From compliance automation through audit, the Thoropass compliance delivery platform helps you get and stay compliant.
Modern audits delivered by expert auditors
Maintain compliance with real-time monitoring and alerts
Identify vulnerabilities with CREST-accredited pentest experts
Leverage AI for smarter compliance solutions
Streamline audits and improve accuracy with evidence automation
Simplify user reviews to enhance security
Automate responses to security questionnaires
Track and mitigate security risks in one place
Build trust with a professional, public-facing portal
Seamlessly connect your tools for streamlined compliance
Audits done the modern way. Leverage AI-powered compliance solutions with expert guidance for seamless, scalable audits.
From controls to audit, rapidly achieve infosec compliance with a single vendor
Manage your risk and streamline compliance
Meet your auditor on day 1 and eliminate any surprises
Discover proven compliance outcomes in the words of our customers.
Catch up on the latest industry trends and expert insights
Watch the latest webinar or meet us in person
Expert-curated resources for your compliance journey
A "true crime" styled podcast for anyone in the compliance industry
Actionable tools for your compliance journey
Implement audit-ready compliance solutions for friction-free infosec compliance outcomes.
Go beyond readiness with unmatched expertise
Stay updated with the latest Thoropass news and insights
Join the team that's reimagining compliance
Let's make compliance easier—together
We're committed to unbiased audits and superior service
We’re thrilled to announce our strategic partnership with YASH, a leading global systems integrator with deep AWS expertise. Together, we’re delivering a next-generation compliance automation solution that helps organizations confidently achieve and maintain cloud security standards—faster, easier, and with less manual work.
This partnership combines the cloud-native capabilities of the Thoropass platform with YASH’s hands-on support and proven experience in implementing audit-ready AWS workloads. Now available as a single, end-to-end offering through AWS Marketplace, our joint solution empowers customers to streamline their path to SOC 2, ISO 27001, HIPAA, and other compliance standards—backed by unified controls, automation, and expert guidance, and full assessment services delivered by Thoropass.
Compliance is often a roadblock for growth. It’s resource-heavy, scattered across tools, and slow to deliver real business value. Our joint offering with YASH flips that narrative and aligns with AWS’s Global Security and Compliance Acceleration (GSCA) initiative to help customers accelerate their path to audit readiness.
With Thoropass and YASH, customers benefit from:
Whether you’re just starting your compliance journey or preparing for your next audit cycle, this partnership scales with you, delivering complete visibility, more substantial alignment with auditors, and peace of mind across your AWS environment.
Ready to transform compliance from a burden into a growth enabler? Explore the joint solution now on AWS Marketplace or contact us to learn more.
Any SaaS business should be putting high importance on optimizing and securing its AWS environments and making them operationally efficient, all while using best practices. This helps safeguard your infrastructure, your business, and your customers. For AWS partners, this process is formalized through the AWS Foundational Technical Review (FTR). But what exactly is AWS FTR, why does it exist, and how can companies streamline the process to avoid common pitfalls? We’ll explore these questions and show how Thoropass can help simplify your FTR journey.
The AWS Foundational Technical Review (FTR) is a rigorous process that AWS partners must undergo to ensure their solutions are built according to AWS’s best practices. The primary goal of the FTR is to help partners identify and remediate any potential risks related to security, reliability, and operational efficiency before launching or scaling their solutions on the AWS platform.
During the FTR, partners conduct a self-assessment and then collaborate with AWS Solutions Architects to review their solutions. This review includes evaluating the architecture, design, and implementation against AWS’s best practice guidelines. By passing the FTR, partners can demonstrate their technical competence and the robustness of their solutions, gaining credibility and trust in the market.
AWS FTR exists to maintain a high standard of quality and consistency among solutions built on the AWS platform. It is designed to ensure that AWS partners adhere to best practices, thereby protecting end-users and maintaining the integrity of the AWS ecosystem.
For AWS partners, passing the FTR is not just a technical milestone; but a strategic advantage. A successful FTR not only validates the technical capabilities of a solution but also enhances its marketability. Moreover, partners who pass the FTR gain access to additional AWS resources and support, which can be pivotal in accelerating their go-to-market strategies.
In the broader cloud computing industry, processes similar to AWS FTR are becoming increasingly common. Major cloud service providers, such as Microsoft Azure and Google Cloud, have their own sets of guidelines and review processes to ensure that partner solutions meet stringent technical and security standards.
