Blog and compliance - SaaS Brief

Dear SaaStr: What’s It Like Being Beaten Up by Investors?

SaaStr

OCTOBER 26, 2024

But as a compliance application, we found that at least for today, it decreased compliance when the end user had to download the app. For example, I recently sat through a pitch where the VCs beat up the founder of a browser-centric product for not having a native mobile app. His response?

compliance

compliance Mobile Sales

The Bar Has Gone Up: The New Era of HyperFunctional SaaS with Jason Lemkin

SaaStr

OCTOBER 16, 2024

Security and compliance are strong, with Wiz turning down billions from Google. And we talked about security compliance. There is no downturn in security compliance. There is no downturn in security compliance. But Zscaler , CrowdStrike, Rubrik , for all of these folks in security compliance, there is no downturn.

Sales Hiring

Sales Hiring Scale AI SaaS

The Keys to Getting to $500M ARR In Just 7 Years with Attentive’s CEO

SaaStr

JANUARY 26, 2025

The Core Problem: Mobile Changed Everything The Market Forces at Play: Consumer attention was fragmenting Traditional marketing channels were losing effectiveness Mobile shopping sessions exploded: 2014: 15% of shopping on mobile 2018: 40% of shopping on mobile 2024: Nearly 75% of shopping on mobile The Marketing Crisis: Lower ROI on existing channels (..)

Technical Review

Technical Review Payment Solutions Scale Payment Services

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Revenue Recognition: Ensuring Compliance and Accuracy

Blulogix

NOVEMBER 18, 2024

By BluLogix Team Revenue Recognition: Ensuring Compliance and Accuracy What is RevRec and how does it impact accurate reporting for compliance and financial integrity? Regulatory Compliance : Compliance with accounting standards is crucial to avoid legal issues and penalties.

Payment Services

Payment Services Payments compliance SaaS Payments

IBM’s $7B Bet on Vertical AI and What It Means for SaaS Founders

SaaStr

FEBRUARY 5, 2025

Key areas to watch: Model Efficiency Innovations Enterprise Data Integration Tools Vertical-Specific AI Platforms Industry-Specific AI Applications Governance and Compliance Solutions As always in SaaS, the winners will be those who can move quickly while building sustainable, differentiated solutions.

AI

AI Scale SaaS Government

Top 7 CCPA Compliance Tools in 2024

Scytale

DECEMBER 5, 2024

If you’re running a SaaS business that handles the personal data of California residents and are not actively addressing CCPA compliance, you’re missing a seriously big piece of the puzzle. If the thought of navigating compliance feels like an endless maze of legal jargon, you’re in luck. Can’t you just handle it yourself?

compliance

compliance Technical Review Systems Review Software Review

How to Meet ADA Website Compliance

Neil Patel

OCTOBER 6, 2020

The terms “website accessibility” and “ADA website compliance” are increasingly being bounced around in the online business world—there’s a good chance you’ve heard of it. But many people still don’t know what, exactly, ADA website compliance means—or how it can impact a business. So why bother?

compliance

compliance Software Review Technical Review Transportation

5 Key Things You Need to Know About AI Data Privacy in 2025 (and Why It Matters) with Skyflow’s CPO

SaaStr

FEBRUARY 1, 2025

The New Governance Layer AI-specific data governance policies Automated compliance monitoring Audit trails for model training and inference 5. Access Control 2.0 You need: Model-level access controls Data-level access controls Training-level access controls Inference-level access controls C.

AI

AI Data Government ChatGPT

The Enterprise Journey: 8 Keys to Going Upmarket Successfully with Workiva’s CEO Julie Iskow

SaaStr

JANUARY 23, 2025

Focus on: Building robust security and compliance (SOC 2, ISO 27001) Automating customer onboarding/offboarding Creating enterprise-grade support processes Developing procurement relationship expertise Having clear data handling procedures 5. If one does and one doesn’t, you know it’s the person not the motion.

Enterprise

Enterprise Sales Hiring Scale Outsourced Development

Top 5 Risk and Compliance Trends for 2025

Scytale

FEBRUARY 25, 2025

As technology continues to evolve, compliance industry trends and requirements adapt accordingly. Compliance trends in 2025 continue to be influenced by emerging technologies such as artificial intelligence, Internet of Things, blockchain, and cloud computing.

compliance

compliance Artificial Intelligence Trends Cybersecurity

Mastering Growth in the AI Era: How to Stand Out, Acquire Customers, and Raise VC Dollars with B Capital, Zetta, and Glasswing

SaaStr

MARCH 18, 2025

This represents an under-recognized opportunity for B2B AI startups focusing on compliance, risk management, and administrative controls. Large enterprises have an immediate need for governance solutions to handle AI at scale.

