GRC platform Scrut Automation raises $10 Million

GRC platform Scrut Automation has raised $10 million in growth capital from existing investors Lightspeed, MassMutual Ventures and Endiya Partners. The company will enhance their platform capabilities, incorporate generative AI use cases to reduce the manual effort for risk and compliance teams, and expand to North American and European markets. With this round, the company has now raised $20.5 million in total venture funding since its inception in 2021.

Scrut Automation was created to address the unique risk and compliance challenges faced by tech-first mid-market businesses in highly regulated industries. These companies grapple with stringent compliance requirements from regulators and industry bodies, and mounting pressure to keep risk under the threshold, but are often hindered by limited budgets and understaffed teams. Moreover, a rapidly evolving threat landscape, accelerated by the adoption of generative AI, massive layoffs in cybersecurity teams, and the counter-intuitive, yet very real increasing skill gap in cybersecurity further exacerbate the problem for the teams.

“Mid-market organizations have limited options,” says Aayush Ghosh Choudhury, Co-founder and CEO of Scrut Automation. “They can buy off-the-shelf compliance automation tools that offer a one-size-fits-all approach to compliance, disconnected from the organizational risks; or invest in expensive enterprise-grade tools with year-long implementation and underutilized features.”

Scrut Automation provides a third option for companies that seek to build scalable GRC programs aligned with the organization’s goals, risks, and resources. Scrut helps companies consolidate their compliance and risk management processes while contextualizing their risks, reducing duplication of effort, and automating control monitoring.

“A core USP for Scrut is offering an extremely high degree of flexibility in creating GRC programs that fits closely with the customer’s environment. For example, a financial services company in the lending space will have very different regulations, compliance frameworks, and risks from a healthcare services company for hospitals. Scrut accounts for this context – as the platform adapts seamlessly to these differences. We have also built practice areas for regulated industries like healthcare, financial services, and enterprise software, that allow the platform to embed expertise in addition to automation,” added Aayush Ghosh Choudhury.

The Scrut platform pairs this configurability with deep automation capabilities and a proprietary unifying control framework. Integrating across a growing library of 75+ products, the platform automates tests across more than 70% of the controls, reducing manual effort in chasing control owners and capturing evidence. This enables GRC teams to get near-real time visibility into their risk and compliance posture, enabling them to take corrective action on time. The unifying control framework ties the organization’s controls to compliance requirements, which eliminates the duplicate effort required to demonstrate compliance with different frameworks.

As Scrut continues to grow, it aims to help mid-market companies build strong risk and compliance management practices with reduced dependency on human capacity and expertise, through an AI-first GRC concierge.

“A strong security posture has always been a core need for large enterprises globally. Given the increase in the number of breaches and attacks over the past few years as well as increase in regulatory compliance requirements, mid-size enterprises are now adopting strong Governance, Risk, and Compliance (GRC) practices. Scrut’s user-friendly and market-leading platform reduces this burden for security and GRC teams. We are happy to reaffirm our commitment to supporting the Scrut team.” says Dev Khare, Partner at Lightspeed.

Scrut Automation has been recognized by G2, a social software review platform, on their 2024 lists for fastest-growing products and best security software.

“Legacy GRC products are built for enterprises, but fail to meet the needs of high-growth tech-first companies,” says Anvesh Ramineni, Managing Partner at MassMutual Ventures. “Scrut Automation is built specifically to cater to their needs and addresses their pain points seamlessly. We’re excited to support Aayush, Jayesh, Kush, and the Scrut team in building one of the fastest-growing GRC platforms globally.”

Prior to Scrut Automation, co-founders Aayush Ghosh Choudhury and Jayesh Gadewar were building a procurement suite, where they spent months trying to fulfill the risk and compliance needs of their enterprise customers. Recognizing this widespread pain, they teamed up with Kush Kaushik, their third co-founder, who was helping them navigate the challenging terrain of compliance, to build Scrut Automation. With Scrut Automation, they have helped over 800 customers worldwide build enterprise-grade GRC programs.

The company has also added angels and advisors from SaaS and cybersecurity sectors, including Sandeep Johri (CEO, CheckMarx), Sachin Lawande (CEO, Visteon), Vetri Vellore (Ex-Corporate VP at Microsoft), Naresh Agarwal (Head of India R&D for Traceable), Davis Hake (Co-founder, Resilience), Shreesha Ramdas (ex-SVP at Medallia), and Todd Dekkinga (CISO, Zluri), to name a few.

Leave a Reply

%d bloggers like this: