Aayush Ghosh Choudhury
We are entering the Spring of 2024 with fresh new capital – to aid us in our vision of making GRC processes frictionless.
We came across the problem of security compliance when Jayesh (my Co-founder) and I were selling a SaaS product for large enterprises. As a small team of less than five, we had to work hard to demonstrate our security, compliance, and risk posture so that our prospects would take us seriously.
We built a few low-fidelity automations to help us get through this, and in the process, uncovered a pain point that we could relate to and were excited by. When we dug deeper and spoke to other companies to see how they dealt with the problem, we realized a gaping hole in the market. And that’s when Scrut Automation was born.
Two years in, what started as a passion project, has become a full-stack GRC platform.
Untangling the compliance and risk complexities
While the burden on small and mid-market companies to comply with multiple regulations and standards has increased many times over in recent years, most companies are still dealing with spreadsheets, drive folders, and shared documents, to manage their compliance and risk programs. The broken and manual processes often yield risk registers that are static, point-in-time, and seldom reviewed before the next audit cycle.
Compliance and risk management is a team sport – and GRC teams have to work with several different internal (such as IT, DevOps, HR, or Engineering) and external stakeholders (such as pentesters, auditors, or customer audit teams) to get the job done on a continuous basis.
But nobody likes chasing or getting chased. And nobody likes logging into ten different tools everyday to manage the same information.
And Yet Another Framework (YAF) Alert! Nobody likes to do the same thing again and again.
The processes are manual and error-prone, and GRC teams are constantly fighting a thousand fires almost all the time. The fatigue is real, almost palpable.
While there is a clear need for centralizing GRC artifacts, automating evidence collection workflows, and tracking compliance tasks, legacy GRC tools are cumbersome, hard to deploy, and, quite frankly – an overkill.
The idea behind Scrut is quite simple – make GRC frictionless and delightful.
So we built the Scrut Platform to solve this problem. The platform blends into users’ existing workflows and tech stack, quietly tracking compliance tasks, collecting evidence artifacts, and intimating people when tasks are due. And does so without stakeholders needing to switch from the platform they use daily, irrespective of their function.
Additionally, it eliminates the YAF fatigue by cross-mapping common controls to multiple frameworks, so users never have to repeat the same task.
What’s Next for Scrut?
In the last two years, we have gathered believers – folks who share our obsession to make a relatively unsexy, and somewhat intimidating software category delightful and pragmatic for small and mid-market companies.
- We’ve grown from 3 founders obsessing over a problem to 120+ colleagues across three continents.
- We have launched 5 new modules, built in over 30 frameworks out of the box, added over 70 integrations to a growing library, and developed deeper process reconfigurability across the platform.
- We’ve grown to 800+ customers across the globe, growing over 350% year on year.
- We got recognized as a momentum leader in Security Compliance in G2, and identified as a key player in the GRC segment by Gartner.
- We’ve added a clutch of angels and advisors like Sandeep Johri (Checkmarx), Sachin Lawande (Visteon), Shreesha Ramdas (Lumber), Davis Hake (Resilience), Vetri Vellore (Microsoft), Naresh Agarwal (Traceable) who share our vision.
We’ve learned a few hard lessons, and our customers and advisors have been kind enough to help us navigate them. Our customers have continued to show faith in us and the problems we solve, and we continued to accelerate even as the markets turned difficult for software sales in the last few months.
That is why I couldn’t be more excited to announce that Scrut has officially raised $10 million in growth capital, led by Lightspeed and MassMutual Ventures, to fuel our R&D efforts and accelerate our US go-to-market motion. This round brings our total raise to ~USD 21M since inception, with all our investors increasing their stake across each round.
While funding rounds are not milestones alone, we acknowledge the continued (and strengthening) confidence our investors have shown in us.
I, and the Scrut team, are incredibly grateful for all the support our community – our customers, partners, auditors, advisors, investors, have shown us.
We really look forward to the next phase of our journey. We’ll keep our heads down, work hard, and continue to listen to our customers.
Here’s to celebrating how much we’ve achieved together in such a short time, and to the incredible journey ahead! Cheers!
PS: If this topic interests you, please reach out to me; I would love to chat and exchange notes!
