You sound like somebody who feels comfortable handling security, but for boostrapped and/or a self-funded or even small funded startups, that's extra money that goes to plug a major whole that didn't exist with Parse because they made user authentication, permissions, and security simple.

I'm no security expert. So now instead of concentrating on growing the user base, gaining traction and making the best experience possible for our users, that means finding, interviewing, and hiring more people to handle back-end security which takes a lot of time out of improving the product.

How time consuming on a hours per day would it be to stay on top of handling security on your own? How many engineers would it take and at what cost per engineer?