Blog

Insights and expertise from Thoropass

Featured

Introducing NIST CSF, CMMC Level 1 and Cyber Essentials

Strengthen your baseline security posture and align with the latest industry guidance. Our platform and experts are here to help you move forward with clarity and speed.

Learn More

Latest posts

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

News and Events /

Thoropass Founder Sam Li speaks as Compliance Expert on YC Panel

A couple of weeks ago, our founder Sam Li and Steve Schultz from AWS hosted a webinar for the YC Winter cohort on Day One Security & Compliance. This webinar covered what founders should do (and not do) early in the product lifecycle in regard to compliance. As a startup founder himself and compliance expert, Sam has some tips for founders.

Read Article

News and Events /

Looking Back at 2020 Compliance, Looking Forward to 2021

It has been quite a year, and not just because the world has been knee-deep in a pandemic. While most of us have started working remotely, our businesses have been faced with new challenges. From keeping our employees safe to keeping our information secure, here’s what we noticed in the compliance world during 2020. We also have some upcoming predictions for 2021.

Read Article

News and Events /

Walking the Walk: Thoropass’s SOC 2 Type 1

Last quarter, our Compliance Architects set their sights on conquering SOC 2, but it wasn’t for a client. As a SaaS company working to protect our customers through compliance, we knew it was time to showcase our best practices to pass our SOC 2 Type 1.

Read Article
man working at a laptop with coffee

Compliance /

Founder’s Guide: The Right Compliance Framework for Your Startup

It doesn’t seem like compliance frameworks are meant to be understood by busy founders or even mere mortals. For example, take a look at the AICPA guide on SOC 2. Not exactly bedtime reading.

Read Article

Compliance /

Why Stage-Appropriate Compliance Matters for Startup Growth

Early-stage startups are in for a surprise when they dive into what’s needed to pursue a regulatory or compliance framework.Implementing SOC 2 alone means wading through about 240 controls, all vague and seemingly written for larger, much more established companies. As a startup, there’s likely no room in your budget to purchase white-glove security solutions, and the thought of hiring a Chief Information Security Officer at this stage is just laughable.

Read Article
Curated by experts

We provide the compliance expertise, so you don’t have to

At Thoropass, we’re more than a readiness solution. Our team of experts are equipped with insight and hands-on experience to provide you with industry-leading perspective and guidance.

Meet the Experts

Stay connected

Subscribe to receive new blog articles and updates from Thoropass in your inbox.

Thank you for subscribing! Be on the lookout for confirmation in your inbox!
Oops! Something went wrong while submitting the form.

Want to join our team?

Help Thoropass ensure that compliance never gets in the way of innovation.

View open roles

Have any feedback?

Drop us a line and we’ll be in touch.

Contact us
Get Started

Solutions

Get CompliantMaintain ComplianceIT Security Audits

Products & Services

Thoropass AuditCompliance AutomationPentestingThoropass AIAccess ReviewsSecurity QuestionnairesRisk AssessmentTrust CenterIntegrations and APIs

Frameworks

SOC 1SOC 2HIPAAHITRUSTCyber EssentialsGDPRISO 27001ISO 27018ISO 42001CMMC Level 1NIST CSF 2.0PCI DSSOther Frameworks

Industries

HealthcareSaaSFinTechOther Industries

Company

Our DifferenceMeet the ExpertsNewsroomCareersIndependence and ExcellenceBecome a PartnerTrust CenterContact us

Resources

Case StudiesBlogGuidesEventsHelp Center

Legal

MSADPAReport an IssueTerms and ConditionsPrivacy Policy

Leading by Example: Thoropass' Certifications

© Copyright 2025 Thoropass, Inc.