Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Speedy response and great communication
What do you like best about the product?
Good communication with the team, speedy response and completion of deliverables
What do you dislike about the product?
Price as a small business is always a factor
What problems is the product solving and how is that benefiting you?
Pen Testing and Audit for SOC II
- Leave a Comment |
- Mark review as helpful
Superior to Vanta/Drata, but still room for improvement
What do you like best about the product?
With Thoropass, you have hands-on help to get over the audit hump. The pre-provided reports are great if you've never had a SOC audit before, the testing coverage is broad and the team is extraordinarily helpful. You get the distinct feeling that these folks were auditors first, and software developers second, rather than the other way around.
We arrived having already established our procedures and controls from a traditional audit and had built our engineering processes around those controls. Some of them did not align with the default policies, so we worked with the team to adjust the controls to match making sure the SOC standard was adhered to. This allowed us to stick with our original policy docs that our team was already trained around.
Further, the team continues to meet with you throughout the year so that the Type 2 audit is a breeze and virtually all the materials have been collected over the period already.
Major distinction from Vanta/Drata: they don't insert expensive systems into your AWS or Azure environment for continuous monitoring. I've heard those folks end up costing their customers a lot just in increased AWS costs.
Also, the price is exceptional.
We arrived having already established our procedures and controls from a traditional audit and had built our engineering processes around those controls. Some of them did not align with the default policies, so we worked with the team to adjust the controls to match making sure the SOC standard was adhered to. This allowed us to stick with our original policy docs that our team was already trained around.
Further, the team continues to meet with you throughout the year so that the Type 2 audit is a breeze and virtually all the materials have been collected over the period already.
Major distinction from Vanta/Drata: they don't insert expensive systems into your AWS or Azure environment for continuous monitoring. I've heard those folks end up costing their customers a lot just in increased AWS costs.
Also, the price is exceptional.
What do you dislike about the product?
We ran into some issues with the actual auditors not wanting to find a policy in our documents because our documents weren't their default standard documents. The tool asks you to link the policy for the auditor to review and many times the auditor came back asking us to screenshot the exact place in the documents where the policy existed rather than reading it themselves. I would have preferred that they reviewed our documents thoroughly before asking for assistance.
What problems is the product solving and how is that benefiting you?
Helps us stay SOC compliant without a huge annual auditor headache
Communication was top notch
What do you like best about the product?
Thoropass has had the best communication for the pentest process compared to any other vendor we've used. They make everything simple and easy by offering options for communication based on what works best for you. Retest scheduling was beyond easy and very fast.
What do you dislike about the product?
We haven't had any issues or dislikes occur with Thoropass yet.
What problems is the product solving and how is that benefiting you?
Thoropass performs our pentest annually and keeps the process simple by providing timely communication and customization of how you receive these updates.
Excellent Service!
What do you like best about the product?
Thoropass Staff were able to work with us to guide our growing company through the SOC 2 Type 1 Process to help us acheive a completed Audit by our tight deadline. Their staff were friendly, responsive, professional, and very competent. Thank you very much, Thoropass!
What do you dislike about the product?
There were a few times when the site was marginally slow, but it wasn't a very big deal. It was easy to work around.
What problems is the product solving and how is that benefiting you?
We needed to complete a SOC 2 Type 1 Authorization within a tight deadline, and their system and team guided us through the process.
Compliance simplified
What do you like best about the product?
Thoropass provides an easy-to-use portal, well-architected policies and procedures, and an excellent success plan that makes adoption and maintenance easy. The success team is quick to address questions and provide documentation to help with education and navigating compliance.
Thoropass has become our main portal for all compliance documentation and training, they even helps with our on boarding and off-boarding checklists.
Thoropass has become our main portal for all compliance documentation and training, they even helps with our on boarding and off-boarding checklists.
What do you dislike about the product?
Downsides are occasional integration breaks between systems that require reauthentication.
What problems is the product solving and how is that benefiting you?
Thoropass provides consistency in our process managment and eases our system audits. As a compliance partner, they are instrumental in validating our commitment to customers in data security.
Seamless SOC 1 Audit Experience with Outstanding Support!
What do you like best about the product?
Thoropass provided an intuitive platform that streamlined our SOC 1 Type 1 audit process, with standout features like the Road Map, Policy Management and Task Assignments that kept us organized and on track. The exceptional support from their Customer Success Manager, Victoria Chervinska, made the entire experience efficient and stress-free.
What do you dislike about the product?
Honestly, we didn’t encounter anything negative during our experience with Thoropass. The platform exceeded our expectations, and the support we received was great.
What problems is the product solving and how is that benefiting you?
Thoropass solved the complexities of our SOC 1 Type 1 audit by providing an intuitive platform with features like Tasks, the Road Map, and Policy Acknowledgments. These tools streamlined compliance efforts, kept our team aligned, and made managing the audit process efficient and stress-free.
Communicative and knowledgeable
What do you like best about the product?
What I like most about Thoropass is the ease and timeliness of communication. The team that has been assigned to our organization is always responsive and helpful.
What do you dislike about the product?
We haven't noticed any downsides. There are features that could be more fleshed out but that is a matter of time.
What problems is the product solving and how is that benefiting you?
We are conducting SOC and HITRUST audits. The Thoropass platform has made it easy to keep track of all our documents and evidence.
SOC2 Compliance Made as Easy as Possible
What do you like best about the product?
I appreciated having the Thoropass portal as a centralized repository to store all of our documentation. It also served as a guide to ensure we completed everything necessary in a timely manner. Having a personal contact to meet with regularly was also very helpful. RJ and Ritu were always available to address any questions we had along the way.
What do you dislike about the product?
I felt the tasking and notifications area of the portal could be more robust. However, they are planning an update to enhance those features soon.
What problems is the product solving and how is that benefiting you?
We engaged Thoropass to help us prepare for an AICPA System and Organization Control 2 (SOC 2), Type 1 audit for the Security and Availability Trust Services Criteria. This includes conducting a gap assessment and ordering a remediation plan
consisting of policies, procedures, management practices, and required controls to satisfy the requirements of an audit. Essentially, they are helping us streamline the process of obtaining our SOC 2 Type 2 certification.
consisting of policies, procedures, management practices, and required controls to satisfy the requirements of an audit. Essentially, they are helping us streamline the process of obtaining our SOC 2 Type 2 certification.
Great Help for SOC2 Audits
What do you like best about the product?
Great Partners to help with SOC2 Audit. They guide us & help us to prepare required processes. Guided us to prepare the documentation & collect proofs of same.
What do you dislike about the product?
Nothing as such required to improve further
What problems is the product solving and how is that benefiting you?
We want to imporve Security & processes for our different products. It helped to achieve the same.
Thorough platform for security audit & compliance.
What do you like best about the product?
Thorough and helfpul platform to pass necessary certifications. Very good examples, templates, and FAQ to properly prepare for the journey through the compliance "jungles". Their customer support are bery responsive and helpful.
What do you dislike about the product?
It's not a big issue, but for the sake of improvement I need to mention that "document editor" sometimes "reverts" your last changes and makes you feel nervous. But when you refresh the page - everything is fine.
What problems is the product solving and how is that benefiting you?
We needed to pass SOC-2 and HIPAA audit. With Thoropass platform this journey was clear and much easier than it seemed in the beginning.
showing 1 - 10