Discussion

• @heretorule77 Silver on x

  @ohryansbelt saw this interview of founder of delve yesterday on instagram [video]

• @megannyvold Megan Nyvold on x

  Overt self promotion and excessive pr for startups is such a turn off oh my god Founders that love doing this are nearly always compensating. Will they ever learn

• @kobyjconrad Koby Conrad on x

  Just a PSA we use Delve. Delve does EXACTLY what EVERY other company in this space does, they provide a checklist and help you automate your compliance. WE are still responsible for our security. Not Delve. This industry is shady AF and this anon is 100% a competitor 🫡

• @ohryansbelt Ryan on x

  Delve, a YC-backed compliance startup that raised $32 million, has been accused of systematically faking SOC 2, ISO 27001, HIPAA, and GDPR compliance reports for hundreds of clients. According to a detailed Substack investigation by DeepDelver, a leaked Google spreadsheet [image]

• @jessicatshen Jessica Shen on x

  This exposé isn't getting nearly enough attention. @getdelve, a YC W24 compliance automation startup that raised $32M from Insight Partners, allegedly convinced hundreds of companies they were SOC 2 compliant, when they weren't. The scheme involved working with Indian audit [imag…

• @mil0theminer Milo Smith on x

  3rd all nighter of what? Compliance??? I don't want my security company shipping 3am code

• @tenobrus @tenobrus on x

  i just scrolled thru the whole delve linkedin and literally the single eng with the most fulltime swe experience has 3.5 yoe

• @bryanonel86 Bryan Onel on x

  Yeah this doesn't surprise me in any way, given the history I have with the founder of Delve. What a bombshell of an article though. There is just so much to unpack.

• @anammostarac Ana Mostarac on x

  > Startup accused of fraud > Check bios of both founders > Forbes 30 under 30 [image]

• @attributeshift @attributeshift on x

  @ohryansbelt are these the same guys that bragged about their engineer working for 3 days straight

• @mil0theminer Milo Smith on x

  Who would have guessed that Delve is a fraud

• @mil0theminer Milo Smith on x

  Holy shit they're just going straight to jail [image]

• @quinnypig Corey Quinn on x

  Affected client: @cluely Yes, that Cluely, the company that sells AI overlays to help people cheat interviews. A company whose entire value prop is undetectable deception was getting its compliance from a company whose entire value prop is undetectable deception. Synergy!

• @barrald Barry McCardel on x

  there's something truly sublime about cluely being scammed on their SOC 2

• @bfaviero Bruno Faviero on x

  Glad we used @TrustVanta [image]

• @denehyxxl Ryan Denehy on x

  @eringriffith Early stage companies who slap their names on race cars don't often end well [image]

• @johnloeber John Loeber on x

  6 months ago, I found out that Delve only had 5 engineers, and all of them pretty junior (no offense intended). I checked LinkedIn again, they're up to 10 now, it seems Drata? Vanta? Hundreds. Sometimes someone figures out a magic trick in engineering... but it's unlikely.

• @awwstn Austin Petersmith on x

  not gonna lie, as we've been going through a gruelling SOC2 process with Vanta i have felt a lot of FOMO reading about Delve customers getting it done in 3 weeks if all this is true then NOMOFOMO

• @tenobrus @tenobrus on x

  heads up that if you use @getdelve for compliance they're blatant fraudsters and have opened you up to massive legal liability. @karunkaushik_ and @kocalars i hope you both go to jail :)

• @tekbog @tekbog on x

  turns out sometimes you can't just “do things”

• @ahmetb @ahmetb on x

  you should beware of using @Lovable @cluely @wisprflow for anything confidential/PII because they most likely obtained compliance through Delve and got frauded themselves.

• @zetalyrae Fernando on x

  “we” is a “Sobriety Platform for the future of Superintelligence” funded by YC [image]

• @vcbrags @vcbrags on x

  @ohryansbelt @asemota 30u30 never misses [image]

• @isareksopuro Isabelle on x

  state of silicon valley: > Delve (YC W24) >"AI Native" >literally no AI >forbes 30u30 founders >charges $6k for a chatgpt'd legal contract >uses Indian contractors to fake data (impersonating as US-based CPAs) > leaked sensitive client data (Lovable, Cluely) & blamed it on [image…

• @jackbr513 Jack Brown on x

  @eringriffith Unfortunate timing for their new bus ad 😬 [image]

• @eringriffith Erin Griffith on x

  A detailed and brutal look at the tactics of buzzy AI compliance startup Delve “Delve built a machine designed to make clients complicit without their knowledge, to manufacture plausible deniability while producing exactly the opposite.” https://substack.com/...

