8 comments

[ 3.1 ms ] story [ 34.0 ms ] thread
Vanta seems to be running away with the SOC2 market.
Big fans of Vanta over here. Compared to everything else in the market, they were clearly the furthest ahead for our SOC2 needs.
I do foresee pricing pressure ahead for them as a lot of competitors seem to arising.
Examples of such competitors please? Very much thanks in advance...
Having used a few of these systems, Vanta is great if you enjoy 1) their sales reps brutally trashing their competition on every pre-sales call and 2) getting inundated with unimportant compliance alerts due to their over-emphasis on compliance automation.
Just to be clear, this seems to suggest that Supabase the company/product is SOC compliant, not that any product/service that you build on Supabase is automatically SOC compliant. Is that correct?
It's generally accepted that a SOC2 report of a SaaS provider covers the controls that are the responsibility of the company to manage.
Yes. If you built a product on top of supabase and your company wanted to get soc2 compliant, it helps that supabase, one of your vendors, is also compliant.