Sourcegraph & Anecdotes
How Anecdotes helped Sourcegraph increase efficiency in their audits with Geels Norton without compromising quality

Download as pdf

Anecdotes' easy and intuitive platform has significantly improved our audit process, saving us time and effort across the organization.

Dora Neumeier, Compliance Lead, Sourcegraph

Challenge:

Manual Labor Intensity: Continuing to grow and innovate their mature security and GRC practices required automating internal processes and time-intensive manual labor for audit by a reputable firm.

“I had very high demands for what I wanted out of the solution, and I tested many well-known industry tools before I chose Anecdotes. The Anecdotes team impressed me with their innovative approach,” Dora Neumeier, Compliance Lead, Sourcegraph

Solution:

  • Custom Framework: Anecdote’s platform flexibility made it easy for Geels Norton, Sourcegraph’s auditor, to build a framework tailored to the specific requirements Sourcegraph would need for the audit. 
  • Automated Evidence Mapping: Evidence was automatically collected and mapped to the relevant controls in its custom framework, substantially reducing the manual labor and time Sourcegraph spent preparing for the audit.
  • Continuous Compliance: By setting up rules that automatically detect gaps based on its internal processes, Sourcegraph’s Compliance team has visibility into its posture and has achieved continuous compliance.

“We appreciate the clarity when it comes to data in Anecdotes. There is increased transparency as to how the data was collected, making the entire audit process quicker and better,” Nick continued. “Anecdotes, and specifically the auditor portal, made Sourcegraph’s audit process faster and more efficient, and the entire experience much smoother.” Nick Norton, Cofounder and Chief Visionary at Geels Norton.

Results:

  • Data Analysis and Gap Detection: The flexibility to analyze the data, query it, and detect gaps automatically on an ongoing basis allows Sourcegraph to detect and address any issue in real-time, allowing them to arrive at the audit well-prepared.
  • Collaboration with Auditor: Sourcegraph and Geels Norton were able to conduct the audit within the Anecdotes Compliance OS and methodically review all the evidence and controls, making the entire audit process more efficient.
  • Time Savings: The automated evidence collection saved Sourcegraph a lot of time preparing the audit. By conducting the audit within the platform, there was much less back-and-forth, making for a much more focused and efficient audit process.

Client Bio

NYSE Ticker:
Industry:
Software Development
Employees:
196
HQ:
San Francisco, CA

Founded in 2013, Sourcegraph is a code intelligence platform that allows developers to rapidly search, write, and understand code by bringing insights from their entire codebase right into their editor.