Photo by Matthew Henry on Unsplash

Our Investment in HyperComply: Building The B2B Trust Layer For Software Companies

Ameet Shah
Golden Ventures
Published in
4 min readSep 8, 2022

--

Early in my career, I spent time as a Sales Engineer, working for a software company that was selling a cloud solution to the enterprise. Before any sale could be complete, we would have to complete a security audit and fill out an extensive questionnaire to satisfy the buyer’s procurement, legal and security teams. These questionnaires could be two-hundred questions or more, and it was an entirely manual process. This process took hours of engineering time and took at least a week or two to turn around for our sales team. Compliance was and is a necessary evil between buyers and sellers of software. Then, and even now, both sides are limited with the tooling they have to support the process.

Two decades later, SaaS in the enterprise has exploded. Teams are filling out those same questionnaires through Excel and custom portals, representing a massive opportunity to streamline the interactions between sales, procurement and security teams. We believe these problems are great use cases for Applied AI, one of our favourite categories to invest in at the fund (BenchSci, Forma, Marble, Vetted, etc.)

Today, we’re excited to announce HyperComply’s $6.4M seed round investment. Co-founders Amar Chahal (CEO) and Cody Wright (CTO) have the vision to change how companies do business together by helping them build trust without needing tedious processes. They imagine a future where companies should be able to assess risk in a single click, instantly seeing whether another company meets security and compliance requirements. They aim to become the source of truth for third-party risk management, enabling companies to quickly and effectively digest SOC 2, HIPAA, PCI, and other compliance information.

We are excited to co-lead this round with our friends at Firstmark Capital and with participation from Panache, Garage and several notable angels.

Adding vendors to your workflow has a multiplier effect on the risk of potential security breaches. Procurement teams ask vendors to detail their security posture before signing contracts to mitigate this. Resource constrained sales teams are forced to fill out pages of security questionnaires via custom spreadsheets or web portals for each company. This often requires input from many organizational stakeholders, and the knowledge is often ever-changing and lives in silos. The assessment itself is static and is quickly outdated. Amar and Cody experienced this problem firsthand at Vidyard and decided to take the plunge to solve this growing problem.

Wait, doesn’t SOC 2 solve this?

SOC 2 is a broad framework adopted differently by every company based on its own goals and operations. Companies must conduct vendor due diligence to maintain SOC 2 compliance, and human auditors remain a required part of the process, which necessitates the security questionnaire. In fact, HyperComply partners with SOC 2 providers to make it easier for their customers to manage the process.

The company serves sales teams on the vendor side and procurement and risk teams on the purchaser side. They’ve been working with sales teams for over three years, and their product for procurement teams is now live. With today’s launch, procurement teams can get started for free using Due Diligence to send template security questionnaires to their vendors. And if they decide to move forward with the agreement, they can also set up automatic review cycles to check back in with that vendor next quarter or year.

Companies using HyperComply are building and maintaining trust with their counterparts in a fraction of the time. With their product, customers spend ~34 minutes completing questionnaires compared with days of effort using manual processes.

The love for HyperComply is real!

  • When we first met the team, we introduced them to several portfolio companies, which quickly became customers, showcasing how powerful their solution was.
  • Sales teams can shorten sales cycles without having to wrangle a bunch of people internally to close the deal.
  • Security teams can focus on high-value security work rather than answering repetitive questions.
  • Companies purchasing software get formatted questionnaire responses and can onboard the tools they need faster.

In the last few years, they’ve saved companies like Alloy, Fullstory, Heap, Salesloft, and Affinity tens of thousands of hours responding to security questionnaires.

The Golden Ventures team is thrilled to partner with Amar, Cody, and the HyperComply team. They’re hiring for several roles in Toronto, New York City and remote.

--

--

Ameet Shah
Golden Ventures

Partner @goldenventures. Prev: GM @zynga, Founder @fivemobile (acq’d)