The SafeBase Blog - A Digital Resource for Trust and Security

SafeBase Recognized as a Best Workplace

We are excited to announce that Inc. Magazine has selected SafeBase as one 2023's Best Workplaces!

June 2, 2023

How Your Company Can Responsibly Use Generative AI

With the development of generative AI, it's important to be proactive when it comes to security. Here are a few tips to help your company think about responsible use of Generative AI.

Nate Walker

June 2, 2023

How to Enhance Your Existing Trust Communication Strategy with SafeBase

Learn how SafeBase can help your organization go beyond a static Trust and Security page.

Sarah Trainor

May 24, 2023

A (Near) Passwordless Future at SafeBase

Learn how the Security team at SafeBase was able to greatly reduce the need for passwords for employees and SaaS services.

Kevin Qiu

May 19, 2023

Introducing the SafeBase Trust Alliance

Learn more about the SafeBase Trust Alliance, the new community for trust-minded organizations.

Sarah Trainor

May 9, 2023

5 Trust Center Best Practices

Let's explore five best practices used by SafeBase customers within their Trust Centers.

Kevin Qiu

May 8, 2023

SafeBase Takes the Stage at the RSAC 2023 Innovation Sandbox

SafeBase co-founder and CEO Al Yang took the stage to show how SafeBase is removing the friction from B2B security reviews. Check out his full pitch here!

Sarah Trainor

April 27, 2023

Beyond Compliance: A Cyber Readiness Perspective

Matt Szczurek, SafeBase's Solutions Engineer, shares his unique perspective on cyber readiness developed while serving in the United States Air Force.

Matt Szczurek

April 10, 2023

How Sales Teams Can Better Leverage Security Information

Let's take a look at a few ways that sales teams can leverage security information to impress prospects, win deals, and build long-lasting customer relationships.

Sarah Trainor

April 5, 2023

SafeBase is Named a Leader in Vendor Security and Privacy Assessment

G2, the world’s largest and most trusted software marketplace, named SafeBase a category leader in their Spring report.

Sarah Trainor

March 30, 2023

New: Statuspage.io Integration

Connect directly to your Statuspage within your Smart Trust Center!

Sarah Trainor

March 28, 2023

What Does a Customer Trust Team Do?

We explore the concept of a "customer trust" team and how it differs from a traditional security team. Learn more in this blog.

Marisa DiMuro

March 28, 2023

SafeBase Selected as Finalist for RSA Conference 2023 Innovation Sandbox Contest

This prestigious contest highlights 10 of the most innovative young cybersecurity companies.

Sarah Trainor

March 21, 2023

SBOMs - The What & The Why

Explore the world of Software Bill of Materials (SBOMs) and gain a comprehensive understanding of what they are and why they are crucial for cybersecurity.

Nate Walker

March 21, 2023

SafeBase’s Customer Advisory Board Meeting Recap

A few takeaways from SafeBase's first in-person Customer Advisory Board meeting in Scottsdale.

Christine Thorne-Thomsen

March 15, 2023

SafeBase, Now with Webhooks!

We're so excited to announce that SafeBase customers on paid plans can now use webhooks to create their own helpful automations.

Sarah Trainor

March 7, 2023

Vital Security Tips for Tax Season

Be vigilant this tax season and don't fall prey to hackers or scams. We've compiled a few tips to help keep you secure.

Marisa DiMuro

February 6, 2023

Imagining a World Without Security Questionnaires

Let’s explore how SafeBase is striving for a world without security questionnaires.

Marisa DiMuro

January 24, 2023

Customer Trust 101: A Primer for Security & GRC Leaders

Defining "customer trust" and its critical role in organizational success. Learn how to build customer trust through cybersecurity best practices.

Catie Farrow Neuwirth

January 11, 2023

Five Commitments to Increase Customer Trust in 2023

Whether your customer trust program is well-established or just getting started, we’ve curated a list of commitments to help you on your journey.

Catie Farrow Neuwirth

January 11, 2023

What is a Trust Center?

