SafeBase Blog

Annual Vendor Risk Assessment: 2021 vs 2022

What was the difference? More of our vendors have a SafeBase portal!

Marisa DiMuro

September 20, 2022

New: JIRA Integration

Use JIRA to manage your workflows? This new integration is for you!

Jack Brown

September 1, 2022

Employee Spotlight: Orel Regev

To kick off our new Employee Spotlight, we spoke to Orel from our product team.

Marisa DiMuro

September 1, 2022

SafeBase First Annual Company Retreat

Reflecting on those Miami memories.

Marisa DiMuro

August 26, 2022

4 Clever Ways Customers Are Using SafeBase

We love seeing all the new ways customers are using SafeBase - here are a few of our recent favorites.

Marisa DiMuro

July 29, 2022

Single Sign-On (SSO): The Identity Solution Everyone is Talking About

A deep dive into how SSO is dramatically changing how businesses manage user identities.

Marisa DiMuro

July 22, 2022

RSA, Gartner, and Audits, Oh My!

Check out everything SafeBase has been busy doing this month.

Marisa DiMuro

June 30, 2022

It’s Official, We Took The SOC 2 Plunge!

The process was a breeze. Read on to see how SafeBase completed a SOC 2 Type 2 audit with relatively few issues.

Marisa DiMuro

June 16, 2022

Feature Spotlight: Subprocessors

Maintain transparency by showcasing your subprocessors with the newest feature from SafeBase.

Marisa DiMuro

May 23, 2022

Security Culture: The Basis of an Organization’s Internal Due Diligence

Establishing a healthy security culture is crucial whether you’re a startup or a Fortune 500 company.

Marisa DiMuro

May 12, 2022

The Adoption of The YubiKey, May Be The Key

In this blog post we do a deep dive into one of the most popular tools for securing organizations: the Yubikey.

Marisa DiMuro

April 28, 2022

Feature Spotlight: Multi Product

In this post we take a look at one of the newest SafeBase features: Multi Product.

Marisa DiMuro

April 14, 2022

A Look Inside a Benchmark Model In InfoSec: CIA Triad

With so much buzz about ways to protect our data, let’s take a deeper look at the three elements of data that our organizations are consistently working towards securing.

Marisa DiMuro

March 31, 2022

Building a Smart Trust Center: Best Practices from Security Professionals

As a vendor, security assessments can be very time consuming. Countless emails, questionnaires, and document requests create bottlenecks in the sales cycle.

Kevin Qiu

March 17, 2022

SafeBase, Inc. Raises $18 Million Series A Round to Develop Security Trust Centers for Companies

Funding led by NEA to help companies speed security reviews with self-serve access.

Al Yang

March 10, 2022

We’re proud to announce our $18M series A funding

Our mission - to create a world in which companies with great security programs are rewarded for their efforts.

Al Yang

March 10, 2022

Automating Your GRC Program: Lessons Learned by CIOs and Security Professionals

Automating Governance, Risk, and Compliance (GRC) can help an organization streamline the process and improve efficiencies. But with the growing number of tools and technologies available, where do you start? In this webinar, we discussed new types of tools that can help GRC professionals, reviewed the limitations of these tools, and shared best practices and lessons learned for improving your organization’s GRC program. Hosted by former CIO and CISO Drew Daniels, our panelists included Senior Risk & Compliance Engineer at Instacart Blake Hoge, Director of Security and Compliance at Stride Dwight Doscher, and VP of Security & Compliance at BookNook Jack Roehrig.

Kevin Qiu

February 23, 2022

Demystifying 3rd Party Risk: SaaS Discovery and Why It Matters

Third party risk management is top of mind for CISOs and security professionals today. In the first of this three-part series, CISO and CIO Drew Daniels will join us to talk about why 3rd party risk management is a critical issue for modern SaaS companies and how to navigate it. You’ll learn how to collaborate with Finance and Legal teams to create a sustainable vendor management process for companies of all sizes.