The adoption of these reviews is particularly prevalent among companies operating in highly regulated industries, such as finance, healthcare, and government. As the cloud landscape becomes more competitive, the importance of adhering to these standards cannot be overstated. For many companies, undergoing a technical review like AWS FTR is not just a requirement—it’s a critical step in building and maintaining customer trust.
While the AWS FTR is essential, it is not without its challenges. The process can be time-consuming, requiring detailed documentation and extensive compliance checks. For many companies, this complexity can lead to delays in launching or scaling their solutions, impacting their overall go-to-market timeline.
Another significant challenge is the need for cross-departmental collaboration. Successfully completing an FTR requires input from various teams, including development, security, operations, and compliance. Coordinating these efforts can be daunting, especially for organizations without a streamlined process.
This is where Thoropass comes in. Thoropass offers a powerful solution to simplify the AWS FTR process by automating and organizing the necessary documentation, ensuring compliance, and facilitating team collaboration.
The AWS Foundational Technical Review (FTR) is a crucial step for any AWS partner aiming to ensure the security, reliability, and operational excellence of their solutions. While the process can be complex and time-consuming, Thoropass simplifies the journey, enabling you to meet FTR requirements with ease and confidence.But FTR is just the beginning. As you pursue higher-level AWS competencies, such as Security, Migration, or DevOps, you’ll encounter additional requirements—including more detailed security questionnaires. Having completed the FTR through Thoropass significantly improves your ability to tackle these deeper competency assessments. Thoropass streamlines the process, making even the most complex security and compliance questionnaires more manageable.If you’re preparing for an AWS FTR or aiming for an advanced AWS competency, Thoropass is your trusted partner for success. Learn how we can help simplify compliance, accelerate your go-to-market strategy, and support your journey through AWS competencies.
Newly formed alliance delivers data security and automates monitoring to accelerate compliance
Cloud Storage Security (CSS), a leading data security software provider for AWS storage services, and Thoropass, an industry leader in infosec compliance and audits, announce their partnership. By combining Thoropass’s powerful automation, unmatched expertise, and high-quality audits with CSS’s data discovery, antivirus protection, data loss prevention, and reporting capabilities, customers simplify and accelerate compliance with HIPAA, SOC 2, PCI-DSS, HITRUST, ISO 27001, and more.
Thoropass is an AWS Global Security and Compliance Accelerator Partner with an AWS Healthcare competency. They streamline the compliance process by automating evidence gathering and control mapping. With access to compliance experts, automated controls and continuous monitoring, they ensure high-quality audits that stand the test of enterprise procurement.
CSS is an AWS Public Sector Partner with an AWS Qualified Software offering, AWS Security competency, and an AWS Authority to Operate designation. They enable customers to prevent the spread of malware, classify sensitive data, and perform assessments for data stored in the cloud. Customers around the world rely on CSS to scan data in AWS storage, such as Amazon Simple Storage Service (Amazon S3), to meet regulatory and compliance frameworks in addition to preventing breaches.
The CSS-Thoropass partnership helps customers run efficient compliance programs, while meeting the compliance framework requirements for malware/virus security and data inventory/classification processes. By prioritizing data security, streamlining governance, and automating control management and continuous monitoring, customers achieve compliance quickly and cost-effectively.
Scott Mathewson, CSS’s Director of Channels highlights, “Our partnership enhances customers’ ability to protect sensitive data and prevent malware, expediting Thoropass audit, risk management, and overall compliance timelines. This ensures customers quickly meet rigorous compliance standards for financial, Government, and healthcare regulations with efficiency.”
Francois Grenier, Head of Partnerships at Thoropass, adds “Information Security Compliance can be intimidating. Our mission is to make this a breeze for our customers through deep automation. Teaming up with simple and powerful solutions like Cloud Storage Security allows us to provide our customers with the strongest value ecosystem in the market, the fastest path to compliance and the highest quality audits.”
In the ever-evolving landscape of healthcare technology, ensuring the security of patient data is of paramount importance. Recognizing this need, Amazon Web Services (AWS) has established the AWS Competency Program, offering a platform for partners to showcase their expertise and specialization.
Thoropass, a revolutionary compliance solution changing the game for the HealthTech industry, has proudly achieved the AWS Healthcare Competency in the Compliance Services category. In this blog post, we delve into the significance of this accomplishment and how it positions Thoropass as a leader in the healthcare compliance landscape.
The AWS Competency program serves as a badge of honor for AWS partners, allowing them to highlight their proficiency and stand out in a competitive market.
