Tanzir Hasan

@ohryansbelt Genuinely baffling. If they get caught the business just dies because who would use a fake compliance service? What was the end goal?

Delve, a YC-backed compliance startup that raised $32 million, has been accused of systematically faking SOC 2, ISO 27001, HIPAA, and GDPR compliance reports for hundreds of clients. According to a detailed Substack investigation by DeepDelver, a leaked Google spreadsheet containing links to hundreds of confidential draft audit reports revealed that Delve generates auditor conclusions before any auditor reviews evidence, uses the same template across 99.8% of reports, and relies on Indian certification mills operating through empty US shells instead of the "US-based CPA firms" they advertise. Here's the breakdown: > 493 out of 494 leaked SOC 2 reports allegedly contain identical boilerplate text, including the same grammatical errors and nonsensical sentences, with only a company name, logo, org chart, and signature swapped in > Auditor conclusions and test procedures are reportedly pre-written in draft reports before clients even provide their company description, which would violate AICPA independence rules requiring auditors to independently design tests and form conclusions > All 259 Type II reports claim zero security incidents, zero personnel changes, zero customer terminations, and zero cyber incidents during the observation period, with identical "unable to test" conclusions across every client > Delve's "US-based auditors" are actually Accorp and Gradient, described as Indian certification mills operating through US shell entities. 99%+ of clients reportedly went through one of these two firms over the past 6 months > The platform allegedly publishes fully populated trust pages claiming vulnerability scanning, pentesting, and data recovery simulations before any compliance work has been done > Delve pre-fabricates board meeting minutes, risk assessments, security incident simulations, and employee evidence that clients can adopt with a single click, according to the author > Most "integrations" are just containers for manual screenshots with no actual API connections. The author describes the platform as a "SOC 2 template pack with a thin SaaS wrapper" > When the leak was exposed, CEO Karun Kaushik emailed clients calling the allegations "falsified claims" from an "AI-generated email" and stated no sensitive data was accessed, while the reports themselves contained private signatures and confidential architecture diagrams > Companies relying on these reports could face criminal liability under HIPAA and fines up to 4% of global revenue under GDPR for compliance violations they believed were resolved > When clients threaten to leave, Delve reportedly pairs them with an external vCISO for manual off-platform work, which the author argues proves their own platform can't deliver real compliance > Delve's sales price dropped from $15,000 to $6,000 with ISO 27001 and a penetration test thrown in when a client mentioned considering a competitor

Can the github engineers stop vibe coding please. If there's another github actions outage I might blow my brains out.

@rheejust @porterdotrun @FirstMarkCap @ycombinator @daltonc @ROWGHANI Congrats! It's been a pleasure working with Porter.

@bubbleboi @chrisbarber I'm not saying it can't; I'm saying, why would you? Twilio works, so people use it. If you make an app/service with Claude, it will likely use Twilio or a similar service. If you grow to where it's a major cost and you justifiably need to replace it, well, they made their bag.

@TanzirisHere @chrisbarber Claude will figure it out eventually

Charlie Songhurst and I would love to incubate a long/short saas public equities fund trading the impacts of claude code et al on different saas cos what do you think is the right profile for this? perhaps obsessed with markets and ai; likes investing but not a gambler; aware of what other people think but unimpacted. what else?

@bubbleboi @chrisbarber short twilio? I feel like the existence of claude code will greatly benefit Twilio in the long run. Who wants to make their own Twilio/Twilio subsidiary (sendgrid, etc) replacement?

@chrisbarber Already doing this. Long: Datadog Confluent AMD/Intel NET Amazon Short: Team Gitlab Adobe Twilio Upwork/Fiver/consulting

2025 was the year accurate intelligence became cheap and extremely powerful, giving engineers an Iron Man suit to do more than ever before. 2026 will be the year that AI leverage separates great engineering teams from the rest. So how do we prioritize AI leverage at @Traba_Work? Enter Roomba Rumble. Roomba Rumble is our way of celebrating engineers who maximize “Roombas” — background agent–led PRs that require minimal attention but have massive impact. Here’s some things we accomplished with Roombas in Q4: @TanzirisHere decommissioned our legacy event handling service, identifying migration targets and methodically working through them week-over-week. @sumeetbnsal replaced our legacy test infrastructure, cutting our CI times in half, and built Claude sub-agents to support our infrastructure. @Solidous became the first responder for operators' feature requests. Asks that once sat in a backlog now get shipped before others on the team even see them. @MaceoCk built a data analyst agent that generates research reports directly in Slack, turning guesswork into informed decisions. Other side quests have spanned the gamut: root-causing and patching noisy alerts, optimizing sluggish endpoints, even a Slackbot that randomly pairs teammates across functions to keep the culture tight as we scale. How did we celebrate them, you ask? With a turnover chain, of course. At Traba we celebrate the engineers who choose ambitious quests and see them through. Ultimately, we’re building a culture where force-multiplying AI leverage is owned by every engineer. If you want to apply frontier AI to the supply chains that stock your fridge, deliver your packages, and fill your prescriptions, come join Tanzir, Sumeet, Moreno, Maceo, and the rest of the team. Careers page below.

Graphite created the most heinous ui change imaginable and called it an improvement. I might actually switch back to github.

@nearcyan @eastdakota Robinhood, sports betting, and prediction markets are pretty common among younger guys and there is the appearance of high odds of winning ala "I know the industry/watch the sport/watch the news so I have alpha" vs with if you go to vegas you know you're prbly gonna lose money

Was weird being in Vegas recently. So quiet. So many fewer people gambling, drinking, partying. My pet theory: Ozempic killing Vegas, just like it’s killing snack food brands, liquor producers, and Napa.

my body is a machine that takes vc capital and transforms it into mild amounts of shareholder value

Open AI showing us how good gpt-5 (pink) is at deception

@DKossnick Hello, the startup I work at is using Figma Make and it not using our design system is one problem that we've noticed that's stopping us from using it to it's full potential. Is that something that already exists or are there any plans to allow that? Thanks!

The best feedback is always, fast, concrete, and direct.

8 sleep gave me a 100 rating after the worst night of sleep in my life. The time slept isn’t even close to being accurate. I guess I gotta start wearing my Apple Watch again.

@vogentai @sesame Nice job, the response time was sick!

We rebuilt @sesame's CSM-1B to make the most realistic voice agents you’ve ever seen. Try it yourself and talk to the president at (510) 315-0014 🧵

Today 75% of @Traba_Work's customers are asking about legal work authorization, compared to <5% just a few months ago. @rabois and @mike_sheb talk about helping companies secure their workforces with @LizClaman👇 foxbusiness.com/video/63686670…

The Art of Hiring for Founder Mode brought together top minds in entrepreneurship, and our CEO, @mike_sheb was honored to represent Traba 💜sharing how we find the top 1% of talent: Tune in ⬇️ for a peek into an inspiring day! 🎥

@veerpy Have you a/b tested with other subjects🤔

so much alpha in sitting into random psychology lectures and coding. zuckerberg understood this well