Shortcut addresses risks in real time with Vanta

The Company

Improving product planning

Shortcut provides the most intuitive project management platform that teams actually want to use. From product planning to product creation, their mission is to ensure software development teams can do their best work. Shortcut brings together product and engineering into a single experience with tightly integrated Docs, Issue Tracking, and Sprint Planning features.

‍

The Challenge

Scaling into the enterprise

Shortcut wanted to go up market and sell more into the enterprise space. In that process, they received numerous requests for a SOC 2 from prospects. The team knew that obtaining a SOC 2 would not only open the door to larger customers, but would also provide the framework to be a more secure organization. Shortcut knew very little about the SOC 2 process, but realized they need a partner who was knowledgeable in the space and could guide them in improving their security posture.

‍

The Solution

Prolonged continuous security

Vanta provided a team of knowledge experts and a platform that integrated with Shortcut's tech stack to collect the majority of evidence they’d need for the audit. Vanta’s policy templates offered both directive guidance and flexibility to scale as their business matured. These policies are written to be fluid and will grow as their business matures and allow their team to fix things as incidents come up. Vanta provided the foundation for Shortcut to create and continuously monitor a set of rules their business would adhere to. Vanta is the trusted partner guiding Shortcut through the process. The automation works around the clock to assess any gaps in real time to address issues as they come up.

‍

The Impact

Making annual audits a breeze

Vanta is integral to Shortcut's compliance policies beyond just obtaining a SOC 2. The work leading up to the audit makes their business more secure and greatly reduces their risk of a crisis happening. Vanta’s continuous monitoring gives Shortcut peace of mind and reduces the work needed to prepare for the annual audit to renew certifications.

Shortcut has been a Vanta customer for over 3 years now. Here’s what they have learned and what has changed over the years.

• If it’s your first time doing an audit... you’ll need to do a gap analysis which Vanta helps to automate. It will help you find the problems and address them ahead of time to ensure a smoother observation window.
• We’re saving time and money in the long run with the continuous monitoring, preventing the need to do a gap analysis and provide new evidence year over year.
• It’s a marathon, not a sprint. We’ve folded this into regular business processes like bi-weekly security reviews, quarterly meetings with our auditor, and managing our risk registrar.

‍