Technical Review

Technical Review Artificial Intelligence AI Marketplace as a Service

Approaching Half a Million Customers: How to Win in SMB with BILL CEO and Founder René Lacerte

SaaStr

OCTOBER 23, 2024

With a trillion in payment volume coming through BILL in the last five years, managing the payment and compliance engine has required an ongoing effort of a sizable team. BILL knows how to manage money and risk, and they made that happen in the platform, which creates that moat.

SMB

SMB Payment Services Payments Payment Methods

9 Best HIPAA Compliance Tools in 2024

Scytale

OCTOBER 30, 2024

Well, if you haven’t, it’s best we dive in quickly (before non-compliance lands your business in some serious sh@#). Whether you’re a healthcare provider, a SaaS company in the healthcare space, or any other business dealing with Protected Health Information (PHI) , HIPAA compliance is non-negotiable.

Payment Services

Payment Services compliance Payment Solutions Payment Methods

Penetration Testing vs. Compliance Audits: What’s the Difference?

Scytale

DECEMBER 3, 2024

When it comes to keeping your business secure and meeting regulatory requirements, two big concepts often pop up: penetration testing and compliance audits. Beyond compliance, it simply makes good business sense. What are Compliance Audits? Both are essential, but they’re not the same thing. Sounds intimidating, right?

compliance

compliance CTO Hire Technical Review Software Review

The #1 and #2 Reasons I See Sales Execs Fail Today

SaaStr

FEBRUARY 1, 2025

Security compliance? Ok and the #2 reason seasoned sales execs (and others) fail: They Just Arent Curious Anymore I get it. How many times can you sell somewhat sorry but boring SaaS products? Voice APIs? Call center analytics? They can be interesting but only if you truly curious. If you arent, you never learn anything new.

Sales Hiring

Sales Hiring Sales compliance Interviewing

Billing System Migration: How to Nail It?

Subscription Flow

OCTOBER 10, 2024

In this blog, we will explore why companies migrate to a new billing system, the pain points of billing system migration, the best practices to overcome these obstructions, and SubscriptionFlow’s tailored solutions that guarantee your business a seamless transition. Our platform, SubscriptionFlow, is a billing system migration expert.

Payment Solutions

Payment Solutions Payment Services Systems Review SaaS Payments

Achieving SOC 2 Type 2 Compliance: Pro Tips Inside

Scytale

OCTOBER 22, 2024

When you first hear the term “SOC 2 Type 2 compliance,” it might sound like you’re entering some kind of information security maze. Whether you’re just starting out or are somewhere in the middle of the journey, SOC 2 Type 2 compliance is designed to help your business strengthen customer trust. But guess what? It doesn’t have to be.

compliance

compliance Systems Review Technical Review Company Culture

SOC 2 Audit: The Essentials for Data Security and Compliance

Scytale

FEBRUARY 6, 2024

It’s data security and compliance. But the importance of data security and compliance is old news, and customers no longer prefer companies with robust security standards – they demand it. However, it’s no walk in the park, and the compliance landscape is everything but beginner-friendly.

compliance

compliance Technical Advisors Data SaaS

Growing your SAM: Making the Leap from Small to Midsize-Business Customers

SaaStr

MARCH 19, 2021

We created a product that was simple to use for entrepreneurs who were juggling a thousand different priorities and didn’t have (and didn’t want) an expertise in regulation, compliance or sales tax. This blog post is brought to you by TaxJar. Who were the different stakeholders involved? What were their challenges?

Scale

Scale Business Finance compliance

My App Stack: Shrav Mehta, Founder and CEO of Secureframe

SaaStr

SEPTEMBER 10, 2023

What’s your top “undiscovered gem” — an app you love but others may not have heard of?

AWS

AWS compliance AI Startup

What is HIPAA Compliance and Why is it a Must for Your Company?

Scytale

SEPTEMBER 3, 2024

Many organizations struggle to find a clear path to HIPAA compliance. They are constantly led off course by trying to understand the complicated terminology, policies and requirements surrounding compliance. They investigate complaints, conduct compliance reviews, and provide education and outreach to foster compliance.

Payment Services

Payment Services compliance Technical Review Healthcare

5 Interesting Learnings From Avalara at $600,000,000 in ARR

SaaStr

JULY 22, 2021

Avalara manages a big problem — tax and related compliance automation. And importantly, while the very largest partners support multiple vendors for tax compliance, the vast majority of small partners just deploy Avalara. Avalara is a leading public SaaS company we probably should all know more about.

