I hear Vanta advertise regularly on This Week in Startups and think I remember them being interviewed recently on the pod saying cost was $5K to $10K for typical startups, vs $30K for other companies providing SOC2.
Note the podcast has an offer _ TWiST listeners can get $1,000 off for a limited time at vanta.com/twist_
Andy’s right on Vanta pricing — just mention you read about Vanta on Capiche and we’ll make sure you get the friends and family discount.
This isn’t being marketed yet, but we are running an ISO beta — just ask to be added to that. And then on SOC 2, we’ve had folks go from new user onboarding to SOC 2 report in hand in 18 days (actually, not hyperbole) so have your back there as well.
Haven't looked at SecureFrame yet, but you may want to look at heylaika.com. Their basic package starts around $15K/year.
Secureframe's pricing starts at $12,000 for companies under 50 employees. We offer SOC 2 and ISO 27001 today and are launching end-to-end HIPAA and PCI out of beta soon and many more soon.
Our ISO 27001 product is a lot more than just a readiness report, it's end-to-end. ISO 27001 is more prescriptive than SOC 2, requires independent internal audits, and typically has more legwork. It's also split up into two stages. Secureframe helps with all these pieces and is the only security compliance platform with its own SOC 2 Report and ISO 27001 certification (https://secureframe.com/security).
Secureframe has more automation and more integrations than any other platform (https://secureframe.com/integrations). And this allows us to get SOC 2 audits for our customers as low as $7,500.
We just wrapped up our SOC2 type 2 at Vendr and we used a combination of software + services.
SaaS: Vanta. No brainer. Makes the process seamless and cheaper because of the automated test coverage. @Christinac huge fans :)
Services: We used https://www.darata.com/ for the audit. They were great and happy to make an intro for anyone interested.
In terms of price, the audit will depend on your size/sophistication. For a company like ours (~2yrs old; 65 ppl), I'd estimate $11k-18k for the services portion of the audit.
A couple of Drata’s customers pointed us to this thread, so happy and appreciative to add a note here…
Trust the absolute core value at Drata, the world’s fastest growing SOC 2 automation platform. Trust dictates how we build product, how we hire, how we market, and how we deliver for our customers.
Drata is the only SOC 2 automation company with its pricing publicly available on its website (https://drata.com/pricing). No internet forums or threads just to learn what something costs. No games of who can negotiate best. Just simple, honest engagement with our customers and prospects.
Drata is also the only single-tenant architected system in this space, which means customer data never touches the data of another customer. This is your security posture data after all. Again, all decisions come back to a simple, honest core value of TRUST.
Feel free to learn more from the most important voice at the table here, the customer (https://drata.com/customers)
I have several gmail accounts. Superhuman onboarding created a split inbox for me with a calendar ICS and I forgot how to do it. Can anyone provide the steps to do this, please?
I've used Airtable extensively to build simple internal apps as minimal viable products, but would love to build something bigger without coding. What are your favorite tools to build MVPs?
My Knowledge Processing Pipeline looks like this: Instapaper → Readwise → Roam Research. Recently I struggled with discovering quality content to pipe through the line. What’s your way to fill yo...