Contentstack Fosters Cross-team Collaboration to Expedite Security Reviews

Contentstack's collaboration with SecurityPal represents a pivotal step in accelerating its security review cycles. This strategic partnership not only automated security questionnaires but also bolstered compliance, and streamlined knowledge management processes. Additionally, SecurityPal fostered stronger collaboration between Contentstack's Sales and Security teams. These enhancements played a crucial role in supporting Contentstack's growth and continue to be integral as the company expands its operations.

The Challenge: Scaling Security Review Workflows

With a two-person security team, Contentstack was challenged with scaling their security review process to match the pace of the sales organization. At the time, Contentstack was a relatively young company. With a focus on keeping operations lean, they couldn't justify hiring additional full-time security personnel based on a fluctuating volume of security assessments. Plus, each security questionnaire varied in length and detail, making it especially challenging to allocate resources. 

“Our security review process used to be reactionary, responding to assessments as they came through the door,” Oppenheimer says of their process before partnering with SecurityPal. “There were two major problems with this approach. First, if we had an influx of security reviews, our lean security team didn’t have the bandwidth to handle the higher volume. Second, security questionnaires varied. Some could have 100 questions we hadn’t seen before, and it could take up to a week to answer.”

The responsibility of security questionnaires is shared between the Sales and Security teams at Contentstack. The sales team, situated globally, needed to operate quickly in order to close more deals. The security engineers, based in India, needed a repository of up-to-date questionnaire responses to reduce time to completion on security assessments. Contentstack needed a security review solution that fostered seamless collaboration between Sales and Security. 

“Our sales team needed to operate at a speed that our security team couldn’t meet,” Oppenheimer explains. “In order to close more deals and grow the business, we knew we needed an agile solution that could help our Sales and Security teams complete security questionnaires with more efficiency, collaboration, and accuracy.” 

As security questionnaires become increasingly more complex, they require a robust database of accurate responses and documentation that are constantly updated as products, processes, and policies evolve. Before partnering with SecurityPal, Contentstack managed all of this information in Google Sheets, but it was challenging to keep information up to date, control access to ensure sensitive information was secure, and share knowledge across teams.

“In 2018, our sales team started using RFPIO to manage our information library,” Oppenheimer explains. “This was an improvement, but it essentially made the security review process an extension of the RFP process, making it even more challenging for our Sales team to collaborate with Security.”

Contentstack sought a solution to create a single source of truth for critical information, automate their security questionnaires, and enable seamless collaboration between their Sales and Security teams.

The Solution: Streamlining Security Reviews at Scale

As a thriving tech scale-up, the Contentstack team knew they needed a solution that could quickly and easily scale as the company grew, with a constantly updated information library, security questionnaire automation, and an easy-to-use platform for cross-team collaboration. More importantly, Contentstack wanted a security review vendor that aligned with their vision and acted as a true partner.

“SecurityPal checked all of our boxes,” Oppenheimer says, reflecting on their decision-making process. “We were blown away within the first 45 days of our partnership. We look for  three things in any vendor we choose: what their product does, what their roadmap is, and the team behind the company. We really align with the vision of SecurityPal’s leadership team, and this alignment has made evolving our partnership seamless.”

Contentstack’s Sales team uses SecurityPal Questionnaire Concierge, which leverages both AI technology and seasoned security analysts to automate and streamline the security review process. Before partnering with SecurityPal, the Sales team spent hours answering hundreds of questions per security questionnaire. Now, SecurityPal completes 88% of each questionnaire before it reaches the Sales team. Not only is the completion faster — with an average turnaround time of 1.6 days — but the answers are more complete and accurate, reducing the time required for the Sales team to review questionnaires. 

Contentstack’s Security team relies on the SecurityPal Knowledge Library to foster better collaboration with the Sales team. With the support of highly skilled SecurityPal analysts, the Security team is able to maintain the Knowledge Library with up-to-date, accurate information. As products, processes, and policies evolve, the Knowledge Library serves as a single source of the truth for cross-team collaboration, ensuring that security questionnaire responses are accurate and compliant.

“My favorite thing about working with SecurityPal is how responsive and flexible they are,” Oppenheimer shares, reflecting on his collaboration with the SecurityPal support team. “With any third-party vendor, I expect challenges with onboarding or scalability. It’s inevitable. What matters most is how vendors respond to these challenges. With SecurityPal, they iterate custom processes to accommodate our needs as we grow. Not only that, but they’ve offered suggestions on how we can improve our internal process.”

One example of this is the launch of SecurityPal Copilot, a powerful security assistant that leverages AI and human analysts to complete small requests from companies inquiring about your security and GRC posture. Recognizing that Copilot could expedite Contentstack’s RFP cycles, SecurityPal offered a beta test of the new tool. Contentstack loved the capabilities for small, one-off requests, but offered feedback that they needed a Slack integration in order for their sales team to utilize the tool fully. 

“Within six days, SecuirtyPal provided an implementation guide to get our Sales team up to speed, and within three weeks Contentstack received an API to integrate Copilot into our existing process,” Oppenheimer says. “I don’t feel like we have to fit our processes into the SecurityPal platform. Instead, they develop solutions to work for us.”

This feedback emphasizes the impact of SecurityPal’s commitment to partnership, which empowers our customers to improve efficiency, accuracy, and collaboration without having to build custom integrations. 

The Impact: Fostering Collaboration and Business Growth

Before working with SecurityPal, Contentstack felt stuck in a reactive cycle that was inhibiting vital business growth. The Sales and Security teams were struggling to keep up with security questionnaires as demand grew, holding them back from high-impact work to grow the business.

The alliance between SecurityPal and Contentstack has fostered efficiency for the Sales team, allowing them to get ahead of the security review cycle and focus their energy on working with customers and closing more deals. Their team can now work with agility, knowing that SecurityPal can handle security questionnaires with accuracy and speed. 

Additionally, the Security team has reduced the necessary headcount focused on security questionnaires. Instead, their team is able to focus on growing the security program and improving Contentstack’s security posture. With SecurityPal handling the tedious work of security questionnaires, Contentstack’s Security team has improved their retention, hiring, and job satisfaction. 

Contentstack has found a reliable and trusted partner in SecurityPal, which has proven to be indispensable in speeding up the security review process while maintaining the utmost precision and compliance standards necessary in today’s digital environment. This partnership has not only streamlined operational workflows for Contentstack's Sales and Security teams, but it has fostered critical cross-team collaboration to support Contentstack’s growth.

To learn more about how SecurityPal can improve your security questionnaire process with increased efficiency and accuracy, don't hesitate to get in touch with us today.