How Strike Graph Helped BugSplat Move Closer to SOC 2 Compliance

Launched in 2004, BugSplat has grown from a few friends who in their previous roles maintained larger organizations’ crash-reporting tools to a 100% self-funded company that now helps developers track and fix over 500 million crashes on around 350 million computers, tablets, consoles, and phones every year.


Boulder, CO


Software as a service


The Challenge

Being lean like a startup, when customers began asking questions about compliance, BugSplat found it challenging to find the time and resources to understand what’s required for a successful audit. Knowing that the scope of knowledge necessary to achieve compliance efficiently was a bit outside of their skillsets, BugSplat looked to Strike Graph for help. As BugSplat Product Manager Joey Plunkett explains, had they attempted to tackle SOC 2 compliance on their own, “it would be expensive, time-consuming, and there's no guarantee that on your first iteration without special knowledge you'll get it right.”

The Strike Graph Partnership

Much of the value in the partnership between BugSplat and Strike Graph was found in the weekly meetings with the Strike Graph Customer Success team. “Easily the most valuable thing we’ve gotten out of our interaction with StrikeGraph was the weekly meetings,” Joey explains. “The experience Sam brings as a former auditor, knowing exactly what’s required of the audit process, what auditors will be thinking, and having seen a lot of successful and failed audits in the past, meant there were very few questions she couldn’t answer. Every single time we had a meeting with Customer Success, we absolutely got way more out of it than the time we put in.”

The Outcome

Strike Graph’s Risk Assessment engine made it easy for BugSplat to identify their vulnerabilities, not only confirming that BugSplat was well-positioned for SOC 2 compliance, but also enabling them to have greater confidence in the overall security of their platform. “When we started, we felt like our security was pretty good,” says Joey. “Now, we know it’s really, really good.” 

As Joey notes, one of the most daunting parts of gaining compliance is in the documentation. Strike Graph’s Evidence Repository proved to be just the tool BugSplat needed to help organize their documentation into something manageable, and the Compliance Dashboard helped pull everything into an at-a-glance view. Ultimately, the combination of Strike Graph’s tools and experts simplified the process, taking the guesswork out of compliance.

“Strike Graph has done a really good job demystifying the SOC 2 process, helping to shepherd us towards the promised land with a high level of competence and knowledge. We saved hours and hours of time, and also money,” he adds.

What's Next?

BugSplat is nearly complete as far as achieving SOC 2 compliance; currently, they are in the process of documenting their evidence, and through their work with Strike Graph, they’ve gained much-needed confidence in that documentation.

  • copy-link-icon

    Copy URL

  • facebook-icon
  • linkedin-icon

We continue to believe that security is incredibly important. It is not fun to dive into, but it’s been made a lot more bearable by having access to the Strike Graph platform and their Customer Success team’s expertise.

Joey Plunkett

Product Manager, BugSplat