Kevin Qiu

January 26, 2022

Deep Dive into the SIG Questionnaire

In this post we take a deeper look into the Shared Information Gathering (SIG) Questionnaire and discuss its benefits and ability to reduce custom questionnaires during the sales process.

Kevin Qiu

January 12, 2022

Blog Post - Feature Spotlight: Trust Center Updates

In this post we take a look at one of SafeBase's newest features: Trust Center Updates.

Kevin Qiu

January 11, 2022

Security Update - Log4j

This page will provide an overview of any information related to the recent Log4j vulnerability that we will be sharing with customers.

Kevin Qiu

December 13, 2021

Demystifying SOC 2 for Small Businesses

In this webinar with our friends at Armanino, we covered a variety tips and myths related to the popular SOC 2 audit that many SaaS businesses are required to go through.

Kevin Qiu

December 6, 2021

Improving Customer Account Management with Security Transparency

Proper Customer Account Management is a critical part of any successful SaaS company. What most organizations fail to do however, is factor security into this process. In this post we highlight several ways that Customer Success teams can use security to improve a customer's perception and trust.

Kevin Qiu

November 15, 2021

SafeBase Presents: Ransomware Readiness with Matt Roeckel

SafeBase is excited to host a conversation with Matt Roeckel, Senior Director of IT and Information Security at feature flag platform Split. During this fireside chat we’ll be covering a variety of discussion points around ransomware, which has been wreaking havoc across organizations around the world over the past few years. We’ll go over how ransomware operates, elaborate on why it can be so destructive, and most importantly, offer some key tips on how organizations can implement effective security measures to reduce the chance of a devastating ransomware attack. This is a webinar you won’t want to miss!

Kevin Qiu

November 11, 2021

SafeBase Presents: How Netflix is Saving Cybersecurity with Craig Goodwin, Co-founder and Chief Product & Strategy Officer at Cyvatar

During this webinar we spoke with Craig Goodwin, Co-Founder & Chief Product and Strategy Officer of Cyvatar about how a subscription model inspired by Netflix can fundamentally change the way security vendors provide value for customers.

Kevin Qiu

November 2, 2021

Why Your Organization Needs Cyber Insurance

In this post we discuss the rise of Cyber Insurance and its benefits for organizations looking to reduce the impact of security incidents

Kevin Qiu

November 1, 2021

Tips for Cybersecurity Awareness Month

In this blog we provide an overview of several useful tips for staying secure on the internet.

Kevin Qiu

October 5, 2021

Finally, a Subscription for Security Folks

In this post we dive into SafeBase's new Subscribe feature and provide an overview of common use cases for security teams.

Kevin Qiu

September 29, 2021

How to Sell to a Fortune 500 CISO

We’re excited to host a conversation with Sameer Sait, former CISO of Whole Foods. During this webinar we will be discussing the typical processes that senior security leaders go through when evaluating software for their organizations. We’ll be covering topics such as cold calling, third party vendor reviews, enterprise security needs, and more. See you there!

Kevin Qiu

August 31, 2021

The Future of Security: Transparency and Affordability

Our very own Kevin Qiu recently had a conversation with our good friend Grant Wernick from Fletch around the topics of transparency and affordability in the security industry.

Kevin Qiu

August 26, 2021

Tips on Getting into the Cybersecurity Industry (Part 2)

We’re excited to host a conversation with Catherine Tanner, CEO of 3P&T Security Recruiting. She has several years of experience in recruiting for security positions ranging from analysts all the way to executives. She takes pride in using her network of Information Security professionals to find the right person to fit with a client's culture and vision for the future. In her words, “Everyone should enjoy going to work as much as I do!”

Kevin Qiu

August 24, 2021

Tips on Getting into the Cybersecurity Industry (Part 1)

We recently hosted a conversation with Deidre Diamond, Founder and CEO of CyberSN, a full-service job-seeker and recruitment partner for cyber security. During this webinar we address common topics around the job hunting process for entry level security candidates, including the different types of roles that employers are looking for, the value of certifications and certificate programs, and CyberSN’s upcoming job marketplace launch.

