Overview
Cribl is the data engine for IT and security teams. They help companies collect data from anywhere, clean it up, and route it to the tools they already use so they can get answers faster and stay in control as they scale.
As Cribl grew into more enterprise deals, customer security reviews became part of the everyday deal process. The team needed a way to respond quickly with consistent, evidence-backed answers without pulling security and engineering into constant last-minute scrambles.
Before Jon Zayicek joined Cribl to lead Customer Security Assurance, the work was spread across multiple teams. Answers were duplicated, updates were hard to track, and it was difficult to show leadership how customer assurance was helping revenue. With support from CISO Myke Lyons, Cribl brought customer assurance into a single, CISO-led program. They aimed to scale transparency and clearly show impact in forward-looking business terms, not just in backwards-looking task reporting.
Myke Lyons
CISO, Cribl
“Pursuing certain certifications is a pipeline-generating activity for the business. People want to buy software and consume software from companies they can have a relationship with. They’ll always look to trust.”
At a glance
- From scattered ownership to a real program: dedicated CSA program reporting to CISO Myke Lyons
- From “send over the docs” to “self-serve proof”: a buyer-friendly trust portal experience
- From weeks to days: faster questionnaire turnaround with safe reuse of approved answers and AI capabilities
- From effort to outcomes: SLAs, reporting, and deal alignment that leadership can understand
- From point-in-time to always-ready: centralized policies, controls, and evidence to support the next step in continuous assurance
The challenge
As their enterprise momentum grew, Cribl faced the same trust bottlenecks as many high-growth SaaS organizations. Customer security reviews began appearing in more deals and at a higher volume. The team needed a way to respond fast with consistent, evidence-backed answers. They needed to turn customer assurance into a repeatable, sales-aligned program.
1) Questionnaires slowed down deals
Security reviews created drag in late-stage deals, pulling time from security experts. The back-and-forth didn’t help customers buy with confidence.
“Two years ago, it took four to six weeks to complete a questionnaire,” explained Jon Zayicek, Customer Security Assurance Leader. “Now, it takes about 2 days, and sometimes even 24 hours.”
2) The answers lived everywhere
Without a single system of record, multiple departments were needed to answer security questions, leading to inconsistencies and avoidable duplication of work.
3) Security impact was hard to prove in business terms
Cribl needed a way to showcase customer assurance success in a language leadership understands, including deal influence, cycle time, SLAs, and revenue impact.
The solution
Cribl operationalized customer trust as a repeatable program powered by the TrustCloud platform.
1. Make transparency the default with TrustCloud
Cribl leaned into a “show, don’t tell” trust model, providing real proof that sellers, partners, and customers can quickly review.
Using the TrustShare portal, Cribl created a self-serve trust experience that includes:
- A centralized set of trust artifacts (attestations, security documentation, policies, and supporting materials)
- Streamlined gated access (including click-through NDA workflows for prospects)
- A repeatable experience that helps customers find answers quickly and deflect unnecessary questionnaires
Myke Lyons
CISO, Cribl
“We took TrustCloud internally from a system that he [Jon] would do all of the interactions with, to a system where our customers are doing self-service. Our sellers know that TrustCloud exists and how to engage with TrustCloud to make themselves more successful.”
Cribl also introduced a proactive model for vulnerability updates (e.g., a “notification/advisory” approach) so customers can quickly confirm their vulnerability posture without triggering another round of questionnaires.
“We’ve had several customers look at our trust portal, which is very transparent, and we’ve avoided questionnaires,” Jon shared.
2. Use AI for questionnaire automation
Cribl applied AI where it creates the most leverage: repetitive, pattern-based questionnaire work, grounded in approved evidence.
Myke Lyons
CISO, Cribl
“It is a no-brainer to be using TrustCloud to answer questionnaires in a programmatic way.”
With TrustCloud’s AI-assisted automation, Cribl built and maintained a strong knowledge base. This frees their CSA team to focus on higher-value work, such as complex deal support.
