onboarding external vendors.
• The "Brent" effect - (See phoenix project character Brent Geller) -  Knowledge silos where one or two engineers become the single source of truth.

And the most common behaviour? ‍

"We'll fix it later."

We believe it doesn't need to be that way.

When compliance and security become critical, often at customers' request, it is painful to retroactively fix a tangled mess. The cost of correcting it later is always higher than getting it right from the start.

What is Keystone?

Keystone is our new suite of products and services designed to help B2B product businesses start right and operate a secure and compliant organization running on AWS for themselves and in the eyes of both their customers and potential auditors.

We're builders ourselves, we get it.

Our goal is simple:

Help teams move faster while maintaining strong security, governance, and compliance foundations without adding unnecessary complexity.

The name Keystone is deliberate. In architecture, a keystone is the central piece that holds everything together. That's what we're building: a robust foundation on which B2B teams can rely.

We're builders and have seen first-hand the challenges of managing AWS organizations at scale. So, we created Keystone to provide the tools and expertise needed to start right, adapt fast, and stay secure.

The Keystone Ecosystem

1. Keystone Core (Launching today)

A CDK-based (TS/Python) Landing Zone Accelerator, offering:

• Battle-tested AWS organization building blocks with secure defaults.
• Apply best-fit building-blocks to adapt to your organization's needs. 
• Documentation Hub to help teams upskill and understand their infrastructure.
• A streamlined CDK deployment framework for better developer experience (DevX).
• Well-documented construct APIs, searchable.
• AI assistance (in progress).

Ideal for teams looking to get their AWS foundations right from day one or to help clean up an existing setup.

2. CloudCare (Continuity Support & Retainers)

Even with the right foundations, teams often need ongoing support. CloudCare offers:

• Retainer-based support for your teams.
• Access to certified engineers who understand both AWS and the realities of B2B product development.

Perfect for teams who want to retain control but need expert guidance on demand.

3. Keystone Plus (Coming Soon)

A security-enhanced version of Keystone Core, designed for organizations handling sensitive data or with higher security requirements.

4. Keystone Comply (Coming Soon)

Continuous compliance monitoring and evidence gathering, seamlessly integrated with Keystone Core.

• Ensures compliance from day one, rather than retrofitting it later.
• More cost-effective than traditional compliance consultancy.

We're currently in product discovery mode for Keystone Comply; if you're interested in early access, we'd love to hear from you!

Who We Serve

We serve B2B product teams running on AWS.

We are B2B product builders ourselves. We know what it's like to balance feature velocity with the reality of running a secure, scalable organization.

Our backgrounds span startups, enterprise consulting, scale-ups, and accelerator cohorts. We've seen the trade-offs, the pain points, and the mistakes, so we built Keystone to help teams navigate these challenges more efficiently and affordably.

Why Now?

While we appreciate the transformative potential AI offers our industry, we recognize the complex and costly challenges that still exist regarding organization setup, maintenance, and the application of best practices.

The reality is that proper infrastructure management requires both innovative tools and human expertise. That's why Keystone takes a holistic approach, combining technology with hands-on guidance from engineers who understand the complexities of B2B products.

We're here to help fix that in the most optimal way possible so your teams can focus on building your product, not firefighting AWS issues and challenges later.

What's Next?

• We're in the final stages of a pilot with a US-based scale-up and will soon share insights from their experiences, what worked, what didn't, and what we learned.
• We're continuously improving Keystone Core, adding new building blocks, expanding the Education Hub, and refining best practices.
• We're exploring early-stage Keystone Comply partnerships, if compliance monitoring is a challenge for you, let's talk.

Let's Talk

If you're a B2B product team on AWS and want to:

• Avoid the entangled mess
• Accelerate secure and compliant growth
• Spend less time on right-fixing your AWS organization and more time on product.

✉️ Get in touch: hi@firstblox.com

Ship Harder, Better, Faster, Smarter.

‍