We know the discovery motion is worth pursuing. The decision now is where the production version should live so interviews, ontology capture, ROI discovery, and Beam agent handoff work with enterprise reliability.
Audience: Aqib + JonasQuestion: production surfaceLens: business metrics first
#01
The problem
Process Discovery is no longer blocked by whether the idea makes sense. It is blocked by productionizing the stakeholder interview and evidence loop.
What is proven enough
The workflow has ingredients.
Ontology, stakeholder interviews, and ROI discovery are enough to justify moving from discovery into a production decision.
What gates progress
The interview loop must actually run.
Emails need to send, replies need to land, evidence needs to be attributed, and process maps need to update from that evidence.
Why platform matters
The surface decides the timeline.
Auth, customer data, permissions, audit, connectors, deployment, and rework risk are all consequences of where this lands.
#02
Recommendation and scorecard
Beam is the recommendation. The scorecard scores all three options against the criteria that actually move this decision — green is the home to build, red is the path to avoid.
Executive scorecard — the criteria that decide it
Decision criterion
Standalone wedgeAllow — wedge only
Beam platformRecommended
PrismAvoid as product
Time to production-ready MVP
~1-1.5 months
~2 months
~4-5 months
What it takes to get there
Pilot-only controls (throwaway)
Platform already hardened — inherited
+2-3 months to productionize Prism itself
Rework risk
Medium
Low
High
Fit with customers & sales story
New app to introduce; weak as a story
Customers already work here; one platform story
New product to stand up; weak as a customer story
Verdict
Use only to accelerate validation
Recommended
Do not use as production path
#03
Deep dive into the options
The production home determines which work we do now and which work becomes throwaway. This is the deeper read on each path.
Use this only if the immediate goal is customer signal before the Beam surface is ready. It should not become a separate production system.
Feature build~6 weeks
Security hardeningPilot-only
Rework riskMedium
Fastest path to a live customer signal — a demoable interview-to-process-map loop in a couple of weeks.
Good for learning, weak as a system of record; do not stand up a separate long-term auth, data, or deployment model.
Push outputs into Beam once the API contract exists — an accelerator to Beam, not a fork in the roadmap.
~2 month MVP
Beam platform
Build the MVP directly into the production surface where customers already connect tools, run agents, review outputs, and trust the workspace.
Feature build~6 weeks
Production-ready MVP~2 months (3 spins)
Rework riskLow
Customers already authenticate and work in Beam every day — no second app to trust, and the strongest one-platform sales story.
The hard parts already exist and are hardened: multi-tenant workspaces and RBAC, Gmail/Outlook reply handling, SES, consent gates, agent runtime, audit, and encryption.
Process Discovery naturally ends in Beam (process map to ROI to agent handoff), so the output lives where the next action happens — at the lowest rework risk.
Known platform issues
Productize native reply handling for interview loops.
Clarify permissions and RBAC for customer process data.
Harden connector reliability for email, calendar, Slack or Teams, and documents.
~6wk build + 2-3mo hardening
Prism
The feature itself is not materially harder to build in Prism. The delay is that Prism is a single-user desktop app today, so the customer-facing path means productionizing Prism itself first.
Feature build~6 weeks
Security hardening+2-3 months
Total to production~4-5 months
Rework riskHigh
Prism is a single-user desktop app today, so the customer-facing path means productionizing Prism itself first — a desktop-to-SaaS shift, not a feature add.
The enterprise foundations are missing: no multi-tenant isolation (local data, no RLS), security hardening still in flight, audit local-only, no SOC 2 or data residency.
Keep Prism as the internal discovery and handoff workbench that feeds Beam — useful, but not the customer runtime.
Prism security hardening and checks
Per-customer data isolation and workspace permission review (RLS).
Approval gates for outbound stakeholder communication.
Immutable audit trail, retention, and admin controls.
SOC 2 and data-residency posture for regulated buyers.
Secure reply capture and evidence attribution at enterprise reliability.
#04
What skipping the security work leaves
The hardening — per-customer isolation, audit trails, approval gates, encryption, compliance — is not optional polish. Skipping it does not save the time; it moves the cost to the worst possible moment, a customer incident. Two things it leaves us exposed to.
Risk 1
Potential security breaches
Without per-customer isolation, an immutable audit trail, encryption-at-rest, and approval gates on outbound email, sensitive process evidence and stakeholder quotes are exposed to cross-tenant leakage, unreviewed external messages, and untraceable actions. On Prism today, workspace data sits in local storage with no row-level security and the security pass is still mid-flight — that is exactly the gap a breach walks through.
Risk 2
Lack of trust with customers
Regulated buyers in banking and insurance ask for the audit trail, data residency, and SOC 2 posture before they move past POC. No hardening means no enterprise deal — and a single breach with a design partner erases the credibility the whole discovery motion depends on. Trust is the product here; you only get to lose it once.
Why this decides the production home
Beam already carries most of this hardening. Prism would have to build all of it under deadline pressure — which is why "just ship it in Prism" quietly means "ship the security risk too."
#05
The one decision
This is a single call, not four: which platform do we build and productionize Process Discovery on? Pilot scope, owners, and the success metric all follow from that one choice.
Build Process Discovery on the Beam platform.
Use the standalone app only as a short pilot wedge if we need a faster signal, and keep Prism as the internal discovery workbench. Everything else — pilot scope, owners, the success metric — is execution that follows this one decision.