Jon explained: “After getting the majority of questionnaires into TrustCloud, utilizing the knowledge base really let us spend more time on other areas that were important, like having conversations with customers. We didn’t just want to sit behind a blank computer screen, sending out documents. We wanted to be able to communicate with the customer.”
3. Build a single home for policies, controls, and evidence
Cribl didn’t treat TrustCloud as a point tool for questionnaires only. The team expanded into a more durable foundation so teams could pull consistent proof without reinventing the wheel every quarter:
- Bringing controls and policies into a single system of record.
- Improving how evidence is organized, refreshed, and tied back to requirements.
- Making trust outputs easier to maintain as the business grows
Myke Lyons
CISO, Cribl
“We actually track at which stage in forecasting CSA is most effective, so we can figure out how to further enhance and enable our sellers on how that interaction can go better. When a questionnaire happens, we have given them as much data as possible that’s appropriate for that stage of the conversation.”
Adopting TrustCloud made it easier for CSA to pull consistent proof, for GRC/security to maintain governance, and for the broader organization to contribute without creating chaos.
4. A foundation for continuous control monitoring (CCM) and “trust signals.”
Myke also described where the program is heading: beyond just documents and questionnaires toward displaying continuous assurance signals, including:
- Automated control testing where possible.
- “Traffic light” indicators that show how controls are performing (for example, vulnerability remediation SLAs trending green/yellow/red).
- A path toward more self-serve audits and industry-tailored experiences over time.
This approach to CCM gets to the heart of a buyer’s real question: not “do you have a policy,” but “are you actually performing against it?”
5. Customer Assurance + Sales = trust wins deals
The CSA and CISO functions at Cribl treat the sales org as a primary stakeholder. They’ve built relationships, an operating cadence, and responsiveness to move deals forward. Jon’s advice is to treat sales like your most important customer: join forecast calls, offer fast support, and build trust and feedback loops with sales reps.
“TrustCloud has really accelerated our deal process. Now questionnaires take maybe two days, sometimes 24 hours, which has really helped the sales process,” he shared.
Myke Lyons
CISO, Cribl
“I think almost all compliance activities are revenue-generating opportunities for the company and should be measured as such,” Myke explained. “We began connecting every compliance certification or attestation to a contractual commitment (the value of the contract when it closes), so that we can show, on a per compliance standard perspective, how many deals were supported.”
Cribl also connected TrustCloud to their CRM so sales can see when prospects and customers view trust content. That visibility helps the team understand what buyers care about and when security materials are helping move a deal forward.
Results
Cribl’s customer assurance program became both a deal accelerant and a measurable revenue function:
- Now, roughly 80% of closed deals involve CSA (through questionnaires, trust portal access, and legal/security conversations)
- Questionnaire turnaround reduced from 4–6 weeks to about 2 days (sometimes 24 hours)
- Defined SLAs that help prove that CSA doesn’t slow the sales process
- Higher leverage per response via AI-assisted automation and answer reuse
- Building a culture of self-serve trust with TrustCloud, reducing unnecessary back-and-forth
Recognition: CSA impact became visible to revenue leadership
Even more amazing was the recognition that the customer assurance program received for their efforts. As CSA outcomes became measurable and directly supported sales motions, Cribl’s revenue leadership rewarded the impact.
The CSA team was recognized by the CRO, with Jon winning President’s Club selection and a trip to Hawaii as thanks for their contribution to customer trust and deal execution.
Why it works?
Cribl has combined three things most teams struggle to balance:
- People: build the internal “village” (security, GRC, product, legal, HR), and treat sales like a real customer
- Process: SLAs, consistent workflows, and reporting that ties to business outcomes
- Platform: a trust portal, questionnaire automation, and a system of record to keep proof accurate and easy to share
Looking forward
Cribl is continuing to expand self-serve trust and move toward more programmatic, always-ready assurance, with less manual effort for their teams and customers, where trust continues to drive revenue.
Want to hear more?
Jon and Myke joined TrustCloud CEO Sravish Sridhar in the Strategic CISOs webinar series to share their perspective and playbook for how they’ve turned customer assurance and GRC into a revenue accelerator.
