Let’s talk about how a SaaS startup scaled growth with PtaaS & SOC 2 compliance automation!
Cobalt provides modern pentesting to help organizations start testing faster, enable smarter & faster remediation, and make their security stronger. Secureframe is a security compliance automation platform that makes the process of getting compliant in SOC 2, ISO 27001, HIPAA, and many other frameworks fast and stress-free.
Combined with Cobalt’s platform, this webinar dives into how the partnership provides a better compliance journey for customers together.
Neural Payments was in the process of re-architecting its solution for PCI compliance. Because this was a major undertaking, the company knew they needed to partner with a pentest provider that had specific SOC and PCI experience with quick pentest engagement.
By partnering with Cobalt and Secureframe for their pentest and SOC 2 compliance needs, Neural Payments maintains compliance, customer confidence, and overall security for their fast-growing organization.
If you didn’t have a chance to tune in to the webinar on March 28th, watch the full on-demand webinar for a conversation led by Nathan Foulds of Cobalt featuring panelists David Patrick from Neural Payments and Scott Sugimoto from Secureframe.
-png.png)
Here’s What You Missed
There are many things to weigh when looking to achieve compliance. As a sneak peek, here are a few considerations you can make as you scale your organization:
Start with the right tools. A security compliance tool with built-in automation can save your team the countless hours tracking tasks can take manually. With that in mind, it’s important to consider the right SaaS platforms to stay compliant on an annual basis.
“If you don’t have a SOC 2 or ISO 27001 report, it’s never too early to get compliant and it’s more accessible than ever if you use platforms like Secureframe and Cobalt.” - Scott Sugimotto
Based on a recommendation from Secureframe, here are a few of the reasons Neural Payments chose Cobalt:
- Experience with the fintech sector - SOC, PCI, fintech, and cloud-based platforms.
- Short lead time to schedule and start a pentest
- Dynamically updated pentest report - As pentests are executed, findings are dynamically updated on the platform.
- Final report quality - The reports reflect the thoroughness of the test, fulfilling the requirements for SOC, PCI, and partners.
Treat compliance as an ongoing process. While a lot of the processes can be automated, it’s important to keep in mind the significant manual piece that comes with human expertise. Working with the right people like Cobalt and Secureframe can help streamline this.
Choose the right partners. Overall, choosing the right partners helps make the compliance journey easier year after year to help get ahead of evolving compliance frameworks.
“We needed providers that had the necessary skill sets for our industry sector, were aligned with the unique needs of a startup, and were able to meet our timeframes.”
- David Patrick
Partnering with Cobalt, Neural Payments was able to make changes that remediated the findings while increasing security posture. This was done by:
- Increasing crypto cypher suite strength
- Improving authentication mechanisms
- Enhancing brute force attack protection
As compliance changes and new technologies are introduced, utilizing a platform offered by Cobalt and Secureframe helps alleviate the stress and need to constantly keep up with evolving frameworks.
Meet the Host and Panel
Nathan Foulds
Nathan has been part of Cobalt's Customer Success Team for over 3 years, supporting a wide range of organizations to implement & enable their pentest programs. Prior to Cobalt, Nathan worked at Brandwatch (now part of Cision), in the Social Intelligence & Data Analytics space.
Scott Sugimoto
Scott is the head of product marketing at Secureframe. He is passionate about helping companies build trust with their customers and believes in Secureframe's vision: The complex process of obtaining and maintaining the most rigorous global compliance standards, including SOC 2, ISO 27001, HIPAA, and PCI DSS, should be fast and stress-free. Previously, Scott worked as a product marketer at Salesforce and New Relic and was a technology consultant at Accenture.
David Patrick
David is the Director of Engineering for Neural Payments, a financial technology company providing Peer to Peer (P2P) payment solutions for banks and credit unions. He is responsible for security, compliance, and cloud infrastructure at Neural Payments, and possesses 20+ years of experience in designing, deploying, and maintaining highly available enterprise-class networks.
