Frequently Asked Questions¶

For Engineering Leaders¶

Why now?

Engineering velocity is accelerating—governance hasn't kept up
AI and automation are introducing more risk into workflows
Regulators are starting to expect software compliance artifacts
Companies want traceable policies, but not the overhead of compliance teams

Warestack gives you policy-level confidence without process-level drag.

What is the job needs to be done (JTBD)?

Ensure every deployment to protected branches (like main or release) follows org policies.

Is this a nice-to-have or a must-have?

If you've ever asked:

"Who pushed that change?"

"Did we skip any checks?"

"Why didn't we catch this earlier?"

Warestack becomes the answer system.

It moves governance from reactive postmortems to proactive visibility.

Who's the buyer?

Initial buyer: Platform Engineering / DevOps leads

They feel the daily pain of missed checks, manual audits, and failed accountability.

Expansion buyers:

CTOs want visibility and confidence in delivery practices
SREs want fewer postmortems
Compliance & Security teams want traceability without slowing developers down

What are typical early signs of traction?

From current pilots and interviews, the most common buyer reactions are:

"We've been doing this manually for years."
"I wish I had this during our last incident."
"This helps my team build trust without nagging them."
"Our security team will love this."

These moments consistently unlock multi-team adoption.

For Developers¶

Will this slow down our developers?

The opposite. Warestack eliminates confusion about rules and reduces back-and-forth on approvals. Teams report ~10× faster release flow for compliant changes because rules are clear and automated.

How easy is it to adopt?

2-minute GitHub App install
First rules active within 15 minutes
Full team onboarding typically completed in 1-2 days
No agents, no breaking changes, no pipeline rewrites
Our agent proactively surfaces violations, edge cases, and missing rules

What happens if Warestack goes down?

Your existing GitHub protection rules continue working as normal. Warestack enhances but doesn't replace your baseline protections.

Do you store our code?

No. Warestack only accesses metadata (PR titles, commit messages, file paths, review status). We never store or process your actual source code.

For Executives¶

How big is the opportunity?

Warestack sits at the intersection of three high-growth markets:

DevOps & CI/CD governance — engineering teams now ship code dozens of times a day. Controlling how that code reaches production is no longer optional.
AI-enhanced developer tooling — teams want smart assistants that explain, guide, and adapt—not more dashboards.
Compliance & audit automation — companies are under pressure to meet internal and external requirements without slowing delivery.

Combined, this creates a $20B+ addressable market with massive whitespace in the governance layer—which today is either ad hoc, tribal, or completely missing.

Expansion potential:¶

Start with engineering orgs (50+ devs, GitHub-native)
Expand to compliance, security, and product ops
Extend beyond tech: healthcare, finance, logistics—any regulated or risk-sensitive vertical that deploys software

Every organization that pushes code to production needs a way to control it, explain it, and trust it.

Warestack becomes that layer.

What's the typical ROI timeline?

Most teams see immediate value:

Week 1: Catch first rule violations that would have been missed
Month 1: 25% reduction in manual governance overhead
Month 3: Measurable improvement in audit readiness and compliance
Month 6: Full ROI through prevented incidents and faster audits

How do you compare to building this internally?

Internal solutions typically take 6-12 months to build and require ongoing maintenance. Warestack provides enterprise-grade features (natural language rules, cross-tool integration, audit trails) that would cost $200K+ to develop internally.

What if we outgrow Warestack?

Warestack is built for scale. Our largest customers have 500+ developers across dozens of repos. The platform grows with you—from single-team to enterprise-wide governance.

Technical & Competitive¶

What makes this unique?

We combine natural language rules, context-awareness, and explainable decisions.

What makes it defensible?

Context engine: Reasoning across GitHub, Slack, Calendar, Linear
Adaptive rules: Change enforcement behavior by scenario
Audit layer: Every decision is explained and logged
Rule marketplace: Community patterns drive network effect
Reward loop: Leaderboards build internal champions
Academic foundation: PhD-level research on adaptive DevOps governance
Real-world validation: Years of consulting experience across UK tech startups

Why doesn't GitHub already solve this?

If you've ever asked "Who broke this?" or "Was this reviewed?"—yes.

Rules are repo-scoped and static
There's no context awareness (e.g. urgency, reviewer availability)
No visibility post-merge: what happens after code is approved is invisible
No centralized insight across repos, teams, or policy evolution

How long does implementation take?

2-minute GitHub App install
First rules active within 15 minutes
Full team onboarding typically completed in 1-2 days
No pipeline changes or agent installations required

Pricing & Business¶

How do you charge?

SaaS pricing per active engineer (typically $15–25/user/month)
Enterprise tiers for advanced features like:
- SOC2-ready audit reports
- Predictive policy analysis
- Historical incident mapping
- Custom rule marketplace access
Add-ons for policy simulations and the governance assistant (Slack-native)
ROI comparison: Manual governance typically costs $50-100/developer/month in lost productivity

What's included in the free tier?

Up to 5 developers
Basic GitHub integration
Standard rule templates
Slack notifications
30-day audit history

Do you offer enterprise/self-hosted options?

Yes. Enterprise customers can deploy Warestack on-premises or in their private cloud for enhanced security and compliance requirements.