Squares in the
                  background Squares in the
                  background Background blue image Backgroudn orange image

Trusted and trustworthy security programs for startups

We build and run your security program, get you compliant with standards, and help you sell to discerning customers.

Partner today, leave any time.

Our Services

Security Advisory

Bring an expert security leader in as your designated security advisor. We work with you, your team, and your customers to add subject matter expertise and operate your security program.

We create customized processes and solutions to deal with the fast changing aspects of your information security program. We help with whatever challenges are most important to you.

Governance, Risk, and Compliance

If you are concerned about losing deals without a SOC 2 or ISO 27001 audit, we help you license software, prepare for your audit, select a suitable auditor, and even drive the audit.

We also help with questionnaires from your most discerning prospects and craft custom policies and procedures that make sense for you.

Product Security

We build and operate top-of-the-line product security programs. We work with you to set up static analysis, dynamic analysis, cloud security, penetration testing, architecture review, and manual code review.

We walk the talk as we have been running a successful application security boutique since 2016.

Enterprise Security

Secure the tools your employees and contractors use to get their job done. Endpoint security, identity and access management, vendor risk assessments, and security awareness training are all solutions we bring to your team.

We're pragmatic security engineers

Rob Picard

Rob Picard

John Villamil

John Villamil

Luca Carettoni

Luca Carettoni
Observa provides actionable insights that we can quickly put into practice. They’ve made a tangible difference during our SOC 2 audits and preparing us for vendor due diligence processes, helping us to put our best foot forward and make considered decisions in regards to our security posture. I couldn't recommend Observa more.
Observa's strengths have been flexibility and high value delivery. Startups are not big companies with huge security programs that would weigh them down, so it's super critical to get the right amount of coverage and process for your own business versus following some playbook.
Observa was easy to work with and nuanced in their approach to getting us ready for SOC 2. They made it clear what was required, what was optional, and what the best practices are for a company at our stage of growth.

Our Approach

1

Conversation

Let's talk! We want to understand what your goals are and where things stand today.

We can help with a lot of different things, but not everything. This is where we'll come to a mutual understanding of whether we're a good fit for you and you're a good fit for us.

If that seems to be the case, we'll prepare a proposal.

2

Integration

Once all of the paperwork is signed, you've got yourself a security team! Now it's time to dig in and build your program.

This is where we'll go deep on the work you've done up to this point, and create a plan with specific milestones on the way to achieving your goals.

We present options and recommendations to you so that you're always in full control of your security program.

3

Operation

Now let's get it done! We'll work on a continuous basis to operate your security program and drive successful outcomes like SOC 2 compliance, vulnerability remediation, and questionnaire responses.

You may also choose to purchase additional services that we provide, or let us help you find a good partner to provide more services to you. Our job is to advise you in making the right decisions for you and your company.

Our Principles

Modern Craftsmanship

Our work is thoughtfully crafted, effective, and productive from large work products to the smallest client interactions. Quality comes first.

Trusted and Trustworthy

We partner with clients to build programs that are both trusted and trustworthy, without adding unnecessary friction to the business.

Effective →
Easy →
Delightful

Getting the result is primary, but that's not enough to succeed. We are easy to work with, and even deliver moments of delight both large and small to our clients.

Want to talk about startup security?

That's our favorite thing. Say hello!

Work with us

Send us an email at hi@observa.com or book a call below!