Being lean like a startup, when customers began asking questions about compliance, BugSplat found it challenging to find the time and resources to understand what’s required for a successful audit. Knowing that the scope of knowledge necessary to achieve compliance efficiently was a bit outside of their skillsets, BugSplat looked to Strike Graph for help. As BugSplat Product Manager Joey Plunkett explains, had they attempted to tackle SOC 2 compliance on their own, “it would be expensive, time-consuming, and there's no guarantee that on your first iteration without special knowledge you'll get it right.”
The Strike Graph Partnership
Much of the value in the partnership between BugSplat and Strike Graph was found in the weekly meetings with the Strike Graph Customer Success team. “Easily the most valuable thing we’ve gotten out of our interaction with StrikeGraph was the weekly meetings,” Joey explains. “The experience Sam brings as a former auditor, knowing exactly what’s required of the audit process, what auditors will be thinking, and having seen a lot of successful and failed audits in the past, meant there were very few questions she couldn’t answer. Every single time we had a meeting with Customer Success, we absolutely got way more out of it than the time we put in.”
Strike Graph’s Risk Assessment engine made it easy for BugSplat to identify their vulnerabilities, not only confirming that BugSplat was well-positioned for SOC 2 compliance, but also enabling them to have greater confidence in the overall security of their platform. “When we started, we felt like our security was pretty good,” says Joey. “Now, we know it’s really, really good.”
As Joey notes, one of the most daunting parts of gaining compliance is in the documentation. Strike Graph’s Evidence Repository proved to be just the tool BugSplat needed to help organize their documentation into something manageable, and the Compliance Dashboard helped pull everything into an at-a-glance view. Ultimately, the combination of Strike Graph’s tools and experts simplified the process, taking the guesswork out of compliance.
“Strike Graph has done a really good job demystifying the SOC 2 process, helping to shepherd us towards the promised land with a high level of competence and knowledge. We saved hours and hours of time, and also money,” he adds.
BugSplat is nearly complete as far as achieving SOC 2 compliance; currently, they are in the process of documenting their evidence, and through their work with Strike Graph, they’ve gained much-needed confidence in that documentation.