Scale

Scale SMB compliance Churn

The Journey from Freemium to PLG to SLG: Key Learnings from Dropbox, Salesforce and Vimeo

SaaStr

FEBRUARY 26, 2025

The $10M ARR Rule for Enterprise Here’s a controversial but important take: If you’re under $10M ARR, stay away from Enterprise.

Enterprise readiness

Enterprise readiness Enterprise compliance Acquisition

The Top 10 Important Finance Mistakes First Time Founders Make

SaaStr

JANUARY 24, 2022

Removed from everyday business, she can only speak to the larger picture, which is important, but that’s often not enough with the fundamental processes of billings, collections, cash flow management, revenue reporting, corporate compliance and more. Mistake #9: Don’t forget about compliance. Compliance can be complicated.

Finance

Finance Outsourcing Services Systems Review Technical Review

5 Security Changes Your Company Needs to Make to Land Enterprise Deals from Secureframe

SaaStr

APRIL 28, 2021

At Secureframe , we help companies get enterprise ready by streamlining SOC 2 compliance and get them ready within weeks, rather than months. . Blog post sponsored by Secureframe. Unfortunately, the process is long and can feel like a blackbox for startups starting from scratch.

Enterprise

Enterprise Software Review Azure GCP(Google Cloud Platform)

5 Interesting Learnings from Box At $800,000,000 in ARR

SaaStr

JANUARY 6, 2021

Box calculates 7x expansion from its existing installed base: A big push into security & compliance to grow its TAM. We talked with CEO Aaron Levie in depth with this at the SaaStr Enterprise 2020 above.

Scale

Scale compliance Enterprise Scaling

Thanks to Drata, OnBoard, Qwilr, RevSure, and Workato for Sponsoring SaaStr Annual 2023!

SaaStr

DECEMBER 22, 2022

Replace manual GRC efforts, reduce costs, and save time preparing for audits and maintaining compliance. Drata is the world’s most advanced security and compliance automation platform with the mission to help companies earn and keep the trust of their users, customers, partners, and prospects.

Scale

Scale Onboarding Government compliance

Thanks to A-LIGN, Ada, Appcues, Duda, and Maxio for Sponsoring SaaStr Annual 2022!

SaaStr

AUGUST 25, 2022

A-LIGN is a technology-enabled security and compliance partner that helps global organizations take a strategic approach to confidently mitigate cybersecurity risks.

Cybersecurity

Cybersecurity Scale compliance Payment Features

Balancing Hyper Growth with Risk: Secrets to Scaling with Brex’s COO and Alloy’s CRO

SaaStr

DECEMBER 6, 2022

On Balancing Compliance and Growth: Compliance, for any sub-category in SaaS, whether it’s marketing following GDPR compliance or your product team following FinTech compliance – it’s binary. If you just focus on compliance all the time and take no risk, you have no business to protect.

Scale

Scale Scaling compliance Forecasting

Buyer Trends: Top Insights from $3B in SaaS Transactions with Vendr

SaaStr

JUNE 29, 2023

Many net-new purchases are for data security, compliance, risk management, and AI-powered tools. Compliance : The cost of GDPR compliance has totaled around $9B globally since its introduction. So, what’s driving these purchasing trends?

VP of Engineering

VP of Engineering Trends Cybersecurity Sales Hiring

Thanks to Cledara, FIS, Insight Assurance, Paragon, and Zeni for Sponsoring SaaStr Annual 2023!

SaaStr

NOVEMBER 24, 2022

Insight Assurance is a professional services firm providing cybersecurity compliance, risk management, and tax services. ISO 27001 compliance services. Governance, risk and compliance consulting services. Founded by prior big 4 executives, Insight Assurance’s goal is to provide cost-effective, high-quality services.

Merchant Services

Merchant Services Cybersecurity compliance Finance

Uncharted and Electric: Secureframe’s CEO on Recruiting and Retaining Folks Better Than You

SaaStr

JULY 19, 2022

Up this week is Shrav Mehta, Founder and CEO of Secureframe, a provider of security and compliance software to help streamline SOC 2 and ISO 27001 compliance, backed by Accomplice Ventures, Kleiner Perkins and Gradient Ventures. SaaStr’s Poya Osgouei has a great Uncharted podcast that does a deeper dive with many SaaS execs.

compliance

compliance Software SaaS

How Enterprise Companies are Buying AI (or Not) with ContextualAI, Anthropic, Glean, and Unusual Ventures

SaaStr

JANUARY 17, 2024

Compliance matters. Arvind Jain, CEO of Glean explained: “ The first thing is just working on all security aspects and compliance. So getting your SOC-2 certification, HIPAA compliance, GDPR, and FedRAMP. That’s one stream of, enterprise requirements, which is, just needing all these compliance matters.

