Ostendio, Inc.
Streamlines the way companies build, manage, and demonstrate their information security and compliance framework.
| Date | Investors | Amount | Round |
|---|---|---|---|
| investor | €0.0 | round | |
| investor | €0.0 | round | |
| investor investor investor | €0.0 | round | |
N/A | Late VC | ||
| Total Funding | 000k | ||
| USD | 2021 | 2022 | 2023 |
|---|---|---|---|
| Revenues | 0000 | 0000 | 0000 |
| % growth | - | 96 % | - |
| EBITDA | 0000 | 0000 | 0000 |
| Profit | 0000 | 0000 | 0000 |
| EV | 0000 | 0000 | 0000 |
| EV / revenue | 00.0x | 00.0x | 00.0x |
| EV / EBITDA | 00.0x | 00.0x | 00.0x |
| R&D budget | 0000 | 0000 | 0000 |
Source: Dealroom estimates
Related Content
Founded in 2013, Ostendio, Inc. operates as an integrated risk management technology company, providing a cloud-based platform for governance, risk, and compliance (GRC). The company was established by Grant Elliott, who drew upon his extensive background in information security and regulatory compliance to create the firm. Before founding Ostendio, Elliott served as the Chief Operations Officer and Chief Information Security Officer at Voxiva, a mobile health provider, where he managed multiple ISO 27002 security audits and the company's first HIPAA audit. His experience at Voxiva, along with roles at AT&T and British Telecom, provided him with deep expertise in health IT, mobile health, and regulatory compliance, directly influencing Ostendio's development.
Ostendio is headquartered in McLean, Virginia, and serves a diverse client base across North America, Europe, the Middle East, and Australia. Its customers span various industries, including healthcare, financial services, education, and computer and network security. The company's business model is centered on a Software-as-a-Service (SaaS) subscription model for its flagship product, the Ostendio MyVCM platform. This platform is designed to help organizations build, manage, and demonstrate compliance with over 300 security frameworks, such as SOC 2, HITRUST, and FedRAMP. Revenue is generated through tiered subscription plans, including Select, Premium, and Enterprise packages, which offer progressively advanced features.
The MyVCM platform provides a comprehensive suite of tools for integrated risk management. Key features include risk assessment, policy and procedure management, security awareness training, vendor risk management, and continuous compliance monitoring. The platform facilitates a collaborative environment, particularly through its 'Auditor Connect' and 'Vendor Connect' marketplaces, which streamline interactions between clients, auditors, and vendors. This creates a network effect, enhancing transparency and efficiency for all participants. A personalized dashboard for each user provides a prioritized view of assigned tasks and a unique compliance score, making it easier for organizations to maintain an audit-ready posture at all times. By automating workflows and centralizing compliance activities, the platform aims to significantly reduce the time and effort typically spent on audit preparation.
Keywords: governance risk and compliance, GRC platform, integrated risk management, cybersecurity compliance, data security, risk management software, audit management, vendor risk management, policy management, compliance automation, MyVCM platform, information security management, SOC 2 compliance, HITRUST certification, FedRAMP, HIPAA compliance, security awareness training, continuous compliance, regulatory technology, cybersecurity audit, risk assessment tool