How Scytale Helped Polar Security Build Their InfoSec Systems And Best Practices From The Ground Up

Polar Security is the first solution to automate cloud data security & compliance. Polar’s agentless DSPM (Data Security Posture Management) platform automatically finds any data vulnerabilities and compliance violations.

Shiran Bardugo

Director of DevSecOps, Polar Security

In the past, I did the SOC 2 process alone, manually collecting evidence and reviewing policies, which was a disaster. Now with Scytale, getting SOC 2 compliant is super simple, quick and easy to manage.

THE CHALLENGES

SOC 2 first-timer

Polar Security had no prior SOC 2 compliance experience and needed to start the process from scratch.

Help needed with security

As an early-stage startup, there were no official security systems in place just yet. The security team needed expert guidance to build concrete security systems and implement best practices from scratch.

Customers in the US

Polar Security was starting to reach the US market. However, signing US-based customers was challenging as every second customer demanded a SOC 2 report.

Need to get compliant fast

Polar needed to get SOC 2 compliant as soon as possible as they were losing opportunities to expand.

Time is money

At the time, their team of five software engineers needed to focus on building the product and could not afford to allocate their time solely to SOC 2 compliance.

THE solution

Robust InfoSec systems

Scytale’s compliance success managers helped Polar build and implement the correct infrastructure, policies and procedures, security controls and complete tons of security questionnaires requested by customers.

Automated compliance

Scytale’s smart tool allowed Polar’s team to seamlessly integrate with their software (such as GitHub and AWS), which was hugely valuable. Polar was able to easily review policies, track the status of tasks and automatically collect evidence.

Advisory dream team

Polar Director of DevSecOps, Shiran Bardugo, shared that Scytale’s compliance success team were available and happy to help on all communication channels 24/7, making the process extremely easy to follow.

Management of audit process

Scytale took over all communications and workloads with EY during the audit period, which means Polar was undisturbed and could continue with their day-to-day responsibilities throughout their official SOC 2 audit.

KEY TAKEAWAYS

Employee time-savings: Polar’s security and compliance team saved an enormous amount of time by utilizing Scytale’s automation tool to get SOC 2 audit-ready. Especially with implementing policies, customizing a controls list, continuous control monitoring and audit management.
Continued work as usual: Polar did not come to a standstill during their SOC 2 project, as Scytale’s smart technology and expert advisory team took the SOC 2 preparation weight load off the team.
Remaining compliant: Polar did not just achieve SOC 2 Type II compliance, but can also stay compliant and simply manage all InfoSec workflows within the automation tool. Going forward, it is easy for Polar to ensure that there are no compliance loopholes or oversight across the company’s people, systems and processes.

End results

Polar is wasting no time in expanding their InfoSec compliance and with Scytale, this has become very easy to undergo. Polar Director of DevSecOps, Shiran Bardugo stated that Polar only considered Scytale for their ISO 27001 compliance process.
The ability to provide a SOC 2 report to potential customers have removed any sales barriers and expanded Polar’s customer base.
Existing customers feel even more confident in Polar’s product and services and are reassured that their sensitive data is protected.

Frameworks

Features

Our Solutions

By company Stage

By Industry

Learn

Community