Subscribe
Sign in
p/very-good-securityEmpowering the mission to protect the world’s information⚡️
Start new thread
Hiten Shah

Control - Accelerate and automate security & SOC2 compliance for free

by

Control solves compliance with one integration. SOC2, ISO 27001, PCI & more. No more complex legalese, writing policies or manually running endless checks across your systems. Accelerate & automate your security program and SOC2 compliance for FREE today.

Add a comment

Replies

Best
Jonathan Cordeau
Maker
We’re honored to be hunted by @hnshah. Thank you for the support! Hey Product Hunt! I’m excited to share Control with you. Over the years, as both a founder and product leader, security and compliance always seemed to delay and derail execution. I’ve seen multi-million dollar deals fall through because of non-compliance, or basic security missteps lead to major incidents, (like employees getting scammed for gift cards). And don’t even get me started on consultants and spreadsheets. I have so many stories to share... That is why we built Control - to solve compliance with one integration. Controls accelerates and automates SOC2, ISO 27001, PCI and more - so that you can build your company, not work on compliance. No more complex legalese, writing policies or manually running endless checks across your systems. At VGS, we’re on a much bigger mission though - to protect the world’s information. This means that we are relentlessly committed to delivering solutions for the ever changing complexities of security and compliance. That’s why as a part of this launch, we’re offering guaranteed SOC2 compliance on Control for FREE. Just create an account, commit to real security, and we’ll take care of the rest. We’d love to hear your feedback, and if you have questions about Security/Compliance, let us know. My team and I will be around all day to help.
Ashik Wani
@hnshah @jonathancordeau : That's an amazing product and congrats for the launch!
Jonathan Cordeau
Maker
@ashik_wani #teamwork ... thank you for the support!
Parker Thompson
@hnshah @jonathancordeau congrats on the launch, the product looks rad!
Kumar Thangudu
When’s the best timing to adopt this product in a company’s lifecycle?
Jonathan Cordeau
Maker
Good question @datarade. Security can't be an afterthought. Getting a compliance certification (like SOC2 or PCI) is usually a goal that aligns with a forcing function like customer demand or a partnership/regulatory requirement. However, implementing a baseline security posture as early as possible not only puts important protections in place, but sets a company up for the compliance work that’s likely coming down the pipeline (i.e. reduce technical debt). Our goal is to meet companies where they are, and empower them to improve their security posture over time. Companies should be thinking about how to embed the right level of security into their workflows as early as possible. This is why we offer Security Foundations (https://bit.ly/2MWexPm) for free. So that any company, no matter the stage, can implement a baseline security posture. Then, when a company needs to obtain a compliance certification, most of the work is already done. You're building tons of awesome stuff @datarade. Have you ever been blocked by security/compliance?
Kumar Thangudu
@datarade @jonathancordeau I've used VGS's other products when I'm jammed up. Need to try out the control product.
Jonathan Cordeau
Maker
@datarade we're excited to continue to expand with you!
James Berthoty
Maker
3 years ago I was an IT director and got handed a 500 row spreadsheet with our VP of engineering and was told we had to get compliant ASAP to close a huge deal. We said that would take a year and a million 💸 worth of new employees, infrastructure, contractors, etc. So they hired an expensive consultant and we got another 500 row spreadsheet, but this time with comments on it 🙄 We made Control to make that never happen again. For compliance people, there are all the policies, risk assessment tools, and visibility tools you need. For engineering folks there are high value security monitors and automated evidence collection to keep compliance off of your back. What's crazy is that 3 years ago we spent hundreds of thousands of dollars to barely scrape by an audit, when today with Control we could've done all of it faster for free. Hope you all enjoy it!
Milda
Great idea! 💡 also, check out our product
Jonathan Cordeau
Maker
@milda_dinigeviciute Thanks! We have an amazing IVR security solution...I'll have someone on our team connect. Why'd you decide to tackle this problem?
Mary Pylyp
excited!
Adam Ballai
Control is a great platform, really helping us get our compliance done with little overhead from our team!
Jonathan Cordeau
Maker
@adam_ballai appreciate the love. Right back at you! RevOps is a great platform, really helping us get our proposals done with little overhead from our team!
