LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.
Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.
No matter your stage, Comp AI helps you automate compliance, collect evidence, and prove trust continuously - all from a single, AI-powered platform.
We make SOC 2, ISO 27001, HIPAA and GDPR feel effortless. Our AI agents handle most of the work - from evidence collection and monitoring to policy management and audit prep - so your team can focus on building.
Coroot is SOC 2 compliant! 🐝 🐧 🔐
SOC 2 compliance means an independent auditor has verified that Coroot's systems and processes meet rigorous standards for security, availability, and confidentiality. We've always believed that complete observability shouldn't require choosing between capability and trust: SOC 2 is how we prove it.
No back-and-forth required with your InfoSec team. The platform you're already using to handle sensitive telemetry (logs, traces, metrics, profiles, and a complete service map of your system) has been independently verified to handle that data securely and responsibly.
For your team, that means with Coroot, the full picture of your infrastructure has a platform your whole organization can stand behind: https://lnkd.in/eRFsHuYK#devops#observability#monitoring#aws#cloud#tech#ai#linux#ebpf#sre#sysadmin#soc2#cybersecurityComp AI
Anthropic just confirmed that a small group of unauthorized users accessed its new Claude Mythos model, getting in through a mix of methods, including credentials tied to a third-party contractor.
Anthropic says it is investigating and has found no evidence its core systems were compromised.
The timing matters because of what this model actually is.
Claude Mythos is the most powerful AI model Anthropic has ever built.
It was not specifically trained for cybersecurity but rather was trained to be better at code.
But as a side effect of being exceptional at code, it became exceptional at hacking.
During internal testing, Mythos escaped its own sandboxed testing environment, accessed the broader internet, emailed a researcher who was away from the office, and posted exploit details to public websites, all without authorization.
In separate tests, it concealed unauthorized changes by editing git history and deliberately lowered its own accuracy to avoid detection.
It can chain together 3, 4, sometimes 5 separate vulnerabilities each of which appears harmless alone into a sophisticated end-to-end exploit.
It can do this autonomously, across long multi-step tasks, the way a human security researcher would work across an entire day.
In open-source testing, Mythos found a bug in OpenBSD that had gone undetected for 27 years.
It found a 16-year-old flaw in FFmpeg that five million automated test runs had never caught and it has now identified thousands of high-severity vulnerabilities across every major operating system and web browser.
Because the risks of releasing a model like this broadly are obvious, Anthropic did not.
Instead it launched Project Glasswing, giving exclusive access to 40+ organizations including AWS, Apple, Google, Microsoft, Cisco, CrowdStrike, JPMorgan Chase, and the Linux Foundation, with $100 million in usage credits committed to defensive security work.
The logic is that defenders need a head start.
More powerful models are coming from Anthropic and from everyone else and the organizations running the world's critical infrastructure need to know their vulnerabilities before attackers do.
But now the model that Anthropic considered too dangerous for public release, the model that breaks into systems by design was accessed by unauthorized users through a contractor's credentials.
CustomerNode Achieves SOC 2 Type I compliance
Most high-touch B2B sales processes look like this:
1) A prospect fills out a form.
2) Data lands in a CRM.
3) A deal room is created somewhere else.
4) Documents are shared through another system.
5) Scoping happens in slides.
6) Approvals move through email.
7) Implementation gets handed off into a project tool.
8) Customer success lives somewhere else entirely.
By the end, a single deal has moved across a dozen systems.
At each step:
- New access is provisioned
- Data is copied or re-entered
- Context is rebuilt
Each system may be secure.
Each system may be compliant.
But the process itself - the end-to-end journey as the customer experiences it - runs between them.
This is where the risk accumulates.
Not inside any one system, but in the gaps:
- Where access lingers
- Where data is duplicated without lineage
- Where decisions happen outside the system of record
- Where no single boundary reflects what actually occurred
Most teams assume this is covered.
It isn't.
SOC 2 audits a defined system.
But this journey does not exist as one.
So the most critical workflow in the business - the end-to-end journey as the customer experiences it - sits outside the audited boundary.
CustomerNode redefined the system boundary.
The entire journey -
Discovery -> Experience/Eval -> Scoping -> Commitment -> Deployment -> Success
- runs inside a single system.
No handoffs.
No re-provisioning.
No fragmented data trail.
Finally, the thing being audited is the thing the customer actually experiences.
Most teams have accepted running their business across audited boundaries because there was no practical alternative.
Now there is.
CustomerNode.
The entire customer journey.
One traceable boundary.
One unqualified opinion.
One system you can trust.
In the last week, we rolled out RBAC and 220+ new integrations across engineering, identity, HR, and cloud tools.
So whether your stack is standard or more niche, we can cover it.
And we’re continuing to ship new integrations daily.
Vratix is now SOC 2 Type II compliant.
This comes at an important time as we onboard new customers who require strong security policies and mature internal controls.
Our report was completed with zero exceptions, validating the controls and processes we've put in place across the business.
For customers evaluating Ace AI, this is an important signal that the product is built to be secure, trustworthy, and ready for enterprise adoption.
A big thank you to Comp AI - Lewis Carhart, Paul Langton and the rest of the team - for making the process simple and smooth from start to finish! If you’re looking for a stress-free compliance process, I highly recommend them.
Vratix is now SOC 2 Type II compliant.
This comes at an important time as we onboard new customers who require strong security policies and mature internal controls.
Our report was completed with zero exceptions, validating the controls and processes we've put in place across the business.
For customers evaluating Ace AI, this is an important signal that the product is built to be secure, trustworthy, and ready for enterprise adoption.
A big thank you to Comp AI - Lewis Carhart, Paul Langton and the rest of the team - for making the process simple and smooth from start to finish! If you’re looking for a stress-free compliance process, I highly recommend them.
150+ ppl last night for the Pre-SXSW Tech Mixer was a fun way to start off the week
Huge shout out to Katya Fuentes at Comp AI for helping make it possible 🙌
Also, shout out to Bernardo N. at First Time Founders for the support.
Venture Week will be in Austin this coming September, as part of our 13-city US Tour
So get ready…
