Delve whistleblower strikes again, with alleged receipts about ‘fake compliance’

Delve's whistleblower, known as DeepDelver, has posted alleged evidence showing that the startup, founded by young MIT dropouts, may have faked compliance for audits. This follows CEO Karun Kaushik's public denial. Delve helps automate security certifications, but recent malware incidents concerning a client, LiteLLM, raise questions about the efficacy of such certifications.

Key Points

• DeepDelver accuses Delve of faking compliance evidence, posting alleged receipts including videos and Slack messages.
• Karun Kaushik, Delve's CEO, made a public denial of the accusations one day prior to the new accuser's claims.
• Delve, founded by MIT dropouts, automates obtaining security certifications and compliance with laws like GDPR.
• The company secured $32 million in Series A funding after a $3 million seed round.
• Concerns about the value of security certifications are highlighted by a recent malware infection in client LiteLLM, which used Delve for certifications.

Relevance

• The controversy occurs against a backdrop of growing skepticism about the actual protections offered by compliance certifications.
• Delve's rise and challenges reflect broader trends in the IT industry where automated compliance solutions are increasingly scrutinized for effectiveness, especially amid rising cybersecurity threats by 2025.

The allegations against Delve underscore continuing doubts about the true value of compliance certifications, highlighting the need for transparency and accountability in automated security solutions.