Adam Bale
Love it! It's a game changer for the whole SOC2, ISO compliances.
Bennett Carroccio
this is a total game changer. no consumer-facing platform wants to deal with compliance and now they dont have to... for free... from the all-star VGS team
Jonathan Cordeau
Maker
@bcarroccio we appreciate the support from you and the entire a16z team! We'll solve the security and compliance stuff, so that the companies you back can build enduring businesses unconstrained!
Alexander Diatlov
Are you planning to add HIPAA in the future?
Jonathan Cordeau
Maker
@adiatlov HIPAA is available on Control today! The additional controls that apply to HIPAA are typically added to the SOC2 Security Trust Criteria, and leverage all the same automations. This allows you to demonstrate compliance using an industry standard reporting framework. This allows you to achieve a SOC2 + HIPAA report to save both time and cost.
Oleg Bolotnov
Great! SOC2 been our bottleneck in negotiations with large companies. Thanks VGS for making such a smart move to relieve startups from real pain
Ben Hwa
Congrats on the launch! We'll definitely be taking a deeper look to see if it fits our needs!
Jonathan Cordeau
Maker
@ben_hwa Thanks Ben! We're huge fans of what you're building at Apto...let us know how we can help!
Mark Backman
Congrats on the launch, @jonathancordeau! Supporting multiple compliances is a killer feature!
Jonathan Cordeau
Maker
We agree @mark_backman! We believe that the only way to truly solve compliance with one integration...we do the hard work of interpreting all the complicated controls and then automating them, so that you can actually focus on building YOUR business!
Duncan Hall
This looks great @jonathancordeau, particularly interested in the ISO 27001 compliance and the AWS integrations. Do you have plans for Hashicorp Sentinel integrations?
James Berthoty
Maker
Hey Duncan, we're 100% launched on ISO 27k1 controls, and the free Security Foundations you get have 100% overlap with ISO and SOC 2 if you want to get started. VGS <3's Hashicorp and their big moves for DevOps and Cloud/K8 architecture. We prioritize all of our integration work based on existing customers, and churn out automated evidence and monitoring of that evidence around the clock. We're currently working on integrations for their whole suite (as you can imagine Vault is the number one priority!).
Liam Collins
We have been working with VGS Control for a few months and our clients and team love it! It's made a huge difference in terms of speed and effort for our clients in getting their SOC 2 reports. Congratulations @jonathancordeau and VGS team for building an amazing product!!!
Jonathan Cordeau
Maker
@liam_collins1 Thanks! Our auditor relationships are so important, and we appreciated how the Armanino team is dedicated to helping organizations achieve real security alongside compliance reports.
Atish Davda
@jonathancordeau is an inspiring leader - glad to see his team's work being recognized!
Jonathan Cordeau
Maker
Thank you for the support @atishdavda means a lot coming from the founder of EquityZen!
Peter O'Malley
Compliance doesn't have to be a pain? 😍
Jonathan Cordeau
Maker
@peter_o_malley Nailed it! An organizations Security and Compliance should be an asset, not an anchor...maybe we should do an AMA where we just share horror stories?
Natalya Deyneha
So great!!!
Mark Z. Lerner
VGS is doing amazing things!
Will
Looks very interesting to help integrate good security into an existing or nascent technology platform Can you guys add a glossary for all of the compliances and some content for when and why someone might want to start thinking about them though? There's just a lot of letters and numbers and for someone who's not deeply into security as their main job it's not very accessible to know what they mean or when they apply 😅 PCI is something the general population probably knows but everything else probably not
Will Lippert
@boujeehacker Hi Will! That's a great question. I am part of the Control compliance team here at VGS, and I can help you out with that. In the most simple terms, many companies are seeking out SOC2 compliance because their business partners are contractually requiring it. When it comes to these contracts, unfortunately we all have to cave in and play the compliance game. The other frameworks are often required for one reason or another, and they are all designed to tell a story of your organization's security posture with varying interests in mind. With that said, our goal with Control is to make it so it does not entirely matter which cybersecurity framework from the "alphabet soup" your company is seeking. We make capturing audit evidence painless across multiple frameworks in one effort, and you can choose the one or more that suit your needs.
Max Motkaliuk
So excited about Control changing the data security & compliance game! Way to go VGS 🚀