Our main use case for Delve Automated Compliance Platform is to become SOC 2 compliant.

Delve Automated Compliance Platform has impacted our organization positively in that we did get SOC 2 in the end, and it allowed us to close a few deals, but we did have to navigate a lot of questions because of the lack of functionality that the platform had. Basically, what happened was that these reports and their programs, which they claim are custom, but they're not. It's always the same program they ship to every company, basically. What happens is there's just a bunch of missing items from there that people expect, and we had a really hard time navigating that when we showed these people our SOC 2 report. We closed those deals and we didn't lose the deal, but nonetheless, it got a little bit scary for a moment there. That's why we're switching away to another platform.

Some features of Delve Automated Compliance Platform are really easy if you ignore the fact that they're cutting corners. But if you do it their way, basically the cheating way, it's rather simple. That's really nice if it was enough.

Delve Automated Compliance Platform supports our SOC 2 compliance process partly; it technically does a bunch of things you'd expect, but it does it in a rather minimalistic way where it doesn't really cover all your bases, even though they make you believe it does.

A specific example of an area where it falls short or doesn't fully meet my expectations is that, for a lot of these requirements, they actually don't show what auditors typically check for. Because they use rather lenient auditors, you can basically get away with doing the bare minimum, which is often not enough. One example is that they use this AI pen testing tool, which is not a real pen test. They misled me.

Another thing is that Delve Automated Compliance Platform doesn't have vulnerability scanning. They don't have an agent to monitor endpoint activity or laptop security. Their cloud monitoring is completely insufficient and doesn't support most assets. The integrations are just complete failures. They just don't have many of the tools that the others do.

The user interface of Delve Automated Compliance Platform looks fine; I just wish I knew beforehand what we were signing up for. It looks fine, but a lot is missing.

My experience with Delve Automated Compliance Platform regarding measurable improvements is that it was mostly about getting through compliance, and I don't think that they were particularly fast. It took us about two months all in all to get ready for an audit before it even began, even though they promised us it would only take 10 to 15 hours, but it ended up taking weeks, which was rather stressful. The most stressful part was trying to explain to our clients why a bunch of things were missing that they were expecting. To be honest, the people at Delve don't really know their stuff at all. They're just a bunch of young people without any security knowledge.

Delve Automated Compliance Platform can be improved by, most of all, not fooling and misleading people and not making them believe they have things that they don't. They need to really work on making this a better product. One of the problems is that they say they have a lot built in, but they don't really. Most of it is just external third-party software that they license or buy themselves, but they don't really own anything themselves. It doesn't look like they've built that much. They kept talking about all this built-in functionality, and it just wasn't there. If there was anything, they just referred to another third party.

They need to hire very senior people that know their field because these young people just don't know their field, and it got us into trouble.

I've been using Delve Automated Compliance Platform for about five months.

We previously used Vanta, which was arguably better.

It was fairly easy to deploy Delve Automated Compliance Platform in our environment, as we had to basically integrate it with our cloud environment, and that wasn't too hard through their integration. But it didn't work very well, to be honest.

My experience with the configuration process of Delve Automated Compliance Platform is frustrating; they kept talking about how many integrations they had, but they barely didn't really support our stack. A lot had to be uploaded manually, integrations that I knew other platforms did have. They claimed to have automations to collect information and integration is absent, but that just wasn't true. We just had to manually upload evidence, and there was no way to verify whether we were doing the right thing or not because their teams didn't know.

My experience with the procurement process was easy because they basically told us that they had everything we needed. In the end, it was just sales talk. The reality is that we got misled a bit.

I haven't seen a return on investment with Delve Automated Compliance Platform, as we just got a SOC 2 report, but no real time saved, no fewer headcount or anything to show for it.

My experience with pricing, setup cost, and licensing is that we just bought it through the AWS Marketplace, and that was really easy to set up.

Before choosing Delve Automated Compliance Platform, I did evaluate other options, as we looked at all the classical ones such as Vanta, Drata, Secureframe, and Comp AI.

On a scale of one to five, I would rate Delve Automated Compliance Platform overall as a two. I give it a two because I would give them a one if I hadn't gotten my SOC 2, but they did get us that SOC 2. It just took longer, and it was just a lot more frustrating than I thought it'd be. They got us that in the end, so they get one point, basically, but everything else just wasn't great. My overall review rating for Delve Automated Compliance Platform is two out of five.