freddykrugerDelve – Fake Compliance as a Service
https://deepdelver.substack.com/p/delve-fake-compliance-as-a-service
This was such as interesting read, but I found this link via LinkedIn rather than hackernews.
I would have expected this to be somewhere at the top right now given how deep the article digs and evidence seems legit.
I think it may be getting (intentionally?) suppressed from the homepage. Given this is a YCombinator website, I wouldn't rule that out.
Regardless, it's been an ongoing issue. I know a few involved companies — it takes basically 5 days to get a SOC 2 Type 2 report through Delve. And, of course, they market this way too: "SOC 2 in days". Unbelievable.
It's a trending story on X. Was surprised there was no meaty discussion here on HN.