From compliance automation through audit, the Thoropass compliance delivery platform helps you get and stay compliant.
Modern audits delivered by expert auditors
Maintain compliance with real-time monitoring and alerts
Identify vulnerabilities with CREST-accredited pentest experts
Leverage AI for smarter compliance solutions
Streamline audits and improve accuracy with evidence automation
Simplify user reviews to enhance security
Automate responses to security questionnaires
Track and mitigate security risks in one place
Seamlessly connect your tools for streamlined compliance
Audits done the modern way. Leverage AI-powered compliance solutions with expert guidance for seamless, scalable audits.
From controls to audit, rapidly achieve infosec compliance with a single vendor
Manage your risk and streamline compliance
Meet your auditor on day 1 and eliminate any surprises
Discover proven compliance outcomes in the words of our customers.
Catch up on the latest industry trends and expert insights
Watch the latest webinar or meet us in person
Expert-curated resources for your compliance journey
A "true crime" styled podcast for anyone in the compliance industry
Actionable tools for your compliance journey
Implement audit-ready compliance solutions for friction-free infosec compliance outcomes.
Go beyond readiness with unmatched expertise
Stay updated with the latest Thoropass news and insights
Join the team that's reimagining compliance
Let's make compliance easier—together
We're committed to unbiased audits and superior service
Customer Stories / Ternary
Ternary is a multi-cloud FinOps platform that brings customers’ complex cloud billing into a unified view for detailed analysis and actionable insights. Customers trust Ternary to keep their technology investment data safe with a high level of security.
From the beginning, Joshua Kwan, Co-Founder and Chief Technology Officer (CTO) at Ternary, designed the platform with compliance as a core priority. However, as an agile startup, the company’s rapid development pace meant that not all policies and procedures were formally documented.
As the business started to accelerate, the Ternary team spent an increasing amount of time responding to security questionnaires, and more customers in the sales cycle began expecting SOC 2 attestation.
That led Joshua to explore what it would take to achieve SOC 2 compliance. Joshua had experience with a traditional SOC 2 audit at a different company, leading him to believe the process would be painful.
The Ternary team explored several automation platforms, preferring a self-service option to a consultant.
Joshua explained, “while we believed that our security practices were strong from the start, we knew that the process of auditing could still be arduous and would require further documentation. Therefore, we were looking for a platform that could help automate the process as much as possible.”
Ternary found that Thoropass had the best of both worlds: an easy-to-use automation platform and hands-on support to answer questions and streamline the process.
Some of Joshua’s favorite features were Thoropass’ project management capabilities. With guidance from his Customer Success Manager (CSM), he assigned upcoming tasks to himself and others on his team, prompting reminders. That helped them collect evidence on a regular basis instead of spending hours scrambling before an audit.
Touching on this, Joshua explained, “I get alerted by Thoropass when I have to upload my network security report. I just log into the site and do it right then, and I’m done for the quarter.”
For Joshua, the most difficult SOC 2 requirement was determining how to do risk assessments. His CSM helped distill it into a fill-in-the-blank process.
“Pick who you use for your application security scanning, pick who you use for your network security scanning, pick how you do your access reviews. There was a module for everything. Thoropass gave us a really good framework,” stated Joshua.
Thoropass’ all-in-one audit experience also exceeded his expectations, with prompt and helpful communication from the auditors.
With all of their prep work and prompt follow-through, the Ternary team completed their SOC 2 Type 1 evidence collection in under one month. And their final report was issued just two days after the draft.
In addition to the time efficiencies the Ternary team saw with their Type 1 report, once the initial work for their Type 1 was completed, the additional remediation work for their Type 2 was minimal. With just a few hours of work a week, Ternary was able to receive their SOC 2 Type 2 report quickly to meet the growing demand. Now, they can increase new customer confidence by checking “yes” on security questionnaires–and move the sales process along more quickly.
In honor of their impressive teamwork, the Thoropass team gave Ternary the Trailblazer Award, which recognized their relentless focus on getting things done efficiently without compromising on security.
In response to winning the Trailblazer Award, Joshua stated: “we’re honored to be recognized. Our team put in the work to follow all the instructions from Thoropass, and I’m pleasantly surprised that it worked out in such a phenomenal way. We were able to go through all the steps super quickly and remain responsive. It was a win for everyone involved.”
Talk with one of our experts to build your custom path to compliance and take advantage of Thoropass’s thoughtful automation, expert guidance, and security audit experience.
PCI DSS, SOC 2
HITRUST, SOC 2
