Patched

What do they actually do

Patched builds software that lets enterprise IT, SRE, and ops teams define and run automated workflows that remediate incidents, handle service requests, and take care of routine engineering upkeep. It is designed to run inside a company’s own infrastructure with clear guardrails and audit logs, so teams can keep control over credentials, change history, and execution.

Teams use it to close production tickets faster, fix CI failures, upgrade dependencies, and generate vulnerability‑fix pull requests with repeatable steps rather than ad‑hoc manual work. Patched provides a self‑hosted platform and an open‑source toolkit for building reproducible “autofixes” and runbooks as code, integrating with repos, CI/CD, alerting, and ticketing systems.

Who are their target customer(s)

• SRE and incident‑response teams: They have to follow brittle runbooks and perform manual fixes under time pressure, which slows mean‑time‑to‑recovery and risks human error.
• DevOps and platform engineers: They face constant toil from dependency upgrades, flaky CI, and repetitive PR chores that block feature delivery and require reproducible fixes integrated with repos and pipelines.
• Security / DevSecOps teams: They manage large backlogs of vulnerabilities and manual triage steps (scan → investigate → patch → PR), and need safer, repeatable ways to generate fixes and open PRs without hand‑editing every change.
• Engineering managers and maintainers: A significant share of developer time goes to maintenance, docs, and post‑commit chores, which delays new work and lowers morale; they want automation that keeps quality up while freeing engineers for product work.
• Large, regulated IT organizations: They require self‑hosted, auditable automation with strict governance; black‑box cloud agents and open networked tools are often unacceptable without clear guardrails and inspection.

How would they acquire their first 10, 50, and 100 customers

• First 10: Run 2–4 week, self‑hosted technical pilots with early community users (e.g., Patchwork contributors/stargazers) and YC contacts to automate a narrow set of recurring incidents or vulnerability fixes in exchange for feedback and references.
• First 50: Publish turnkey autofix templates and integration recipes (CI, PagerDuty, ServiceNow) so SRE/DevOps teams can self‑try, then convert via webinars, community posts, and targeted outreach to similar profiles.
• First 100: Hire a seller‑engineer to close regulated IT/security pilots, ship compliance/audit artifacts and self‑hosted guides, and standardize onboarding and MSAs so pilots expand across platform, security, and incident‑response teams.

What is the rough total addressable market

Top-down context:

Patched sits across DevOps tooling (~$16B), observability (~$3B), security/vulnerability management (~$16–17B), and AIOps (~$2.2B) today, based on recent market reports (Mordor Intelligence, Grand View Research, Grand View/MarketsandMarkets, Fortune Business Insights).

Bottom-up calculation:

Raw sum ≈ $37.2B (16 + 3 + 16 + 2.2), but these categories overlap materially; applying a 40–50% overlap discount yields an adjusted TAM of roughly $18–25B. Initial SAM (focus on mid‑to‑large, regulated enterprises) is ~20–30% of TAM, or ~$4–7B.

Assumptions:

• Significant category overlap (shared buyers/budgets and vendors spanning multiple segments) justifies a 40–50% discount on the raw sum.
• Early go‑to‑market targets mid‑to‑large enterprises with SRE/DevOps and governance needs, representing ~20–30% of the adjusted TAM.
• Figures use recent baselines (2023–2025) from cited reports; growth in automation/agent adoption likely expands the pool over time.

Who are some of their notable competitors

• PagerDuty: Incident response with runbook automation; offers alerting plus Runbook Automation that executes scripted remediation via on‑prem runners, overlapping with automated incident playbooks and self‑service tasks (product).
• Rundeck: On‑prem runbook/job automation used to store runbooks, run commands against servers, and audit runs—commonly chosen for in‑house orchestration over external agentic systems (docs).
• StackStorm: Open‑source, event‑driven automation linking monitoring events to multi‑step remediation workflows executed inside customer environments, enabling auto‑remediation flows similar in intent to Patched (overview).
• Snyk: Developer security platform that scans code/dependencies and can create automatic fix PRs for vulnerabilities—overlaps with the security remediation use case (docs).
• Dependabot (GitHub): Automated dependency‑update bot that opens PRs to keep libraries current and CI passing, covering a narrow but common maintenance workload (docs).