Case Study

Typesense Finds Scrut’s Single Window Platform An Instrumental Tool In Achieving SOC 2 Compliance

Group 281.png

Typesense Inc.




Product Used

Search Engine

GRC platform, Scrut Octopus


SOC 2 Type II

Typesense is an open-source typo-tolerant search engine with an intuitive developer experience that aims to make great search technology accessible to everyone. Most search technologies existing for developers today have a heavy and complex learning curve, which is what Typesense aims to eliminate with their lightning-fast search experience that returns significant results right away while being affordable and ops-friendly.

The Context

When building Typesense, the founders - Jason Bosco and Kishore Nallan, were aware that they would eventually have to pursue compliance. However, the actual trigger came soon enough when their clients who had achieved SOC 2 compliance required them to have an external accreditation as well in order to close the deal.

As an organization that enables websites and applications to build a search technology that features their own data, it was imperative for Typesense to have proof of security controls - which led them to choose a SOC 2 Type II audit for their organization. Being a lean bootstrapped and customer-funded team, they wanted to automate their compliance processes to minimize the bandwidth strain on their engineering team. Scrut Automation was the perfect solution to help them achieve timely SOC 2 compliance without extensively depleting their resources, time, and money.

Group 265.png

The Solution

Scrut Automation proved to be of high value and was instrumental in guiding Typesense towards the right solution to their problems while undergoing the SOC 2 audit. The GRC platform powered by Scrut Automation was a one-stop solution for everything from identifying gaps in controls to managing external audits. The team especially found the self-service dashboard, which provided real-time progress reports, particularly helpful, as it quickly enabled Typesense to fix different gaps across their cloud accounts.

The customer success team at Scrut came armed with deep SOC 2 knowledge and guided the Typesense team in updating their policies in line with SOC 2 practices and collecting the right evidence with minimal friction to prove their compliance. Typesense leveraged Scrut’s extensive managed marketplace, with the VAPT consultant sourced and managed directly through the platform.

Group 266.png

The Impact

Despite a small team, Typesense was able to streamline their efforts for SOC 2 compliance without taking away bandwidth from their engineering teams. Navigating through the platform was easy and made it a breeze to identify roadblocks, perform remediation activities, and assess risks. Integrating security policies and controls helped Typesense strengthen its security posture and stay compliant every day.

Group 267.png

Three things that Typesense liked about Scrut Automation:

Group 271.png

Easy-to-navigate dashboards that act as a one-stop to monitor infosec posture in real time

Group 279.png

In-built marketplace with a network of vetted auditors and consultants armed with industry best practices

Group 273.png

Guided support from the customer success team to reduce the complexity of the audits

Group 274.png
Group 275.png

It was essential for us to find the right firm to support us in our journey of SOC 2 compliance and Scrut Automation came in fully charged with extensive and deep knowledge and automation tools. Their platform allowed us to fast-track the audit process, leading us to complete the certification without a hitch.

Jason Bosco

CEO & Co-Founder

Learn more about Typesense's journey with us

Group 278.png

Simplify Compliance:
Get Started with Scrut Automation