This program emphasizes two key pillars:
The AWS Healthcare Competency aims to guide customers toward trusted solutions that enhance operational and clinical effectiveness while improving patient outcomes.
This competency covers five crucial categories:
Out of the myriad AWS partners, Thoropass has emerged as a standout achiever in the Compliance Services category of the AWS Healthcare Competency.
As the leading provider of compliance services for the healthcare industry, Thoropass offers a unique, frictionless experience that integrates readiness software and audits under the same roof. We also recently announced the launch of a Healthcare Advisory Board to deepen further our dedication to HealthTech companies pursuing compliance.
What sets Thoropass apart is its commitment to providing an end-to-end compliance and audit solution. The company is not only a provider but also a fully approved HITRUST External Assessor, integrating HITRUST compliance seamlessly into an organization’s over-arching compliance program.
Thoropass’s solution extends its reach to assist SaaS companies in achieving compliance with HIPAA laws, SOC 2, and ISO 27001 standards, showcasing a comprehensive and forward-thinking approach to healthcare compliance.
Thoropass’s commitment to excellence is further underscored by its participation in the AWS Global Security and Compliance Accelerator program. Additionally, Thoropass is available on the AWS Marketplace, making its services easily accessible to a wide range of customers.
The company’s acceptance into the Compliance Services category of the AWS Healthcare Competency solidifies its position as a true industry leader.
The company aims to empower healthcare customers in strengthening their information security and privacy posture to meet the highest industry standards. Thoropass’ goal is to safeguard vital PHI, thereby contributing to the overall trust and integrity of the healthcare ecosystem.
In conclusion, Thoropass’s new milestone with AWS is a testament to its unwavering commitment to excellence. As the only true end-to-end compliance platform in the program, Thoropass stands at the forefront of healthcare compliance solutions. By leveraging AWS’s rigorous standards and customer-centric approach, Thoropass continues to empower healthcare organizations in scaling their business, building trust with stakeholders, and ensuring the utmost security and compliance of sensitive healthcare data.
[New York, November 28 2023] – CITSAP, Certified IT Security Assurance Professionals, a leading provider of cybersecurity services, has announced their partnership with compliance and audit solution Thoropass, and DevOps automation pioneer DuploCloud, to offer SOC 2 and HITRUST information security compliance services offering that is now available in AWS Marketplace, as part of the Global Security & Compliance Acceleration (GSCA) Program. The offering, formally announced at AWS re:Invent 2023 in Las Vegas, is available now to startups and other organizations seeking assistance with their compliance journey.
CITSAP and Thoropass’ SOC 2 compliance solution for early-stage startups leverage a holistic framework built around highly skilled professionals, streamlined processes, and use of the Thoropass automated compliance platform to ease the burden of meeting your SOC 2 or HITRUST compliance requirements in the most efficient and effective manner.
“This is a true shift-left compliance approach that presents a game-changing opportunity for early-stage startups, designed to fast-track their cybersecurity compliance journey, and transform their programs from zero to hero through our collaborative efforts,” says Tosin Ojo, founder and CEO of CITSAP.
CITSAP and Thoropass combine customer-centric approaches to servicing and automating interested parties’ compliance needs. While CITSAP provides subject matter experts who work with clients to identify their most pressing risks, Thoropass provides AI-infused automation technology with in-house auditors who can provide SOC 2 attestation and HITRUST assessment without leaving the platform.
Attaining SOC 2 for many startups can be both daunting as well as essential for startups and growing businesses. Likewise, for those involved in HealthTech-related industries, HITRUST is often an aspiration that is met with friction via resources and time. This partnership offered via AWS Marketplace – including an optional service with DevOps software provider DuploCloud –is a game changer for companies looking to get and stay compliant without the stress or confusion typically associated with the process.
Building a fully automated and secure cloud infrastructure requires many tools, APIs, services, and standards to be stitched together manually by DevOps engineers writing Infrastructure-as-Code. DuploCloud’s DevOps automation platform auto-generates 90% of the manual code based on built-in best practices, compliance standards, and cloud integrations. Deployments using DuploCloud can shave weeks off the Thoropass gap assessment phase as the proper security controls and compliance standards are provisioned correctly the first time.
