Any views on Vanta vs Tugboat Logic vs Laika? I’m trying to choose among them am leaning towards Tugboat Logic. It’s policies seem more thoroughly drafted and they let you test drive the platform, which none of the others allow. Vanta has more integrations but doesn’t currently do Jamf from what I can tell.
I think this depends on your internal resources. TugBoat and Laika are more project management tools, a great question to ask is if you integrate with my Infrastructure, how many controls within the SOC2 framework are you actually automating. Vanta has been around awhile but I’ve heard mixed feedback from auditors as well as companies that use the tool. I’d recommend looking into Drata, they have the most automation and great auditor relationships. Happy to provide an intro to one of their audit partners that I used to work with to learn more from their perspective.
Paying someone to give me a list of problems isn't at all useful until we have nothing else to do. Appreciate there may be others out there without the same understanding of Infosec, but frankly that's a greater risk to companies without those resources.
A newer tool that I’ve heard great feedback on is Drata. They’re more focused on automation and continuous evidence collection.