What exactly is a Trust Center? How is it different from a security profile, vendor profile, or security status page? Does your org need one? This blog has all the answers.

Catie Farrow Neuwirth

December 28, 2022

Webinar Recap: "Building Trust with Enterprise Customers"

Recapping our biggest webinar of the year, and six essential takeaways.

Sarah Trainor

December 16, 2022

SafeBase Celebrates 2022: Customer Trust in the Limelight

This year, SafeBase customers made tremendous strides in building and maintaining trust with their customers and stakeholders.

Catie Farrow Neuwirth

December 12, 2022

Introducing the Data Privacy Card

The ability to break out data privacy information was our most requested feature of 2022, and now it's here!

Sarah Trainor

November 30, 2022

Introducing Granular Access and Expiration Controls

Two of our most-requested features are now available!

Sarah Trainor

November 10, 2022

Employee Spotlight: Marisa DiMuro

We turned the tables on our usual author, Marisa, and made her the focus of this month's employee spotlight!

Sarah Trainor

November 7, 2022

SafeBase Featured on the CISO Series

SafeBase recently appeared on the CISO Series live show "Super Cyber Friday" and the podcast "Cyber Security Headlines." Check out our recap here!

Sarah Trainor

November 3, 2022

Introducing Warehouse Sync

We are so excited to announce that SafeBase Enterprise customers can now sync Smart Trust Center data directly to Snowflake, BigQuery, Redshift, S3, and other major data warehouses - with no code required.

Sarah Trainor

November 3, 2022

Cybersecurity Awareness Month 2022

Our customers shared a few cybersecurity tips with us. Take a look!

Marisa DiMuro

October 28, 2022

Employee Spotlight: Matt Szczurek

In our next edition of Employee Spotlight, we spoke to Matt from our security team.

Marisa DiMuro

September 30, 2022

Annual Vendor Risk Assessment: 2021 vs 2022

What was the difference? More of our vendors have a SafeBase portal!

Marisa DiMuro

September 20, 2022

New: JIRA Integration

Use JIRA to manage your workflows? This new integration is for you!

Sarah Trainor

September 1, 2022

Employee Spotlight: Orel Regev

To kick off our new Employee Spotlight, we spoke to Orel from our product team.

Marisa DiMuro

September 1, 2022

SafeBase First Annual Company Retreat

Reflecting on those Miami memories.

Marisa DiMuro

August 26, 2022

4 Clever Ways Customers Are Using SafeBase

We love seeing all the new ways customers are using SafeBase - here are a few of our recent favorites.

Marisa DiMuro

July 29, 2022

Single Sign-On (SSO): The Solution Everyone is Talking About

Learn how SSO is dramatically changing how businesses manage user identities and keeping your personal information safe.

Marisa DiMuro

July 22, 2022

RSA, Gartner, and Audits, Oh My!

From the RSA Conference to Gartner’s Security and Risk Management Summit, SafeBase was there!

Marisa DiMuro

June 30, 2022

It’s Official, We Took The SOC 2 Plunge!

The process was a breeze. Read on to see how SafeBase completed a SOC 2 Type 2 audit with relatively few issues.

Marisa DiMuro

June 16, 2022

Feature Spotlight: Subprocessors

Maintain transparency by showcasing your subprocessors with the newest feature from SafeBase.

Marisa DiMuro

May 23, 2022

Security Culture: The Basis of an Organization’s Internal Due Diligence

Establishing a healthy security culture is crucial whether you’re a startup or a Fortune 500 company. Discover how with SafeBase’s blog.

Marisa DiMuro

May 12, 2022

The Adoption of The YubiKey, May Be The Key

In this blog post we do a deep dive into one of the most popular tools for securing organizations: the Yubikey.

Marisa DiMuro

April 28, 2022

Feature Spotlight: Multi Product

In this post we take a look at one of the newest SafeBase features: Multi Product.

