Start right on AWS.Avoid the entangled mess later.
We help startups set up secure, scalable cloud foundations - fast. No guesswork. No mess. Just clean infrastructure from day one.
Many startups get their cloud setup wrong
A single AWS account. No clear boundaries. Manual changes.
It works... until it breaks. Then you’re fixing security gaps, scrambling to rectify compliance issues, and explaining outages to customers and investors.
Before
One AWS account, no controls, no backups, chaos
After
Multi-account setup, secure access, cost clarity, peace of mind
We set up your AWS cloud the right way.
We do this with Keystone, our Foundation as a Service offering.
Keystone, is a CDK based set of tools, building blocks and orchestration capabilities designed to help cloud-native startups create and maintain a secure and compliance-ready cloud platform in the most cost-effective way possible.
Composable Building Blocks
Configure and provision best-fit building blocks for your organization.
Orchestration
Automated building block provisioning, configuration, and maintenance.
Streamlined Access
Single sign-on, from the CLI to the console.
Security
Best practice security controls, fully automated.
Governance
Automated governance controls, fully customizable.
Compliance
Easily configure your organization for compliance-readiness.
Customer Assurance
Assure your customers of your security and compliance posture.
DevX
Simplified DevX, adaptable by design, fully customizable.
Customer Spotlight
HireBus, a US based hiring automation platform, adopted Keystone to maintain their organization, and moved from a single AWS account to a structured, secure foundation to prepare for scaling, a compliance program and a new AI platform for the business.
Problem
Developer velocity was impacted with inefficient access to the cloud and slow deployment pipelines, security KPIs not met, their compliance program had not started, and the new foundation for AI platform was not in place.
Solution
Multi-Account Architecture: Transitioned to a secure, well-architected, multi-account, AWS environment.
Security: Added threat detection, AWS SSO with Google Workspaces IdP, and secured access to compute environments.
Infrastructure: Best-practice networking for hosting public and private resources, and multi-account DNS.
Compliance: Audit trails and compliance automations and auditing in place.
Regional CI/CD: Established delivery pipelines delivering controls and infrastructure across multiple regions.
Business Outcomes: Accelerated development, enhanced security, improved compliance, reduced manual work.
What's included in our early bird offer? Keystone Essentials and our SaaS Application Foundation
Keystone Essentials |
Keystone Essentials Documentation & Guides |
SaaS Application Foundation |
SaaS Application Documentation & Guides |
Our SaaS Foundation comes with batteries included
| IaC CDK TS | ✓ |
| CI/CD | ✓ |
| Monitoring/Logging | ✓ |
| Tracing | ✓ |
| Multi-environment Ready | ✓ |
| Multi-Tenant | ✓ |
| Serverless Application Stack | ✓ |
| Frontend | React Vite + MUI |
The Value You Get
0+
0+ months
0 week
Early Bird Pricing
Keystone Essentials
Keystone Plus
Keystone Essentials
Frequently Asked Questions
Keystone is built using AWS CDK following best practices for scalable, maintainable, and secure Infrastructure as Code. All building blocks and orchestration logic are TypeScript based, giving your team flexibility to change the building blocks and transparency in managing your cloud infrastructure.
Yes. All infrastructure is deployed into your own AWS Organization using Infrastructure as Code (CDK TypeScript). You retain full ownership of your infrastructure including a perpetual license to all provided code under your tenant.
Most Keystone Essentials implementations are started within 48 hours and delivered up to 5 business days after your initial assessment. Keystone Plus tend to be delivered in a longer timeframe due to the variance in security and compliance requirements.
We set up your multi-account, multi-region AWS Organization, your AWS accounts, audit trails, security access policies and guardrails, compliance checks, shared application infrastructure, monitoring, and CI/CD integration - all using tested, compliant building blocks. Setup includes training, documentation, and a knowledge handoff so your team can move forward with confidence.
Yes. Keystone is adaptable and modular by design. You can pick the building blocks that suit your needs, avoiding unnecessary bloat and cost. You can also bring your own building blocks or develop custom building blocks for your shared infrastructure platform.
Keystone includes an orchestration layer that lets you push infrastructure changes to any account or region through a simple configuration interface, all while staying within the guardrails of your setup.
Yes. All customers receive onboarding support limited to the plan they choose. They also receive access to our Documentation Hub. For ongoing needs, our CloudCare support services provides Slack AMA access, engineering hours, monthly health checks, and more. Get in touch to learn more.
Yes. All FIRSTBLOX-provided building blocks are battle-tested in real-world environments and validated against industry standards for security and compliance. We can also help you create compliant custom blocks for your internal teams.
Absolutely. While everything is designed for your team to own and operate, we offer subscriptions for long-term maintenance, support, and updates to any building blocks we provide.
Operational cost depends on the Keystone tier you choose and the building blocks selected based on your business stage. We help recommend best-fit building blocks to optimize for cost at your current stage, with the ability to add more as you grow. All infrastructure provisioned through Keystone is subject to standard AWS pricing for the deployed resources. Keystone tiers are designed to be as cost-efficient and adaptable as possible, avoiding unnecessary spend while giving you room to scale.
The SaaS foundation is our AWS native, Serverless application foundation stack to help you get started building product features on AWS. The application is multi-tenanted out of the box. It operation-ready with CICD, logging, tracing and monitoring setup and ready to configure. The stack that is also cost-optimized and designed to scale as your business grows. Save hundreds of hours by avoiding the tough development, deployment and operational challenges of building from scratch. The foundation allows you to focus on building features that truly matter to your customers in just a day instead of months. With a low total cost of ownership, our foundation solution is tailored for busy B2B teams. Take advantage of our comprehensive documentation hub to guide you through the development process.
The multi-tenant SaaS foundation stack is built using mostly AWS native and Serverless services and is designed to be as cost-efficient and adaptable as possible.
The stack includes:
- AWS Cognito
- AWS AppSync
- AWS DynamoDB
- AWS Lambda
- AWS S3
- AWS CloudFront
- AWS SSM
- AWS KMS
- AWS SNS
- AWS X-Ray
- AWS CDK TS
- AWS CodePipeline
- SendGrid Integration
- Slack Integration
- React + Material UI (TS)
- Projen
