Typesense Finds Scrut’s Single Window Platform An Instrumental Tool In Achieving
SOC 2 Compliance

Typesense Inc.


Search Engine

Product Used
GRC platform, Scrut Octopus

SOC 2 Type II

Typesense is an open-source typo-tolerant search engine with an intuitive developer experience that aims to make great search technology accessible to everyone. Most search technologies existing for developers today have a heavy and complex learning curve, which is what Typesense aims to eliminate with their lightning-fast search experience that returns significant results right away while being affordable and ops-friendly.

The Context

When building Typesense, the founders – Jason Bosco and Kishore Nallan, were aware that they would eventually have to pursue compliance. However, the actual trigger came soon enough when their clients who had achieved SOC 2 compliance required them to have an external accreditation as well in order to close the deal.

As an organization that enables websites and applications to build a search technology that features their own data, it was imperative for Typesense to have proof of security controls – which led them to choose a SOC 2 Type II audit for their organization. Being a lean bootstrapped and customer-funded team, they wanted to automate their compliance processes to minimize the bandwidth strain on their engineering team. Scrut Automation was the perfect solution to help them achieve timely SOC 2 compliance without extensively depleting their resources, time, and money.

The Solution

Scrut Automation proved to be of high value and was instrumental in guiding Typesense towards the right solution to their problems while undergoing the SOC 2 audit. The GRC platform powered by Scrut Automation was a one-stop solution for everything from identifying gaps in controls to managing external audits. The team especially found the self-service dashboard, which provided real-time progress reports, particularly helpful, as it quickly enabled Typesense to fix different gaps across their cloud accounts.

The customer success team at Scrut came armed with deep SOC 2 knowledge and guided the Typesense team in updating their policies in line with SOC 2 practices and collecting the right evidence with minimal friction to prove their compliance. Typesense leveraged Scrut’s extensive managed marketplace, with the VAPT consultant sourced and managed directly through the platform.

The Impact

Despite a small team, Typesense was able to streamline their efforts for SOC 2 compliance without taking away bandwidth from their engineering teams. Navigating through the platform was easy and made it a breeze to identify roadblocks, perform remediation activities, and assess risks. Integrating security policies and controls helped Typesense strengthen its security posture and stay compliant every day.

Three things that Typesense liked about Scrut Automation:

Easy-to-navigate dashboards that act as a one-stop to monitor infosec posture in real time

In-built marketplace with a network of vetted auditors and consultants armed with industry best practices

Guided support from the customer success team to reduce the complexity of the audits

Jason Bosco
CEO & Co-Founder

It was essential for us to find the right firm to support us in our journey of SOC 2 compliance and Scrut Automation came in fully charged with extensive and deep knowledge and automation tools. Their platform allowed us to fast-track the audit process, leading us to complete the certification without a hitch.

Learn more about Insightly’s journey with us

Simplify Compliance:
Get Started with Scrut Automation