Marisa DiMuro

April 14, 2022

A Look Inside a Benchmark Model In InfoSec: CIA Triad

Let’s take a deeper look at the 3 elements of data that organizations are consistently working towards securing.

Marisa DiMuro

March 31, 2022

Building a Smart Trust Center: Best Practices from Security Professionals

As a vendor, security assessments can be very time consuming. Countless emails, questionnaires, and document requests create bottlenecks in the sales cycle.

Kevin Qiu

March 17, 2022

SafeBase, Inc. Raises $18 Million Series A Round to Develop Security Trust Centers for Companies

Funding led by NEA to help companies speed security reviews with self-serve access.

Al Yang

March 10, 2022

We’re proud to announce our $18M series A funding

Our mission - to create a world in which companies with great security programs are rewarded for their efforts.

Al Yang

March 10, 2022

Automating Your GRC Program: Lessons Learned by CIOs and Security Professionals

Automating Governance, Risk, and Compliance (GRC) can help an organization streamline the process and improve efficiencies. But with the growing number of tools and technologies available, where do you start? In this webinar, we discussed new types of tools that can help GRC professionals, reviewed the limitations of these tools, and shared best practices and lessons learned for improving your organization’s GRC program. Hosted by former CIO and CISO Drew Daniels, our panelists included Senior Risk & Compliance Engineer at Instacart Blake Hoge, Director of Security and Compliance at Stride Dwight Doscher, and VP of Security & Compliance at BookNook Jack Roehrig.

Kevin Qiu

February 23, 2022

Demystifying 3rd Party Risk: SaaS Discovery and Why It Matters

Third party risk management is top of mind for CISOs and security professionals today. In the first of this three-part series, CISO and CIO Drew Daniels will join us to talk about why 3rd party risk management is a critical issue for modern SaaS companies and how to navigate it. You’ll learn how to collaborate with Finance and Legal teams to create a sustainable vendor management process for companies of all sizes.

Kevin Qiu

January 26, 2022

Deep Dive into the SIG Questionnaire

In this post we take a deeper look into the Shared Information Gathering (SIG) Questionnaire and discuss its benefits during the sales process.

Kevin Qiu

January 12, 2022

Feature Spotlight: Trust Center Updates

Learn about the newest features available in SafeBase’s Trust Center with the help of the SafeBase blog. Click here for more info.

Kevin Qiu

January 11, 2022

Security Update - Log4j

This page will provide an overview of any information related to the recent Log4j vulnerability that we will be sharing with customers.

Kevin Qiu

December 13, 2021

Demystifying SOC 2 Audits for Small Businesses

In this webinar, our friends at Armanino covered a variety of tips and myths related to the popular SOC 2 audit that many SaaS businesses are required to go through.

Kevin Qiu

December 6, 2021

Improving Customer Account Management with Security Transparency

Proper Customer Account Management is a critical part of any successful SaaS company. What most organizations fail to do however, is factor security into this process. In this post we highlight several ways that Customer Success teams can use security to improve a customer's perception and trust.

Kevin Qiu

November 15, 2021

SafeBase Presents: Ransomware Readiness with Matt Roeckel

SafeBase is excited to host a conversation with Matt Roeckel, Senior Director of IT and Information Security at feature flag platform Split. During this fireside chat we’ll be covering a variety of discussion points around ransomware, which has been wreaking havoc across organizations around the world over the past few years. We’ll go over how ransomware operates, elaborate on why it can be so destructive, and most importantly, offer some key tips on how organizations can implement effective security measures to reduce the chance of a devastating ransomware attack. This is a webinar you won’t want to miss!

Kevin Qiu

November 11, 2021

SafeBase Presents: How Netflix is Saving Cybersecurity with Craig Goodwin, Co-founder and Chief Product & Strategy Officer at Cyvatar

During this webinar we spoke with Craig Goodwin, Co-Founder & Chief Product and Strategy Officer of Cyvatar about how a subscription model inspired by Netflix can fundamentally change the way security vendors provide value for customers.

