Hacker News new | past | comments | ask | show | jobs | submit login

You are correct, in many ways even SOC2 is not a desirable investment for young companies. You can do 5 figure deals with fortune 500 companies without it but the process of closing that deal will require a lot more work. Maybe a good time to start investing in SOC2 or ISO certification is when you have multiple large deals with enterprises in your sales pipe. Before that, running a small security program (annual pentest, security awareness training) and communicating that via security questionnaires will get you first deals.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: