Thank goodness someone is talking about SOC2. Nothing much interesting or dramatic has been happening in this space over the past few weeks. Glad someone is shaking things up a bit.

The entire compliance automation category exists because nobody owned the underlying employee data. That just changed. Standalone compliance tools sell integration breadth as the moat. "We connect to your entire tech stack" is the pitch. Hundreds of integrations, dozens of frameworks, a federated pull across every system you run. That moat only exists when the data is fragmented. Employee records in one HRIS. Devices in an MDM. Identity in an IdP. App access spread across dozens of SaaS tools. Training in a learning system. Each one a separate API, a separate auth token, a separate schema. Stitching that together is genuinely hard work, and the standalone tools priced that hard work into a category. Rippling already owns the source. HRIS, IT, identity, app provisioning, device management, training, payroll. One schema, written once. Compliance becomes a single query against a unified data layer. The federated pull goes away. Unit economics flip completely. A standalone tool has to acquire a customer cold, run a multi-month implementation, maintain integrations against APIs that keep deprecating endpoints. Rippling already has the customer paying for the underlying systems, already has the data, marginal cost to attach compliance approaches zero. This is the same play that works whenever a system of record absorbs an adjacent category. Find the place where the "value add" is stitching data the system of record already has. Bundle it at near-zero marginal cost. The architectural premise underneath the standalone category quietly collapses. AI compliance agents don't change this either. The agent inherits the underlying data graph. Querying hundreds of inconsistent APIs gives you an agent with inherited inconsistency. Querying one schema gives you an agent that actually works. Standalone tools still have distribution and customers who don't run on a unified platform. They'll be fine for years. But the structural ceiling on the category just got marked down for anyone who takes the compound thesis seriously.

Hot take: compliance feels complex because of how it gets handled. SOC 2 turns painful when teams try to recreate reality inside a compliance tool using integrations, exports, and manual checks. That’s what turns it into a second job. @Rippling takes a different approach. Start from what already exists. When employee data, devices, and access controls live in one place, evidence collection happens automatically. Fixing gaps becomes immediate instead of coordinated across multiple tools. This feels less like better compliance software And more like removing unnecessary work altogether

@Rippling does Automated Compliance now and the product is SO GOOD that I sat in front of a camera for 2 hours to talk about it. If you’re running your startup on Rippling, you already use them to manage the stuff that matters for SOC 2: employees, devices, access, policies, onboarding, offboarding. It's kind of a no-brainer. rippling.com/customers/steal…

Today, we’re launching @Rippling Automated Compliance. The systems and data you need for compliance should exist in the same platform where you run your business. With Rippling, they do. If you're looking to get SOC 2-ready this year, this product is for you.

The majority of evidence needed for SOC 2 is already in the system. And when we find a gap, we help you close it without any tickets or side quests.

Today, we launched @Rippling Automated Compliance, starting with SOC 2. We have a unique advantage here: we aren't telling you how to fix your stack, because we ARE your stack. device management, identity and access management, HR, performance management...

Rippling AI was the most successful launch we've ever done. On the heels of this launch, Rippling's revenue is now growing 78% YoY (at ARR over $1 Billion). And this growth rate has now increased, every quarter, for three straight quarters.

For years, @parkerconrad has been making the case that the real unlock in business software is the underlying employee data model. That’s why this launch matters: Rippling’s AI isn’t a thin wrapper on top of disconnected tools, it’s built on the system of record for the workforce. The customer posts are worth reading.

Rippling is going to be one of the main companies where AI meets organizations. They're still young enough to embrace AI thoroughly, but they're also big enough that they touch organizations in many places.