- About Chameleon Chameleon allows you to create beautiful product guidance that helps, guides, and delights your users throughout their journey.
- Website https://trychameleon.com
- Location San Francisco, CA
- Industry Computer Software
We knew that we had some good security practices but needed the validation of SOC 2 compliance to demonstrate this more easily to our prospective customers. Our customers use Chameleon for business-critical user engagement within their software, which includes passing user data, so it's imperative that we maintain strong security practices, and can easily demonstrate these to prospects to help us close sales deals. Almost all of our larger prospects have a security evaluation stage during the buying process which we wanted to make as smooth and seamless as possible.
One of the most compelling aspects of Drata was the time-to-value. We could get value on Day 1 of using Drata with their standardized policies that we could adapt and leverage. We've already used these across our sales deals. In addition we found the continuous monitoring Drata offered as a truly credible way to demonstrate our adherence to our security protocols, and the live report that lets customers/prospects see the specific details of this is such a killer feature. It moves away from trading notes in spreadsheets to being able to see clear proof of compliance!
Drata's partnership model has been really impressive; they've worked with us and gone above and beyond to provide us tips, suggestions, connections, and support, as we've onboarded onto our platform and initiated improvements and enhancements to our systems and processes. We felt like we were getting software + consultants and that is so valuable.
Ready to Put SOC 2 on Autopilot?
We've already used policies generated in Drata, referenced our continuous monitoring in security questionnaires, helped validate our team's security training, and made improvements to our infrastructure access control, thanks to Drata. This is all within the first couple of months, and we're looking forward to moving towards SOC 2 Type II compliance in the coming months.
We'll be looking to standardize how we engage prospects through the security evaluation phase when they are looking to purchase Chameleon, leveraging Drata. We already offer a bug bounty program that we run in-house and we'll be look to expand and formalize this so we can always stay ahead of the latest risks and threats. And of course we look forward to SOC 2 Type II compliance soon!
Before Drata, I felt like SOC 2 would be such a pain and kept putting it off. Drata makes it really accessible and straightforward and we're actually enjoying the process.