All work
Killed

Aftermath

An incident memory layer for lean engineering teams. Built the full lifecycle, then shut it down when GTM did not pencil out.

Stack

TypeScript · Next.js · Supabase

Timeframe

May–Jun 2026

Role

Founder · Engineer

Overview

Aftermath was an incident memory product for engineering teams that do not have a dedicated SRE. It is a separate company and codebase from internal post-incident platform work I did at enterprise scale: same problem space, but built for teams that need the memory layer without a dedicated platform org. It captured what happened during an incident, turned the record into a post-mortem draft, and kept the result searchable for engineers and AI coding agents.

The Problem

Small teams still have real incidents, but the tooling around them is usually built for larger organizations. The response happens in Slack, a few links get pasted into a thread, someone rolls back a deploy, and the post-mortem is written later from memory.

That is enough to recover once. It is not enough to build a useful record. The next engineer or coding agent trying to understand a similar failure has to reconstruct the same context again.

The bet

If incident context is captured while the team is already responding, the post-incident record can become a durable asset instead of a cleanup chore.

What I Built

  • Cues that open an incident from a manual report, webhook, Sentry alert, or PagerDuty event
  • Live Stage, a real-time incident page for severity, affected services, links, Slack context, and timeline events
  • Encore, an AI-drafted post-mortem with summary, impact, root cause, resolution, lessons, and follow-ups
  • Playback, a searchable incident memory that keeps published post-mortems useful after the incident closes
  • Agent access for checking related incidents before a PR, finding a similar past outage, or drafting a runbook from history

The Tradeoff

The product has to avoid becoming another incident response system. PagerDuty, incident.io, Rootly, Slack, and observability tools already own parts of that workflow. Aftermath works best when it sits beside them: collecting useful signal, structuring the record, and making past incidents easy to reuse.

That constraint shaped the build. I kept the core loop narrow: open an incident, capture the timeline, draft the post-mortem, publish it into Playback, and expose that memory to people and agents. The deeper technical pieces stay behind the scenes so the showcase can stay focused on the product shape.

Why I Stopped

The product reached a working state. Cue through Live Stage, Encore, and Playback were built, along with Slack capture, GitHub and alerting monitors, Situation Rooms, and agent access over MCP. I dogfooded the loop on my own projects and ran research calls with lean teams. The problem was real; the build held together.

What did not hold together was distribution. Aftermath sits beside existing incident tools, which means the buyer already pays for PagerDuty, Sentry, or incident.io. That is a reasonable wedge for a memory layer, but it also narrows who will add another line item. Research calls confirmed the pain, but not a path I could reach without an enterprise sales motion, a content engine, or a partner channel I did not have.

I could keep building features. I could not see an accessible go-to-market strategy: one I could run solo, on a founder budget, without pretending product-led growth would carry a product that needs team adoption during an incident workflow. Shutting down was the honest call.

Positioning

Memory layer

Read-only layer beside PagerDuty, Sentry, Slack, and incident.io

Outcome

Killed

Full lifecycle shipped; project shut down June 2026

Target team

2–20 engineers

Engineering teams without a dedicated SRE or platform org

Status

Aftermath is no longer active. The case study stays here as a record of what I built and why I stopped.

  • Incident response
  • Developer tools
Made with ❤️ in 🇨🇦 · Copyright © 2026 Valentin Prugnaud
Foxy seeing you here!
Wondering if I'd fit your role?
Logo