Delve, a startup that claims to be able to help you get SOC2 compliance in days
-
Delve, a startup that claims to be able to help you get SOC2 compliance in days
Was not surprisingly revealed to have made it all up.
Delve - Fake Compliance as a Service - Part I
How Delve managed to falsely convince hundreds of customers they were compliant and then lied about it when exposed and called out
(substack.com)
@skinnylatte Forbes 30 under 30 continues to be the world's premier directory of scammers.
-
Delve, a startup that claims to be able to help you get SOC2 compliance in days
Was not surprisingly revealed to have made it all up.
Delve - Fake Compliance as a Service - Part I
How Delve managed to falsely convince hundreds of customers they were compliant and then lied about it when exposed and called out
(substack.com)
The only thing that offends me more than scammers are sloppy scammers. At least take some pride in your work and in your calling.
-
The only thing that offends me more than scammers are sloppy scammers. At least take some pride in your work and in your calling.
@skinnylatte i gave a talk once about a bunch of ways people can fake credibility, like buying certs and reviews. this didn't exist back then but hoooboy does it fit the bill
-
The only thing that offends me more than scammers are sloppy scammers. At least take some pride in your work and in your calling.
There’s a bunch of other compliance startups in this space worth billions of dollars. They’re all claiming to be AI-native but they’re forms stitched together (and not even doing anything remotely interesting or useful).
If you understand the tech you know that we are years away from a single AI, no matter what you say you’re doing with it, from being reliably able to perform this specific list of tasks in this order
-
There’s a bunch of other compliance startups in this space worth billions of dollars. They’re all claiming to be AI-native but they’re forms stitched together (and not even doing anything remotely interesting or useful).
If you understand the tech you know that we are years away from a single AI, no matter what you say you’re doing with it, from being reliably able to perform this specific list of tasks in this order
The founders have also been on social media praising their devs for pulling all nighters
Now that this is out, I hope everyone is very proud of themselves
-
Delve, a startup that claims to be able to help you get SOC2 compliance in days
Was not surprisingly revealed to have made it all up.
Delve - Fake Compliance as a Service - Part I
How Delve managed to falsely convince hundreds of customers they were compliant and then lied about it when exposed and called out
(substack.com)
@skinnylatte I just had a conversation with a healthcare clinician about this yesterday
context was clinicians in private practice adopting AI services to use with patient data
was telling them about how many tech workers don't actually build compliant services but slap badges on their software saying they did
and wondered aloud how clinicians in private practice without IT backgrounds would ever know the difference between legit services and those that are not truly HIPAA compliant?
-
The founders have also been on social media praising their devs for pulling all nighters
Now that this is out, I hope everyone is very proud of themselves
@skinnylatte All nighters are such a phenomenally bad idea. Even if it weren't likely a lie I'd expect a compliance company to make more mistakes when doing that rather than less.
-
There’s a bunch of other compliance startups in this space worth billions of dollars. They’re all claiming to be AI-native but they’re forms stitched together (and not even doing anything remotely interesting or useful).
If you understand the tech you know that we are years away from a single AI, no matter what you say you’re doing with it, from being reliably able to perform this specific list of tasks in this order
@skinnylatte it all stems from a ridiculous idea that “compliance” is just checking off a bunch of boxes on a form and then you’re done. I’m constantly battling this at work. Compliance is designing your systems/product/processes so that they ensure *something*: data security, AI governance, unbiased decision making. and then it’s continuing to audit that thing to make sure it’s still doing it. forever.
you can’t fucking have SOC 2/PCI/GDPR/HIPAA/AML/FedRAMP in two days no matter what anyone tells you.
-
The founders have also been on social media praising their devs for pulling all nighters
Now that this is out, I hope everyone is very proud of themselves
-
The founders have also been on social media praising their devs for pulling all nighters
Now that this is out, I hope everyone is very proud of themselves
@skinnylatte developers pulling all-nighters is a sign of failure, not success. You know that and I know that and will the tech bros ever learn that? Probably not.
-
The founders have also been on social media praising their devs for pulling all nighters
Now that this is out, I hope everyone is very proud of themselves
I've been through compliance at a mega corp and as far as I can tell someone gets appointed to be the muggins who sits in a conference room while people who are paid to tick boxes tick boxes.
Perhaps this perception came from that company already having fairly strict internal rules, perhaps from a sock puppet auditor, I don't know.
I totally understand why someone who had only ever seen the process from the next room would think this is prime sinecure territory, it certainly seemed like an expensive no-op from my desk.
-
R relay@relay.an.exchange shared this topic