• @scottastevenson Scott Stevenson on x

  Is it time to talk about how all the major SOC2 providers are borderline fraudulent or is there too much market cap at stake?

• @kscottz Kat Scott on x

  Billboards for this company are all over SF. I walked by their headquarters the other day and just laughed, because “delve” is onenof those canary words that signals AI slop. I'm sure this isn't the first or last fraud to come out of YC's AI era. [image]

• @pk_iv Paul Klein IV on x

  If this is legit - it means that every SOC-2 report from their customers will need to be redone (which will take months). Very thankful to be a Vanta customer right now.

• @jessfraz Jessie Frazelle on x

  VCs about to delete a lot of tweets

• @javipark_ Javi Park on x

  if this is true, congrats @Forbes you've done it again 👏👏👏👏 [image]

• @shobhitic @shobhitic on x

  saw this interview of founder of delve yesterday on instagram [video]

• @bonegpt Bone on x

  another YC fraud mill

• r/soc2 r on reddit

  The madness continues

• @jadecole2112 Jade Cole on x

  I am concerned a lot of these rapid “AI first” startups are essentially fraudulent, using AI as primarily a marketing and promotion tool to get fundraising and free social media attention, while using humans in the background to do what they say their AI tools are doing. [image]

• @ivanburazin Ivan Burazin on x

  It took our compliance officer close to a year to get SOC 2 done. In the meantime, I saw even 3 month old startups getting it with ease. After a point I got frustrated: “Why the hell are we using @DrataHQ? Let's try these guys and get it done!” He kept saying “It's just not [imag…

• @brettfromdj Brett on x

  Imagine raising $32,000,000 from Insight + YC, making Forbes 30u30, then allegedly using AI to mass-produce fake SOC 2 / HIPAA certs for your clients... and spending the budget on wrapping a race car instead of, y'know, doing actual compliance.

• @decadimitry Dimitry Yakoushkin on x

  How could this level of blatant fraud make it past a VC firm led by this executive team? [image]

• @vasuman Vas on x

  P-1: fraud

• @0xluffy Luffy on x

  imagine pulling 3rd all nighter faking compliance

• @busdownbonnor Connor on x

  I worked for a YC startup that is SOC2 and ISO compliant with Delve. It's definitely bullshit. With basically no security measures in place at the time, we managed to speed-run compliance in weeks by uploading complete garbage into their portal. The past few months I've been

• @feifanz Feifan Zhou on x

  We talked to Delve last summer. Heard a few concerning stories behind the scenes; decided to go with someone else for our SOC II. Glad we did. We take security seriously at Tanagram. [image]

• @boringbiz_ @boringbiz_ on x

  Forbes 30u30 has a better hit rate on identifying fraudulent companies than Chamath has on identifying good SPAC targets Let that sink in

• @zackkorman Zack Korman on x

  The Delve stuff is bad, but all of these compliance platforms (Vanta, Drata, etc) have their “trusted auditors” they recommend. That is the core issue that corrupts this space. [image]

• @regimecpa @regimecpa on bluesky

  If you're a tech or business journalist who wants to talk about the corruption of the SOC 2 compliance space after reading the below, let me know, happy to provide context from an auditor before you reach out to the author.

• @tekbog @tekbog on x

  >cluely “cheat on everything” gets praised >companies start to cheat on everything >VCs retardmaxxing [image]

• @bengold Ben Gold on x

  This is fucking insane and further proof that YC has totally lost the plot for not doing due diligence.

• @anothercohen Alex Cohen on x

  Incredible. At this point we need to put the Forbes editors in charge of the FBI [image]

• @stkenned Scott Kennedy on x

  Just completed our annual SOC2 audit using Vanta. They audited every MDM config, device destruction certificate, patched vulnerability. Honestly, it was painful. But we passed each test and I know we do right by our users. Delve is a known “shortcut”. Never considered it.

• @peer_rich @peer_rich on x

  delve couldve done the funniest ad ever [image]

• @regimecpa @regimecpa on bluesky

  If you want some light reading.  Also, how is a company named bland ai real?

• @alisonbuki @alisonbuki on bluesky

  another day another startup fraud  —  substack.com/home/post/p-...

• @moll.dev Tom on bluesky

  Absolutely wild.  Cluely and others using a scam compliance-as-a-service company that just rubberstamps everything using a sketch US firm and numerous other sketchy Indian firms to claim SOX2, HIPPA, GDPR, etc compliance.  —  substack.com/home/post/p-...

• @bryanonel86 Bryan Onel on x

  Wow. Delve just took down all of their customer logos as well as the entire testimonials tab and page. Never seen a company die in realtime before. [image]