AI

AI Enterprise Artificial Intelligence compliance

Thanks to Hiver, Jirav, Orum, Rocketlane, and Schellman for Sponsoring SaaStr Annual 2022!

SaaStr

SEPTEMBER 1, 2022

Schellman is a leading provider of attestation and compliance services. Our approach builds successful, long-term relationships and allows our clients to achieve multiple compliance objectives through a single project team. The post Thanks to Hiver, Jirav, Orum, Rocketlane, and Schellman for Sponsoring SaaStr Annual 2022!

compliance

compliance Forecasting AI Onboarding

How to Know When It’s Time to Hire a CISO with Adversarial Risk Management Founder Jerry Perullo and SafeBase Director of Strategy and Operations Macy Mody (Video)

SaaStr

OCTOBER 31, 2022

Compliance. When compliance or regulatory officers enquire about whether you’ve had any incidents, you can have a clear answer and record to give them. Compliance. compliance can feel incredibly daunting. Secure Compliance. Over the years, Perullo has developed a handy mnemonic, TRICC, which stands for: Threats.

Cybersecurity

Cybersecurity compliance Government Strategy

Thanks to BambooHR, Drata, GuideCX, Mailchimp, and Ramp for Sponsoring SaaStr Annual 2022!

SaaStr

AUGUST 11, 2022

Drata is the world’s most advanced security and compliance automation platform with the mission to help companies earn and keep the trust of their users, customers, partners, and prospects. Its software sets HR free to do great work and be more strategic, which helps the entire organization do the same.

Payment Solutions

Payment Solutions Payment Services Payments Payment Methods

Thanks to A-LIGN, Captivate Talent, Mozart Data, Mutiny, and Subskribe for Sponsoring SaaStr Annual 2023!

SaaStr

DECEMBER 15, 2022

A-LIGN is a technology-enabled security and compliance partner that helps global organizations take a strategic approach to confidently mitigate cybersecurity risks.

Cybersecurity

Cybersecurity Data compliance AI

Thanks to Multiplier, Pepper, Tin Men Capital, and To the New’s CloudKeeper for Sponsoring SaaStr APAC 2023!

SaaStr

FEBRUARY 2, 2023

Its proprietary technology simplifies the employment process by managing the complexities of local compliance, labour contracts, payroll, benefits and taxes. We enable companies to manage their distributed teams via a simple dashboard while taking responsibility for local labor law compliance on their behalf.

Cloud spend optimization

Cloud spend optimization AWS Scale compliance

The Biggest Challenge With Vertical SaaS: Your Sales Team Has to Be Domain Experts

SaaStr

AUGUST 12, 2024

I see way too many SaaS founders hire sales reps who figure because they sold well at Gong or Carta, they can sell a complex compliance tool for a very specific industry. Make sure before they start they can truly pitch and sell your complex vertical SaaS product. Well maybe. Plan to be in founder-led sales mode longer. As discussed above.

Sales Hiring

Sales Hiring Scale Sales SaaS

A Checklist: 10 Signs You Shouldn’t Hire a Sales Rep

SaaStr

MARCH 11, 2024

They can’t wing environmental compliance sales to a Chief Compliance Officer. #10. Be way if you’re in vertical SaaS or complex fintech or developer-focused tools hiring folks that have only sold, basically, to folks like themselves. They can wing that.

Sales Hiring

Sales Hiring Sales Interviewing compliance

Assume the Customer Knows Everything

SaaStr

MARCH 16, 2021

Assume your customers know every cut corner you’ve cut on compliance, security, redundancy, etc. Is your HIPAA compliance pretty barely there? Would they be OK with it? If not — make changes here, quickly. It’s their data, not yours. Are you sure your keystore is properly encrypted?

Scale

Scale compliance Engineering Customer Success

Thanks to ActiveCampaign, Airbase, Calendly, Drata, and TripActions for Sponsoring SaaStr Annual 2022!

SaaStr

APRIL 15, 2022

Drata is the world’s most advanced security and compliance automation platform with the mission to help companies earn and keep the trust of their users, customers, partners, and prospects.

Travel

Travel compliance Finance Engagement

Dear SaaStr: How You Deal With Long Sales Cycles, E.g. 7-8+ Months?

SaaStr

AUGUST 10, 2024

Embrace doing all the compliance requirements (SOC-2, HIPPA, Two-factor authentication, etc) Embrace selling to multiple stakeholders. This is why “pipeline” doesn’t make any sense to start-ups, not really, but makes total sense for BigCo sales executives. Instead of running from them. Force yourself to sell to 3-4 folks per deal.

