Blog

Practical writing for the founding engineer running compliance on the side of a product roadmap. No vendor-marketing puffery — opinions you can disagree with.

Compliance2026-06-03 7 min read
When a customer ticket starts your reporting clock
Anchoring the NIS2 Art. 23 / GDPR Art. 33 clock on the upstream signal time is the right call — but only if you can defend what "awareness was reasonably expected" looks like for that source. Here is how Raize Orion handles the customer-ticket edge case.
Read post →
Founder2026-05-20 4 min read
Why we built Raize Orion
Most GRC platforms are priced for the auditor, not the team that has to use them every day. Raize Orion is built for the founding engineer running compliance alongside a product roadmap.
Read post →
Compliance2026-05-19 7 min read
A 6-month SOC 2 roadmap for first-time founders
What to actually do, week by week, to go from no compliance program to a Type I report in six months. Budget £30-40k year one, including the auditor.
Read post →
Product2026-05-18 5 min read
Where Raize fits next to Vanta, Drata, and Secureframe
The incumbent GRC platforms are excellent if you have the budget. Raize is built for the segment that does not. Here is how the trade-offs actually land.
Read post →

Blog

When a customer ticket starts your reporting clock

Why we built Raize Orion

A 6-month SOC 2 roadmap for first-time founders

Where Raize fits next to Vanta, Drata, and Secureframe