[selinkocalar]

Thanks for that! And good question. Vanta offers a compliance checklist and integrates with your service providers (such as AWS, Github, etc.) to continuously monitor your system settings and flag potential vulnerabilities.

We provide a similar compliance checklist to Vanta, as well as HIPAA-compliant infrastructure and technical configurations. We’ll set up your application on compliant infrastructure deployed in your cloud, integrate CI/CD pipelines, and provide real-time logging/monitoring. Providing the technical piece that's compliant out of the box lets you save weeks of manual work configuring it yourself and having Vanta's API integration/AWS audit manager check it.

We use terraform to automate the infrastructure deployment process in a modular fashion. When you deploy with us, we take a dockerfile and basic information about your infrastructure setup, such as your availability region, RDS configs, instance sizes, etc. to deploy your application. This lets us support a variety of use cases and needs.