The End-to-End Cybersecurity Auditor

Chris Phillips

Co-founder & CTO

"Thoropass was our complete compliance solution. The best part about working with Thoropass was that it’s the perfect blend of technology and people to take a complicated process and make it accessible and easy."

Matthew Kloster

Director of Engineering

"The in-tool audit experience was a massive benefit. I could just log in, answer the open evidence requests, and I knew that I had checked off everything I needed to keep the audit process going."

Gur Brosh

Co-founder & COO

"We needed a security compliance partner we could rely on for the entire preparation and audit process. That included understanding the scope, putting processes in place, creating documentation, using the right tools and implementing the right controls."

Conor O.

Overall, Thoropass provides an efficient, supportive platform for meeting compliance requirements, substantially aided by its thoughtful design and supportive customer service.

Emery Andrew

Founder

"Partnering with Thoropass as our single source of truth enables us to streamline our compliance programming while focusing on what we do best: building secure, trustworthy products and solutions that our users love."

Ryan Hyllestad

Director of Information Technology

“Go with a platform like Thoropass that supports multiple frameworks, includes strong efficiency-driven features, and is your auditor —so you’re not left to manage the entire audit process yourself.”

Information Technology User

Their expertise allowed us to make intelligent decisions around how we approach each control in line with our existing policies and procedures. It's been three years since we started leveraging Thoropass and they've helped immensely!

Tom Dittrich

CEO

"The process of achieving HIPAA compliance was incredibly smooth, thanks to the collaboration between Thoropass and their service partner, Muscatek."

Steven Betito

Head of Digital Innovation

"The platform is really helpful for us. When one certification is done, we just push one button and it pulls all the evidence and policies that we need for the other one—saving us so much time."

Zach C.

CEO

"Relatively easy to use. Auditors are there to guide, not castigate. Pentest team is terrific and easy to work with too."

Amelia P.

Head of IT

"Thoropass is a smart solution to tedious tasks. If you use it as a manager, it allows to track learning/policy readiness of your team, as well as have a document version control for your policies. It comprehends a lot of functions such as facility control, vendor management, inventory control...Very user-friendly and intuitive."

Mor Cohen-Tal

CTO and Co-Founder

"We were engaging with the auditor on Slack, managing things in two places, and having to duplicate evidence collection to align between the two. There was so much potential to do things better and more effectively. That’s when we switched to Thoropass."

Cyrille Delavenne

CTO

"Thoropass not only told us what the vulnerabilities are, but they were also very communicative when it came to how to reproduce the vulnerabilities."

Vanessa L.

CDO

"Every single interaction we have had with a Thoropass representative has been friendly, engaging, and understandable. As a non-technical person, they helped guide me to make informed decisions about what priorities needed to be focused on, how they could support those priorities, and they were exceptionally priced to do business with."

Juan Carlos T.

Software Engineering Manager

"What I like best about Thoropass is how it simplifies and operationalizes complex compliance processes like SOC 2, ISO 27001, and HIPAA. The platform integrates seamlessly with our cloud infrastructure (AWS), version control systems (like GitHub), and ticketing tools, enabling automated evidence collection and real-time visibility into our audit readiness."

Sigita Jurkynaitė

Information Security Manager

"Think of how many sleepless nights it’s going to cost you, versus paying someone who will provide you with really clear guidance. You will save so much time and so much money if you find a partner like Thoropass to help you."

Chase Preston

Chief Operating Officer

“We picked Thoropass because it provides an assessor and a platform. A lot of other companies have only a platform and bring in a third-party assessor. Thoropass is a one-stop shop, which makes things much easier.”

Matt Steel

Head of GRC

“We thoroughly enjoy working with Thoropass. They come with the software, they come with the people, and it really mirrors the culture that we have at Access of wanting to make things as easy as possible and help our customers, and it’s been great working with them."

Lawrence Wagerfield

Founder and CEO

"Having someone like Thoropass on board who is saying, ‘Yes, you’re doing things right,’ or, ‘Yes, you need to change that bit over there, and then you’d be doing things right’: as a CEO, that makes you sleep well at night.”

Alexander S.

Principal Technical Program Manager

"Having both a caring and attentive account manager as well as reviewers made the whole annual SOC 2 compliance process easy to go through. What was originally met with anxiousness and angst turned into a good experience. Their site makes it easy to track the things that need to be updated, uploaded, and addressed for the review."

Nathaniel Ruzicka

Senior Information Security Engineer

“Thoropass has been nothing short of a small miracle. They've made compliance something that helps us grow, instead of something that holds us back.”

Chris T.

CTO

"Very thorough and the tool made the process very easy. The account manager is very responsive and explained the entire process very well. With regards to the Pentest, the tool helped us identify a few issues ahead of the actual pentest, saving time for us and the pen-testers."

Shifat R.

Director of Operations

"I appreciate Thoropass for its quick onboarding process and friendly pricing, which made the transition from our previous system smooth and cost-effective. I find the customer service exceptional, with ultra-fast responses to emails. The compliance-focused training features are invaluable, ensuring all our team members are properly trained and certified. Lastly, Thoropass is constantly ahead of the curve in compliance, acting as a comprehensive solution that meets all my company's needs."

Michael B.

CEO

Thoropass combines readiness, evidence management, and auditor interaction in a single platform. This helps Roark maintain an organized audit trail, critical for a firm that documents every control, ticket, and policy for SOC 2 evidence. The ability to collaborate with the auditor directly in-platform reduces friction and prevents duplicative work.

Jake W.

"Thoropass has been instrumental in simplifying our journey through complex healthcare SaaS compliance requirements, like SOC 2, HIPAA, and HITRUST. Their expertise not only clarifies these challenging processes but also ensures we adhere to the highest standards, significantly benefiting our operational efficiency and data security."

Aaron G.

Director of Cloud Services

"With Thoropass, it is simple and easy to monitor compliance. I like the way that Thoropass has an easy to use task based interface that you can easily see what you need to remedy in your cloud platforms to maintain your SOC 2 compliance. It also has automated monitors that work with to monitor the environment and if anything goes out of compliance it will immediately flag it and give you a task to remediate it."

Devin Blanchard

Cyber Security Analyst

"It made it really easy to see both frameworks at a glance, and to have different pieces of evidence apply to both HITRUST and SOC 2. It didn’t feel like a huge chore, and was a big help in efficiency."

Andrew Park

Healthcare Technology Lead

"Thoropass’ integration with MyCSF was a deciding factor. We didn’t have to upload evidence twice, just once into Thoropass. It saved quite a bit of time."

Jason L.

Senior Security Engineer

"Feature-wise, Thoropass covers everything needed for SOC 2 in one place, including control management, evidence tracking, policies, vendor risk, and audit coordination. Overall, Thoropass makes SOC 2 far more manageable and repeatable. I’d highly recommend it to any company pursuing or maintaining SOC 2 compliance."

Barak P.

SVP of Product & Engineering

"Our account manager provides exceptional service, ensuring smooth interaction and assistance, which significantly enhances our overall experience with the platform. In addition to this, the pen test team is truly exceptional, offering expert insights and reliable performance in conducting penetration tests."

Perry Wilson

Director of Information Security

"There will always be benefits to having an automation platform, but having a strong audit partner, like the one we found with Thoropass, is invaluable."

Ivan Yarikov

Compliance Project Manager

"Working with Thoropass has not only made compliance achievable. It’s made it a strategic advantage."

Chris Ingrao

Chief Operating Officer

"Thoropass saved us significant time and resources. We have a small team and were able to handle all of the policies, controls, activities, monitoring, and audit activities efficiently because of Thoropass’ platform and expert support."