Thoropass and DuploCloud are part of the Global Security & Compliance Acceleration (GSCA) Program and offer AWS customers a streamlined approach for their compliance needs. By harnessing the power of the AWS Marketplace, CITSAP and Thoropass continue to accelerate their partnership by providing industry-leading services and automation in a single place. For more information, visit https://aws.amazon.com/marketplace/pp/prodview-v6sql5faqqm6u
[New York, Aug 22, 2023] – Thoropass is proud to announce announced today that it has joined the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program, a co-sell program for AWS Partners that provides software solutions that run on or integrate with AWS. The program helps AWS Partners drive new business by directly connecting participating ISVs with the AWS Sales organization.
At Thoropass, known in the industry as the only automated compliance and audit solution to include in-house auditors at every step of the compliance journey, will now be able to educate and service a wider range of prospective customers interested in compliance solutions.
The AWS ISV Accelerate Program provides Thoropass with co-sell support and benefits to meet customer needs through collaboration with AWS field sellers globally. Co-selling provides better customer outcomes and assures mutual commitment from AWS and its Partners. Thoropass also joined the Global Security and Compliance Acceleration on AWS (ATO on AWS) Program, which helps AWS Partners meet their customers’ authorization needs, whether it be architecting, configuring, deploying, or integrating tools and controls. Thoropass’s customers will benefit from tighter support from both teams working together to accelerate and improve their journey to compliance.
“We are thrilled to strengthen our relationship with AWS by joining AWS ISV Accelerate and the ATO on AWS Program, together with our recent availability in AWS Marketplace, making things easier for our customers,” says Francois Grenier, Senior Director of Partnerships at Thoropass.
AWS ISV Accelerate Program members are held to the industry’s highest standards and must undergo a comprehensive evaluation to gain acceptance into the program. Thoropass participated in a thorough architectural and security review to ensure the quality and design of our solutions. Proof of customer excellence was also reviewed to validate the successes Thoropass customers have achieved across industry verticals.
The deepening relationship between Thoropass and AWS represents a significant milestone in the company’s growth and its commitment to providing cutting-edge compliance solutions to startups. Thoropass aims to accelerate its growth and establish itself as the leading provider in the industry.
For more information, please visit https://www.thoropass.com.
About Thoropass:
Thoropass are compliance experts so our clients don’t have to be. Pairing easy software that’s always getting smarter with expert guidance and continuous monitoring, we integrate into clients’ processes to prepare them to pass any audit, every year, with flying colors. Hundreds of growing companies use Thoropass’s automated compliance and audit solution, expert services, auditors and partner ecosystem to get and stay compliant over the lifetime of their business. We offer SOC 2, ISO 27001, GDPR, HIPAA, HITRUST, and other infosec and privacy frameworks.
Partnership Contact:
Francois Grenier, Senior Director of Platform Partnerships
[email protected]
[New York, Aug 22, 2023] – Thoropass, the only automated compliance and audit solution to include in-house auditors at every step of the compliance journey, is excited to announce the deepening of its relationship with Amazon Web Services (AWS) by making its solution available in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on AWS.
This AWS Marketplace listing marks a significant milestone in Thoropass’s growth, both in extending its offerings to more prospective customers and in expanding its robust Partner Ecosystem. Availability in AWS Marketplace further enhances Thoropass’s ability to support startups in becoming, and enterprises in staying, compliant by improving discoverability for AWS customers. Having Thoropass’s products available in AWS Marketplace gives customers the flexibility to shop at their own pace and get helpful information in more places.
“Startups need compliance but don’t always know where to start. Thoropass is designed to help them get there. We are excited about the opportunities of working with AWS and look forward to driving mutual success,” says Francois Grenier, Senior Director of Partnerships at Thoropass.
The ability to sell through AWS Marketplace exponentially expands market reach and opens up new selling opportunities for Thoropass. With our availability in AWS Marketplace, Thoropass continues to accelerate its reach and establish itself as a leading provider in the industry.
Thoropass is now generally available in AWS Marketplace. For more information on Thoropass and its solution, please visit: https://thoropass.com/platform/amazon-web-services/.
For more information, please visit https://thoropass.com.
Thoropass are compliance experts so our clients don’t have to be. Pairing easy software that’s always getting smarter with expert guidance and continuous monitoring, we integrate into clients’ processes to prepare them to pass any audit, every year, with flying colors. Hundreds of growing companies use Thoropass’s automated compliance and audit solution, expert services, auditors, and partner ecosystem to get and stay compliant over the lifetime of their business. We offer SOC 2, ISO 27001, GDPR, HIPAA, HITRUST, and other infosec and privacy frameworks.
Media Contact:
Chris Gerben, Director of Brand and Content at Thoropass.