Kevin Qiu

July 22, 2021

A Brief Overview of Standardized Security Questionnaires

In this blog post we discuss several common standardized security questionnaires that IT and security teams typically use during the vendor due diligence process.

Kevin Qiu

July 15, 2021

The Start-Up’s Quick Guide to Privacy

Advice for start-ups that can help them build and operate privacy-friendly solutions.

Brendan Seaton

June 22, 2021

The Evolution of Cybersecurity Tools (Part 2)

This is Part 2 of the review of cybersecurity tools where we look at how the tools have evolved in response to the increase in frequency and severity of security breaches.

Kevin Qiu

June 14, 2021

The Evolution of Cybersecurity Tools (Part I)

Long gone are the days when a firewall and a set of boxed software were sufficient to fend off the usual computer attack. Just as the internet has matured, so has everything with it, from the amount of personal and financial data that we store online to the complexity of the networks which carry and store that data.

Kevin Qiu

June 7, 2021

Notable Security Engineer Interview Questions

A look at a couple of relatively open-ended security engineer interview questions that go beyond simple knowledge/definitions.

Kevin Qiu

June 2, 2021

Easy Custom Security Alerts for Google Cloud

A review of the findings from setting up alerts across AWS, Microsoft Azure, and Google Cloud.

Kevin Qiu

May 27, 2021

CCPA: The Benefits of Voluntary Compliance

As users continue to expect more control over their online personal data, many businesses are considering becoming CCPA compliant even when it’s not required.

Phillip Walters

May 13, 2021

SaaS Vendors and SOC 2 Sharing

I recently had the experience of requesting SOC 2 reports from all of our vendors and recap the aggregate learnings from this exercise. Read on to learn about the wide range of outcomes from my SOC 2 report requests.

Kevin Qiu

May 4, 2021

Why are password managers so important?

A password manager is a tool that is used to securely store passwords, credit card numbers, PIN numbers, and other types of sensitive information. These passwords are in turn encrypted by a master password, one that should be complex enough so that no one can guess it.

Kevin Qiu

April 19, 2021

What in the world is an MDM? Should my startup be using one?

Have you ever had to wait hours for IT to install a printer for you? Maybe you've lost a company laptop and freaked out about the files on it? What about waiting for IT to approve a new productivity tool with their admin account? Fear not! MDM solutions are here to make that a thing of the past.

Kevin Qiu

April 6, 2021

SafeBase Webinar: Security Best Practices for Early-Stage Startups

A talk with Chris Castaldo and Kevin Qiu.

Stan Chang

March 29, 2021

Security for Early-Stage Startups

We've created an easy-to-follow security checklist for early-stage startups that want to improve their security posture. Get the insights you need to make your company and product more secure.

Kevin Qiu

February 24, 2021

What Startups Need to Know About Enterprise Customers’ Security Needs

We spoke with the CISO of Paychex about how startups should approach enterprise security.

Al Yang

October 16, 2020

What Enterprise CISOs Want to See from Startup Security Programs

We spoke with two CISOs about what they expect from startups during the security assessment process.

Stan Chang

October 16, 2020

What Startups Need to Know About How Enterprise Customers Evaluate Vendor Security

We interview the CISO of Zendesk to learn how he inspects vendor security programs.

Al Yang

October 16, 2020

Featured
1. SaaS Vendors and SOC 2 Sharing
2. Notable Security Engineer Interview Questions
3. SafeBase Webinar: Security Best Practices for Early-Stage Startups
Categories
SafeBase Events
Employee Spotlight
Feature Spotlight
Privacy
Information Security
CCPA
Webinar
Case Studies
SOC2
Startup
Enterprise security
© 2022 SafeBase, Inc.
Product
HomeFeaturesPricing
resources
BlogSystem StatusSecurity & TrustHelp Center
company
CareersPrivacy PolicyTerms of ServiceContact Us
Read more SafeBase reviews