Customer Story

Automating security compliance using AI agents

Lewis Carhart

Lewis Carhart

Founder, Comp AI

Image for Automating security compliance using AI agents

Lewis Carhart, Founder of Comp AI, shares how they use Trigger.dev to automate evidence collection at scale, powering their open source, AI-driven compliance platform. Since launching in April they have onboarded 2,500+ companies as well as achieving #1 Product of the day on Product Hunt. Their goal is to use automation to enable start-ups to achieve cyber-security certification for a fraction of the cost vs the incumbent compliance companies.

Why Comp AI uses Trigger.dev

We needed a reliable solution for scheduling and executing background jobs in our Next.js-based SOC 2 compliance platform.

Trigger.dev provided the scheduling and background job capabilities we needed to automate compliance evidence collection at scale.

The problem with compliance evidence collection

Traditional SOC 2 compliance is expensive and time-consuming for start-ups, often costing tens of thousands of dollars and taking months to complete. We identified that early-stage companies needed an automated approach to evidence collection that could handle the complexity of SOC 2 requirements without the manual overhead.

The technical challenge was building reliable background processes that could continuously collect evidence from multiple sources while maintaining the audit trail required for compliance certification.

Automating evidence collection with agents

We use Trigger.dev to power our automated evidence collection system. Our platform uses AI agents to gather compliance evidence by querying various API endpoints using MCPs, with browser-based automation as a fallback.

Trigger.dev handles the scheduling and execution of these evidence collection jobs and integrates with our Novu notification system. This automation allows us to offer full cyber-security certifications for significantly less than our traditional competitors.

Growing with Trigger.dev

Since launching in April, we've onboarded over 2,500 companies using this automated approach. The reliability of Trigger.dev's job scheduling has been essential as we've scaled our evidence collection automation and built our open source community of 600+ compliance professionals.

Ready to start building?

Build and deploy your first task in 3 minutes.

Get started now