Secureframe's pricing starts at $12,000 for companies under 50 employees. We offer SOC 2 and ISO 27001 today and are launching end-to-end HIPAA and PCI out of beta soon and many more soon.
Our ISO 27001 product is a lot more than just a readiness report, it's end-to-end. ISO 27001 is more prescriptive than SOC 2, requires independent internal audits, and typically has more legwork. It's also split up into two stages. Secureframe helps with all these pieces and is the only security compliance platform with its own SOC 2 Report and ISO 27001 certification (https://secureframe.com/security).
Secureframe has more automation and more integrations than any other platform (https://secureframe.com/integrations). And this allows us to get SOC 2 audits for our customers as low as $7,500.
Andy’s right on Vanta pricing — just mention you read about Vanta on Capiche and we’ll make sure you get the friends and family discount.
This isn’t being marketed yet, but we are running an ISO beta — just ask to be added to that. And then on SOC 2, we’ve had folks go from new user onboarding to SOC 2 report in hand in 18 days (actually, not hyperbole) so have your back there as well.
I hear Vanta advertise regularly on This Week in Startups and think I remember them being interviewed recently on the pod saying cost was $5K to $10K for typical startups, vs $30K for other companies providing SOC2.
Note the podcast has an offer _ TWiST listeners can get $1,000 off for a limited time at vanta.com/twist_
.jpg){kind=avatar}
Hi @gabriel - vendors in this space tend to price based on their level of automation and the depth of their partner audit network.
I can't speak for others, but Vanta pricing starts at $15k for companies with 1-20 employees (and goes down the better you negotiate). :)
We just wrapped up our SOC2 type 2 at Vendr and we used a combination of software + services.
SaaS: Vanta. No brainer. Makes the process seamless and cheaper because of the automated test coverage. @Christinac huge fans :)
Services: We used https://www.darata.com/ for the audit. They were great and happy to make an intro for anyone interested.
In terms of price, the audit will depend on your size/sophistication. For a company like ours (~2yrs old; 65 ppl), I'd estimate $11k-18k for the services portion of the audit.
A couple of Drata’s customers pointed us to this thread, so happy and appreciative to add a note here…
Trust the absolute core value at Drata, the world’s fastest growing SOC 2 automation platform. Trust dictates how we build product, how we hire, how we market, and how we deliver for our customers.
Drata is the only SOC 2 automation company with its pricing publicly available on its website (https://drata.com/pricing). No internet forums or threads just to learn what something costs. No games of who can negotiate best. Just simple, honest engagement with our customers and prospects.
Drata is also the only single-tenant architected system in this space, which means customer data never touches the data of another customer. This is your security posture data after all. Again, all decisions come back to a simple, honest core value of TRUST.
Feel free to learn more from the most important voice at the table here, the customer (https://drata.com/customers)
Looking for a better way to plan remote meetings across time zones, and keep up with events. What software is doing that best today?
Vanta's CEO Christia Cacioppo was interviewed on Capiche.FM back in December.
Recording link here: https://capiche.fm/saas/vanta-chat-with-christina-cacioppo