Typesense Finds Scrut’s Single Window Platform An Instrumental Tool In Achieving SOC 2 Compliance
GRC platform, Scrut Octopus
SOC 2 Type II
Typesense is an open-source typo-tolerant search engine with an intuitive developer experience that aims to make great search technology accessible to everyone. Most search technologies existing for developers today have a heavy and complex learning curve, which is what Typesense aims to eliminate with their lightning-fast search experience that returns significant results right away while being affordable and ops-friendly.
When building Typesense, the founders - Jason Bosco and Kishore Nallan, were aware that they would eventually have to pursue compliance. However, the actual trigger came soon enough when their clients who had achieved SOC 2 compliance required them to have an external accreditation as well in order to close the deal.
As an organization that enables websites and applications to build a search technology that features their own data, it was imperative for Typesense to have proof of security controls - which led them to choose a SOC 2 Type II audit for their organization. Being a lean bootstrapped and customer-funded team, they wanted to automate their compliance processes to minimize the bandwidth strain on their engineering team. Scrut Automation was the perfect solution to help them achieve timely SOC 2 compliance without extensively depleting their resources, time, and money.
Scrut Automation proved to be of high value and was instrumental in guiding Typesense towards the right solution to their problems while undergoing the SOC 2 audit. The GRC platform powered by Scrut Automation was a one-stop solution for everything from identifying gaps in controls to managing external audits. The team especially found the self-service dashboard, which provided real-time progress reports, particularly helpful, as it quickly enabled Typesense to fix different gaps across their cloud accounts.
The customer success team at Scrut came armed with deep SOC 2 knowledge and guided the Typesense team in updating their policies in line with SOC 2 practices and collecting the right evidence with minimal friction to prove their compliance. Typesense leveraged Scrut’s extensive managed marketplace, with the VAPT consultant sourced and managed directly through the platform.
Despite a small team, Typesense was able to streamline their efforts for SOC 2 compliance without taking away bandwidth from their engineering teams. Navigating through the platform was easy and made it a breeze to identify roadblocks, perform remediation activities, and assess risks. Integrating security policies and controls helped Typesense strengthen its security posture and stay compliant every day.
Three things that Typesense liked about Scrut Automation:
Easy-to-navigate dashboards that act as a one-stop to monitor infosec posture in real time
In-built marketplace with a network of vetted auditors and consultants armed with industry best practices
Guided support from the customer success team to reduce the complexity of the audits
It was essential for us to find the right firm to support us in our journey of SOC 2 compliance and Scrut Automation came in fully charged with extensive and deep knowledge and automation tools. Their platform allowed us to fast-track the audit process, leading us to complete the certification without a hitch.
CEO & Co-Founder