Life as a startup moves fast. Once a week, we’re going to checkup on an early-stage company we have previously written about. This week: Whistic, who we profiled in November 2015.
What has Whistic been up to the past few years? This is a question that keeps me up late at night, tossing and turning, drifting through a dreamworld of data breaches, spreadsheet hell, and shifty-eyed vendors. PEOPLE, I GOTTA SLEEP.
Nick Sorensen, CEO of Whistic, was kind enough to speak with me regarding the recent exploits of his company. Things have progressed quickly since the start of 2016, when Whistic was nothing more than a beta baby recognized as the best enterprise startup at Launch Festival.
In a nutshell: 2017 was a big year.
“By our core product metric, we grew nearly 2,000 percent year-over year,” said Sorensen. “There’s this inherent virality to Whistic, as our customers use the platform, more companies get exposed to it. Our customers sign up with us and then go send out security reviews to all of their vendors. That introduces Whistic to a bunch of companies that have been doing this in spreadsheets and they say, ‘Why don’t we do this?’ And it grows from there.”
As more companies have begun to realize the risk posed by third party vendors — and the inefficient, spreadsheet-based ways of identifying them — Whistic has begun to grow. Revenue exploded by nearly 500 percent in 2017. Whistic now has roughly 20 employees working from their Pleasant Grove office. Most importantly, Whistic formed a partnership with the Vendor Security Alliance, which sounds like a bad Star Trek meetup but is actually a non-profit formed by nine leading tech companies (Uber, Airbnb, Atlassian, Docker, Dropbox, GoDaddy, Palantir, Square, Twitter) who decided there’s a better way to do vendor security assessments. Shortly after formation, the VSA went in search of a platform that could do away with spreadsheet assessments. Enter Whistic, who was chosen as the exclusive platform to run the VSA security assessment program for all their members.
“It was pretty cool to demo Whistic to the CISO of Twitter and GoDaddy and to the security leaders from the other VSA companies, and have them say Whistic would meet their needs,” said Sorensen. “Our mission is to raise the bar for security by enabling companies to hold each other accountable for protecting their shared data. As more and more companies realize the importance of vendor security, we want to help make this a seamless and transparent process.”