"The crisis traces back to an anonymous Substack post by a person using the pseudonym DeepDelver, who claimed to be a former Delve customer. The posts alleged that Delve misled clients about their privacy and security compliance status, auto-generated reports, and relied on low-quality certification providers who approved reports without proper scrutiny."
"In a blog post on Delve's website, the company's leadership characterized the situation as an attack by someone who purchased their service under false pretenses in order to obtain internal data for a smear campaign. The company said it has hired a cybersecurity firm to investigate and described the allegations as fabricated."
"Delve pointed to a detail from DeepDelver's own posts - an acknowledgment that Delve's AI automated 70% of a security questionnaire - which Delve presented as evidence that its technology works."
Delve, a compliance startup, has been removed from Y Combinator's portfolio following allegations of misleading clients about privacy and security compliance. An anonymous post claimed Delve used low-quality certification providers and auto-generated reports. Delve's leadership characterized the allegations as a coordinated attack and stated they are investigating the claims. They defended their use of open-source tools and highlighted their technology's effectiveness in automating security questionnaires. The situation escalated after a security researcher demonstrated access to sensitive data, further damaging Delve's reputation.
Read at Silicon Canals
Unable to calculate read time
Collection
[
|
...
]