Delve leadership is addressing a series of anonymous allegations by launching a platform-wide audit overhaul and investigating a targeted cyberattack they claim fueled the recent smear campaign.

Key Points

• Delve is rebuilding its auditor network and offering complimentary re-audits and penetration tests to all active customers.
• The company has halted all automation interacting with audit workflows to ensure platform transparency and compliance accuracy.
• CEO Karun Kaushik and COO Selin Kocalar allege a malicious actor purchased access to the platform to exfiltrate internal data.
• Delve has engaged third-party cybersecurity firms to investigate the data breach and strengthen existing system protocols.
• The company refutes claims of intellectual property theft, stating they utilized Apache 2.0 open-source code permitted for commercial use.

Why it Matters

This incident highlights the significant security and reputational risks compliance-tech firms face as they scale rapidly in a competitive market. By addressing both the technical vulnerabilities and the public narrative, Delve aims to restore client confidence and maintain its standing within the security auditing industry.