Sales Hiring

Sales Hiring Sales compliance Enterprise

How to Get a SOC 3 Report: 4 Easy Steps

Scytale

NOVEMBER 4, 2024

In this blog, we’ll explore the importance of SOC 3 in boosting your business’s credibility and reveal four easy steps that you can follow to get your hands on a SOC 3 report. These criteria further highlight that every aspect of data is expertly managed to ensure complete protection and compliance. The good news? Let’s dive in!

compliance

compliance Underperforming Technical Team Scale Technical Review

Dear SaaStr: What’s It Like Being Beaten Up by Investors?

The Bar Has Gone Up: The New Era of HyperFunctional SaaS with Jason Lemkin

Webinars

Trending Sources

The Keys to Getting to $500M ARR In Just 7 Years with Attentive’s CEO

Webinars

Revenue Recognition: Ensuring Compliance and Accuracy

IBM’s $7B Bet on Vertical AI and What It Means for SaaS Founders

Top 7 CCPA Compliance Tools in 2024

How to Meet ADA Website Compliance

5 Key Things You Need to Know About AI Data Privacy in 2025 (and Why It Matters) with Skyflow’s CPO

The Enterprise Journey: 8 Keys to Going Upmarket Successfully with Workiva’s CEO Julie Iskow

Top 5 Risk and Compliance Trends for 2025

Mastering Growth in the AI Era: How to Stand Out, Acquire Customers, and Raise VC Dollars with B Capital, Zetta, and Glasswing

Approaching Half a Million Customers: How to Win in SMB with BILL CEO and Founder René Lacerte

9 Best HIPAA Compliance Tools in 2024

Penetration Testing vs. Compliance Audits: What’s the Difference?

The #1 and #2 Reasons I See Sales Execs Fail Today

Billing System Migration: How to Nail It?

Achieving SOC 2 Type 2 Compliance: Pro Tips Inside

SOC 2 Audit: The Essentials for Data Security and Compliance

Growing your SAM: Making the Leap from Small to Midsize-Business Customers

My App Stack: Shrav Mehta, Founder and CEO of Secureframe

What is HIPAA Compliance and Why is it a Must for Your Company?

5 Interesting Learnings From Avalara at $600,000,000 in ARR

The Journey from Freemium to PLG to SLG: Key Learnings from Dropbox, Salesforce and Vimeo

The Top 10 Important Finance Mistakes First Time Founders Make

5 Security Changes Your Company Needs to Make to Land Enterprise Deals from Secureframe

5 Interesting Learnings from Box At $800,000,000 in ARR

Thanks to Drata, OnBoard, Qwilr, RevSure, and Workato for Sponsoring SaaStr Annual 2023!

Thanks to A-LIGN, Ada, Appcues, Duda, and Maxio for Sponsoring SaaStr Annual 2022!

Balancing Hyper Growth with Risk: Secrets to Scaling with Brex’s COO and Alloy’s CRO

Buyer Trends: Top Insights from $3B in SaaS Transactions with Vendr

Thanks to Cledara, FIS, Insight Assurance, Paragon, and Zeni for Sponsoring SaaStr Annual 2023!

Uncharted and Electric: Secureframe’s CEO on Recruiting and Retaining Folks Better Than You

How Enterprise Companies are Buying AI (or Not) with ContextualAI, Anthropic, Glean, and Unusual Ventures

Thanks to Hiver, Jirav, Orum, Rocketlane, and Schellman for Sponsoring SaaStr Annual 2022!

How to Know When It’s Time to Hire a CISO with Adversarial Risk Management Founder Jerry Perullo and SafeBase Director of Strategy and Operations Macy Mody (Video)

Thanks to BambooHR, Drata, GuideCX, Mailchimp, and Ramp for Sponsoring SaaStr Annual 2022!

Thanks to A-LIGN, Captivate Talent, Mozart Data, Mutiny, and Subskribe for Sponsoring SaaStr Annual 2023!

Thanks to Multiplier, Pepper, Tin Men Capital, and To the New’s CloudKeeper for Sponsoring SaaStr APAC 2023!

The Biggest Challenge With Vertical SaaS: Your Sales Team Has to Be Domain Experts

A Checklist: 10 Signs You Shouldn’t Hire a Sales Rep

Assume the Customer Knows Everything

Thanks to ActiveCampaign, Airbase, Calendly, Drata, and TripActions for Sponsoring SaaStr Annual 2022!

Dear SaaStr: How You Deal With Long Sales Cycles, E.g. 7-8+ Months?

How to Get a SOC 3 Report: 4 Easy Steps

Stay Connected