Why Superside Chose Drata to Tackle SOC 2 Compliance

A case of how Drata’s automation-led approach empowers companies to achieve SOC 2 quickly and easily
ABOUT Superside
Superside is an always-on design company that delivers great design at scale to Enterprise teams—from everyday production design work to large-scale strategic design solutions.
Palo Alto
Design Services

Why SOC 2

Not only does Superside deliver design work to over 300 companies worldwide, our customers use our SaaS tool to continue working on those designs and ensure consistent quality. With our level of access to confidential data, we needed SOC 2 to show proof that we take the necessary steps to protect that information.

Why Drata

Being completely new to SOC 2, we were looking for a partner that could help us organize the process and simplify the steps we needed to take along the journey. We wanted to better understand the controls, policies, and framework as a whole. Drata has been helping us do that from the very start. The team has guided us from start to finish, in recognizing the current state of our security posture to identifying and working with our auditor partner, Schneider Downs.

The Experience

Drata’s team is incredibly responsive whenever we have questions; they truly have been our partner throughout the entire process. Beyond the team, the additional guidance we get from the platform, with features like policy templates, has been invaluable. Being able to integrate Drata with our tech stack in AWS and our workflows in Gitlab, and having a blueprint for personnel onboarding, gives us a holistic view of our security program.


Drata has saved us a ton of time in terms of identifying what controls we need to fulfill and how to fulfill them. By automating and simplifying SOC 2 compliance, we’ve easily gained hundreds of hours back as a team that would have been spent just figuring out each step without making significant progress. Drata made the path to SOC 2 actionable.

What’s Next?

Having achieved SOC 2 Type 1 compliance, we’re going to pursue Type 2 next, having already executed much of the work already with Drata. We’re taking the lessons we’ve learned from Type 1 and using that to scale and build out a team focused on security, auditing, and more to ensure we continue to uphold the best cybersecurity practices.

Initially, we were uncertain about the SOC 2 process, and didn’t know where to start. Having Drata as our compliance automation partner put us on the fast track to understanding the requirements and elevating our security posture. In automating the journey, we’re able to quickly achieve SOC 2 compliance without disrupting our flow of business. Drata makes compliance easy, no matter what level of expertise you have.

Tor Fusdahl - Engineering Manager, Superside

Subscribe & receive the latest content.

Subscribe & receive the latest content.


Get Started Today

Close more sales and build trust faster while eliminating the hundreds of hours of manual work that used to go into maintaining your SOC 2 report and ISO 27001 certification.

Trusted by the best: