How an AI automation platform matured its security program, achieved SOC 2 Type 2 with all 5 trust factors, and became continuously audit-ready to win the trust of financial customers.
HuLoop Automation, an AI-based “future of work” platform, serves clients across banking, financial services, and other highly regulated industries.
With customers expecting bank-level compliance, HuLoop needed to mature its security and audit readiness quickly.
Strike Graph delivered a flexible, supportive platform that helped them build a culture of compliance, complete three successful audits (including SOC 2 Type 2 across all five trust factors), and position HuLoop as a trusted vendor in a regulated space.
"We’re so happy with Strike Graph that we wholeheartedly endorse them… If your results can mirror ours, you’ll be delighted,” – notes Todd Michaud, CEO of HuLoop Automation.
Serving highly regulated industries like banking, HuLoop’s team needed to meet high expectations around privacy, availability, and governance.
“Customer trust is exceptionally important for us,” emphasized Michaud. “Our clients expect that we operate at the very highest standard of care. That’s what brought us to our journey with Strike Graph.”
Before Strike Graph, HuLoop had highly manual compliance processes in place. As the company scaled, they faced a substantial increase in more complex vendor risk reviews and buyer expectations.
HuLoop evaluated several vendors but ultimately chose Strike Graph for its balance of intuitive tech and human guidance.
"We needed an organization that would help us mature quickly,” said Michaud. “Strike Graph gave us both the tools and the coaching to make the process simpler, faster, and more affordable.”
SVP of Cybersecurity Mark Jackson has a 20+ year background as an Information Security Officer in banking, and he immediately recognized that Strike Graph’s rigor matched the industry's financial regulatory standards. “The level of audit in Strike Graph looked like what I was used to in banking—screenshots, timestamps, real proof of work. That made my transition seamless," said Jackson.
Since partnering with Strike Graph, HuLoop has:
Jackson notes, “The dashboard shows me what’s expiring. I don’t have to scramble before the audit. It’s preparing me all year long.”
Key platform features like the Compliance Dashboard, Evidence Repository, Risk Management, and Control Monitoring were called out as essential for operationalizing compliance across the team.
“It’s crazy how easy the platform is—and how thorough,” says Jackson. “I’m big into risk mitigation, and the alignment between risk assessments and the SOC report has been incredibly helpful.”
Strike Graph’s automation and philosophy deeply resonated with HuLoop’s own product mission.
“Our business is about automating mundane activities and improving efficiency. That’s exactly what Strike Graph does for our compliance,” notes Michaud.
The team also praised the customer success and audit support teams:
“(Our CSM) Stephanie has been exceptional,” says Jackson. “The auditors understood our environment, helped us grow, and guided us the right way. Support has been top-notch.”
HuLoop is now focused on maintaining continuous readiness while exploring future certifications. They’re considering HIPAA and ISO 27001 as the business grows and may evaluate Strike Graph’s new SBOM Manager feature.
Michaud advises, “If you want to be organized year-round and not be stressed about upcoming audits, then Strike Graph is for you.”
“Strike Graph helps us work with more demanding clients,” says Michaud. “We go into those conversations from a posture of strength—and it’s helped us win deals.”
Jackson quips, “Do you enjoy jumping through hoops at the last minute? Probably not. Strike Graph keeps your audits real-time, managed, and stress-free.”