Fifteen years in QA — senior engineer, then manager — shipping software where bugs actually cost money. Enterprise email security at Proofpoint. Federal systems for the ATF. A regulated tokenized-securities platform. A top-trending 2021 crypto token through its $4B peak. The common thread isn't the industry; it's that every one of those teams couldn't afford to ship a false positive.
Gloxx exists because most software companies are stuck in the same trap. Engineering ships every week. Nobody owns QA full-time. Bugs leak into production. The team knows they need a real QA function, but a director plus two engineers is $400–600k a year fully loaded — and a six-month recruiting cycle most CTOs can't afford. So they keep limping along on engineer-tested code and hoping the next release goes smoothly. It usually doesn't.
The Gloxx Retainer is the answer to that math. $15,000 a month, month-to-month — a senior QA team embedded with your engineers, owning the release gate, ramped in two weeks. A fraction of the cost of building it in-house, with none of the headcount risk. The leverage that makes the math work is AI: Claude Code in every session, Routines running unattended between syncs, eval harnesses producing output that I review and sign before it ships. That's the engine. The output is the same QA discipline I've shipped at Proofpoint, the ATF, Prometheum, and on regulated crypto at $4B-scale user load — just delivered as a service.
And the 2026 wave of AI features made the gap worse. Most teams' release gates were never designed for non-deterministic output. The demo looks great. The eval harness doesn't exist. A week later, a customer screenshots a hallucination and the Slack channel lights up. That's the specialty layer we built on top of the general QA function — AI used carefully, with humans accountable for every line of eval that ships. DeepEval, promptfoo, LangSmith, Playwright, Claude Code — real tools, real workflow, real review. Included in the retainer at no surcharge.
What I've shipped in 15 years of QA
- Senior QA engineer at Proofpoint, the multi-billion-dollar enterprise security firm — shipping release-critical work across threat protection, email security, and information governance for customers with no tolerance for regression.
- Government contractor for the ATF (Bureau of Alcohol, Tobacco, Firearms and Explosives) — applications handling sensitive data, strict access controls, and the release discipline the federal threat model requires.
- Led the QA function at LuminousDap, a development agency shipping release-critical client work — setting how the team approached review rigor, release gates, and test-authoring discipline across multiple codebases.
- Ran QA for a top-trending 2021 crypto token through its peak at a $4B market cap — release cadence, regression discipline, and behavior verification under genuine user load.
- Authored the release-gate checklist that's now the core of the Gloxx approach — refined over years of "what actually catches bugs before prod," then extended to cover AI output quality, prompt regression, and eval gating.
- Built the QA AI program at Prometheum, the SEC-registered digital-asset securities platform — putting agentic testing workflows on the release path for a regulated product, which is where AI-QA discipline either works or gets you fined.
- Built internal AI-augmented testing tooling before Claude Code existed — early enough to know which parts of the workflow were genuinely improved by agents and which were just fashion.
How the team is staffed. Engagements are founder-led — I'm on every weekly sync, every release-gate sign-off, every escalation. Specialist contractors (automation, AI eval, performance, security testing) are staffed in as the work demands. One number, one accountable lead, no offshore handoff.
If any of that sounds like the kind of partner you want standing between your release branch and your production incident channel, let's talk.