Kevin Qiu

November 2, 2021

Why Your Organization Needs Cyber Insurance

In this post we discuss the rise of Cyber Insurance and its benefits for organizations looking to reduce the impact of security incidents

Kevin Qiu

November 1, 2021

Tips for Cybersecurity Awareness Month

In this blog we provide an overview of several useful tips for staying secure on the internet.

Kevin Qiu

October 5, 2021

Finally, a Subscription for Security Folks

In this post we dive into SafeBase's new Subscribe feature and provide an overview of common use cases for security teams.

Kevin Qiu

September 29, 2021

How to Sell to a Fortune 500 CISO

During this webinar we will be discussing the typical processes that senior security leaders go through when evaluating software for their organizations.

Kevin Qiu

August 31, 2021

The Future of Security: Transparency and Affordability

Our very own Kevin Qiu recently had a conversation with our good friend Grant Wernick from Fletch around the topics of transparency and affordability in the security industry.

Kevin Qiu

August 26, 2021

Tips on Getting into the Cybersecurity Industry (Part 2)

We’re excited to host a conversation with Catherine Tanner, CEO of 3P&T Security Recruiting. She has several years of experience in recruiting for security positions ranging from analysts all the way to executives. She takes pride in using her network of Information Security professionals to find the right person to fit with a client's culture and vision for the future. In her words, “Everyone should enjoy going to work as much as I do!”

Kevin Qiu

August 24, 2021

Tips on Getting into the Cybersecurity Industry (Part 1)

We recently hosted a conversation with Deidre Diamond, Founder and CEO of CyberSN, a full-service job-seeker and recruitment partner for cyber security. During this webinar we address common topics around the job hunting process for entry level security candidates, including the different types of roles that employers are looking for, the value of certifications and certificate programs, and CyberSN’s upcoming job marketplace launch.

Kevin Qiu

July 22, 2021

A Brief Overview of Standardized Security Questionnaires

In this blog post we discuss several common standardized security questionnaires that IT and security teams typically use during the vendor due diligence process.

Kevin Qiu

July 15, 2021

The Start-Up’s Quick Guide to Privacy

Advice for start-ups that can help them build and operate privacy-friendly solutions.

Brendan Seaton

June 22, 2021

The Evolution of Cybersecurity Tools (Part 2)

This is Part 2 of the review of cybersecurity tools where we look at how the tools have evolved in response to the increase in frequency and severity of security breaches.

Kevin Qiu

June 14, 2021

The Evolution of Cybersecurity Tools (Part I)

Long gone are the days when a firewall and a set of boxed software were sufficient to fend off the usual computer attack. Just as the internet has matured, so has everything with it, from the amount of personal and financial data that we store online to the complexity of the networks which carry and store that data.

Kevin Qiu

June 7, 2021

Notable Security Engineer Interview Questions

A look at a couple of relatively open-ended security engineer interview questions that go beyond simple knowledge/definitions.

Kevin Qiu

June 2, 2021

Easy Custom Security Alerts for Google Cloud

Discover how to enhance your security on Google Cloud with easy custom security alerts. Boost your cloud security today!

Kevin Qiu

May 27, 2021

CCPA: The Benefits of Voluntary CCPA Compliance

As users continue to expect more control over their online personal data, many businesses are considering becoming CCPA compliant even when it’s not required.

Phillip Walters

May 13, 2021

SaaS Vendors and SOC 2 Sharing

I recently had the experience of requesting SOC 2 reports from all of our vendors and recap the aggregate learnings from this exercise. Read on to learn about the wide range of outcomes from my SOC 2 report requests.

Kevin Qiu

May 4, 2021

Why Password Managers are Essential for Your Online Security

Learn why password managers are crucial for online security and how they can help protect your personal information. Get expert tips and recommendations for choosing and using password managers effectively.

Sarah Trainor

April 19, 2021

What in the world is an MDM Solution?

With the rise in remote work, MDM solutions are quickly becoming a valuable way for IT teams to ensure that company smartphones and laptops remain secure.

Kevin Qiu

April 6, 2021