Blog

Moving Beyond the “Human Grind” of Compliance with Algolia’s Adam Surak

February 18, 2021

Adam Surak, Head of Infrastructure and Security at Algolia, talks about how compliance automation has enabled Algolia to minimize the human grind of compliance execute a large number of certification programs while keeping the team morale high.

Intelligent Integrations Power Compliance Automation

February 5, 2021

Integrations are critically important for compliance automation. However, not all integrations are created equal. Learn about how different integration strategies result in different outcomes for compliance automation, and what to look for with integrations.

The Culture of Compliance: Podium’s Josh Pugmire on Managing GRC at Every Stage

February 4, 2021

Josh Pugmire, Director of Security and Compliance at Podium, talks about what he’s learned from doing compliance at both the startup and enterprise level, as well as where he sees the industry heading in 2021 and beyond.

2021 Predictions: 3 Ways Compliance Will Evolve in the Year Ahead

January 28, 2021

Our top 3 predictions for how the governance, risk, and compliance space will evolve in 2021. From compliance automation to vendor management to tool consolidation, we'll let you know what to expect and how to benefit from the changes.

Compliance automation improvements and IaaS integrations

December 15, 2020

Today we’re introducing new automated issue detection and remediation functionality that makes Aptible Comply integrations even more intelligent so compliance managers can continuously monitor controls and remediate detected issues with simple, user-friendly workflows. Not to be overshadowed we are also adding cloud infrastructure integrations, starting with AWS, so companies building in the cloud can leverage powerful compliance automations to manage IaaS compliance.

Building Aptible’s Design System

December 11, 2020

Aptible created a design system, Arrow Design System, to be able to create high-quality and consistent experiences for our users. It's owned and maintained by the UX Engineering team which allows us to invest in the user experience independently of product feature requests. Learn more about how Arrow DS allows us to make our software easier to use and give users more reason to trust our products.

Simplify Manual Evidence Collection

November 20, 2020

Comply prioritizes automating evidence collection so compliance teams can focus on more important problems, however because not all evidence collection can be automated (yet) some evidence still requires old fashioned manual collection. Learn about how Aptible Comply makes compliance manual evidence collection easier through automating the processes and providing integrations for notifications and evidence uploads.

2020 GRC Benchmark Report: A month in the life of a GRC professional

October 9, 2020

User access reviews, pen tests, compliance audits, security reviews…the amount of work that security and compliance teams have to manage on a regular basis is shocking. Yet, there are actually very few sources of information on just how much time security and compliance professionals spend on different tasks. Until now.

Aptible recently surveyed over 100 GRC professionals to learn what their top challenges are, and what capabilities they look for in a GRC tool. Check out a quick summary in this blog post, and link to the full report.

Recreating redux-toolkit’s createSlice

October 7, 2020

In this post, we want to demystify createSlice by building our own stripped down version of it for new engineers to use as a reference guide when learning redux.

Going on a Powertrip

October 2, 2020

If you have a product and customers, then you also have members of your team who need access to critical systems in order for your company to function. Safeguarding credentials that can access these systems via mechanisms like 2FA, U2F, and key rotation is necessary but not sufficient. You must also monitor for key security events and review each to ensure your protections are working as intended.

Here at Aptible, we’ve solved the problem of monitoring and requesting approval for security events via a lightweight Slack integration we built called Powertrip. With Powertrip, we are able to send Slack notifications to relevant team members about key security events within minutes of the event happening.