Rafal Kochanowski

One engineer, real answers, no theatre

TL;DR

Technical assessments

Independent technical review before a high-stakes decision, after something has gone wrong, or when you simply want a clear, outside view of where your system stands.

An assessment is collaborative work. Depending on the system and the situation, it involves conversations with you, sessions with the team, and clarification meetings throughout. If you want daily status check-ins, that's part of the engagement too.

I do this work alone. No agency, no junior analysts, no account managers between you and the person doing the analysis. This keeps costs lower than comparable engagements at consultancies, and it means you get one consistent judgment. The trade-off: I focus on what I know well.

The work is system-level analysis, not line-by-line code review. I look at how the system fits together, where the risks are, and what's worth deeper attention. My analysis can combine different areas:

Every technical assessment includes a report with my findings, risks, and recommendations, plus a walk-through session where we go through it together.

In scope

  • Code quality and maintainability
  • Technical debt assessment
  • Database design and data layer
  • Backend systems and APIs
  • Infrastructure and deployment
  • Performance and scalability
  • Application-level security
  • Analysis of past failures
  • Team capabilities and key person risk
  • AI in development workflows
  • Long-term technical strategy

Out of scope

  • Specialized security certification
  • Regulatory compliance audits
  • Embedded systems
  • Mobile-native development
  • Game development
  • Blockchain-specific audits

For EU-facing applications, technical GDPR review can be included as part of any engagement. This means checking whether the implementation matches your existing privacy documentation, and whether the documentation reflects what the system actually does. This is a technical review, not a formal compliance audit, and it does not replace assessment by a qualified legal professional.

AI-Built App Audit

Pre-production review of applications built with AI coding tools

You've built an application using AI tools and it works well enough in development. Before you put it in front of users, customers, or investors, you want to know what's actually under the hood.

  • Production readiness
  • What AI tools missed
  • Hidden failure modes
  • Architectural coherence
Post Mortem & Root Cause Analysis

Independent investigation of what went wrong and why

Something failed, or something keeps failing. You want to understand what actually happened, why it happened, and how to make sure it doesn't happen again.

Across years working with different teams and companies, I've seen the same pattern repeatedly: the visible failure gets treated as the cause, and the response is a quick patch instead of the harder structural fix, so the same class of problem returns in a new form. The real cause often sits in a layer no one is looking at, sometimes outside the code or outside the development team entirely.

  • Symptoms vs. actual causes
  • Cross-layer investigation
  • Recurring failure patterns
  • Prevention over quick fixes
Acquisition Due Diligence

Technical assessment of a target company before purchase

You're planning to acquire an existing software product or tech company. You need to know what you're actually buying and whether the technical specifics are in line with the offer.

This is the kind of knowledge that lets you negotiate from facts.

  • Valuation justification
  • Hidden technical risks
  • Seller claim verification
  • Integration requirements
Pre-Fundraising Review

Technical preparation before investor due diligence

You're preparing for a funding round. Investors will run technical due diligence as part of the round.

This review prepares you for that conversation, surfacing the issues that typically come up so you can address them or be ready to explain them.

  • Investor-DD perspective
  • Pre-raise improvements
  • Investor expectations gap
  • What to fix vs. acknowledge
Custom Engagements

Assessments shaped to your specific situation

Not every situation fits the patterns above. A partial assessment, a second opinion on someone else's work, a focused review of one concern, a recurring check during ongoing development. As one person without a fixed process, I can shape the engagement around what you actually need.

Ongoing work

After a thorough assessment, I have a deep external view of the system. If ongoing support makes sense for you, this is a natural starting point.

You don't need an assessment to work with me. The work can range from hands-on engineering to architecture and advisory support.

Pricing

These are indicative ranges. Final pricing and billing format are agreed after we scope the work together.

About me

Profile photo

I combine a business-oriented mindset from startup and product environments with engineering depth built through enterprise systems work. Big-picture thinking and attention to detail complement each other, so I can see what's broken and why it matters for the business.

Career

I've been working with computers and programming since childhood, but I consider 2007 to be the official start of my career, when I founded an IT company in Poland. At that time, I collaborated with business partners on various projects, provided search engine advertising services, and worked on my own startup. It was a time of youth, intense experimentation, and learning from my mistakes.

After building my own product startup, I joined established software companies, including a B2B SaaS organization during its Series A phase and later enterprise environments.

It hasn't been a linear career path. I've held various roles and worked with many technologies. I've worked across quality assurance, optimizing development processes and Agile practices, risk analysis, building development support tools, infrastructure, CI/CD, performance testing, and security. I also served in a more traditional software engineering role, working on complex enterprise systems, dealing frequently with legacy code, a lack of documentation, unclear requirements, and complex integrations - all under time pressure where trade-offs were necessary. Beyond implementation, I've designed system architectures and worked on requirements and estimation.

Building applications for EU markets across these years has also meant working with GDPR, both before and since its 2018 implementation.

Recently, I have focused on building AI-native products and on AI-assisted development workflows. Both inform how I approach AI-built codebases today.

Looking back, several threads run through this work: code review, analyzing and modernizing legacy systems, risk analysis, and working closely with CTOs and business stakeholders. These are the foundations of technical assessment, and recognizing them is what influenced my choice to offer this as a focused service.

Experience

Resources

Working style

I believe in open communication, with no company politics. I focus on what matters, cutting the noise. I avoid over-promising and I'm careful with estimations.

You don't pay for report pages, you pay for insights. The report is as long as the system requires. What you pay for is information that matters for your situation, not filler that doesn't help you decide.

In ongoing engagements, I have no reason to prolong tasks endlessly. Plenty of unsolved problems are always waiting.

Contact

I work with clients across the EU. Everything is handled in English. All work is remote. For longer-term collaborations, meeting in person can still be valuable.