try chameleon team
  • About Chameleon Chameleon allows you to create beautiful product guidance that helps, guides, and delights your users throughout their journey.
  • Website https://trychameleon.com
  • Location San Francisco, CA
  • Industry Computer Software
  • Social

The Challenge

We knew that we had some good security practices but needed the validation of SOC 2 compliance to demonstrate this more easily to our prospective customers. Our customers use Chameleon for business-critical user engagement within their software, which includes passing user data, so it's imperative that we maintain strong security practices, and can easily demonstrate these to prospects to help us close sales deals. Almost all of our larger prospects have a security evaluation stage during the buying process which we wanted to make as smooth and seamless as possible.

The Solution

One of the most compelling aspects of Drata was the time-to-value. We could get value on Day 1 of using Drata with their standardized policies that we could adapt and leverage. We've already used these across our sales deals. In addition we found the continuous monitoring Drata offered as a truly credible way to demonstrate our adherence to our security protocols, and the live report that lets customers/prospects see the specific details of this is such a killer feature. It moves away from trading notes in spreadsheets to being able to see clear proof of compliance!

Why Drata?

Drata's partnership model has been really impressive; they've worked with us and gone above and beyond to provide us tips, suggestions, connections, and support, as we've onboarded onto our platform and initiated improvements and enhancements to our systems and processes. We felt like we were getting software + consultants and that is so valuable.

Ready to Put SOC 2 on Autopilot with Drata?

The Result

We've already used policies generated in Drata, referenced our continuous monitoring in security questionnaires, helped validate our team's security training, and made improvements to our infrastructure access control, thanks to Drata. This is all within the first couple of months, and we're looking forward to moving towards SOC 2 Type II compliance in the coming months.

What's Next?

We'll be looking to standardize how we engage prospects through the security evaluation phase when they are looking to purchase Chameleon, leveraging Drata. We already offer a bug bounty program that we run in-house and we'll be look to expand and formalize this so we can always stay ahead of the latest risks and threats. And of course we look forward to SOC 2 Type II compliance soon!


Before Drata, I felt like SOC 2 would be such a pain and kept putting it off. Drata makes it really accessible and straightforward and we're actually enjoying the process.

Pulkit Agrawal - CEO, Chameleon
chameleon logo

Subscribe & receive the latest content.

Put Compliance on Autopilot

Get Started Today


Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.

Get Started