trusted automated compliance
weekly startup spotlight: vanta 🔒
companies need compliance (SOC 2, ISO, etc.) to sell, but the process is manual, fragmented, and easy to fake or misunderstand. this leads to a gap between checking compliance boxes and real security.
delve has been a pretty popular choice among tech companies to automate this compliance process, but it was recently revealed that they’ve actually been faking a lot of these reports. pretty bad looks.
allow me to introduce a company that does the same core functions and no fraudulent scandals … as far as i know.
vanta, founded in 2018, is a compliance automation and trust platform that helps companies obtain and continuously maintain certifications like SOC 2 and ISO. it integrates with the developer stack while continuously pulling data (configs, logs, access controls) and mapping them to compliance requirements.
it runs automated checks and builds a real-time evidence layer, so that instead of static reports, compliance is continuously verified from underlying systems.
the company has raised ~$500 million in total funding, including a $150 million series d in 2025 at a ~$4.1 billion valuation. vanta also serves 12,000+ customers across 50+ countries.
questions i’d ask:
with the delve news, are you explicitly positioning vanta around auditability and trust, or avoiding direct competitor callouts?
long term, is vanta’s moat the integrations/evidence layer or the ai-driven risk and remediation layer?
today’s drops 🔎
apply by april 1st to join the $5,000+ phia hackathon
software internship @ cadence
check out the rbc tech labs internship program for highschoolers (due march 30th)