How CrypDefi achieved ISO 27001 compliance in 6 weeks with Vanta and Cognisys

The company

Accelerating trust in crypto custody

CrypDefi, headquartered in Belgium, is a fast-growing startup building an institutional custody solution designed specifically for secure high-frequency (DeFi) trading. Founded in 2024 by engineers-turned-entrepreneurs Matteo Janssen and Jochem Hoes, CrypDefi is solving a critical problem for crypto trading firms: how to quickly and securely support new blockchains, assets, and DeFi protocols. 

In a dynamic industry where new innovations and technologies constantly emerge, the infrastructure to support them can’t afford to lag behind. That challenge led to CrypDefi’s solution—customizable, enterprise-grade crypto vaults built to move as fast as the market itself.

While building their MVP, Matteo and Jochem engaged with one of the world’s largest crypto trading firms. Early in the conversation, the firm asked about CrypDefi’s security posture—a moment that made it clear ISO 27001 certification would be essential to establishing credibility and closing the company’s first deal. 

‍

“We move fast to support new innovations, but in crypto, everything starts with security. As a B2B startup asking institutions to store large amounts of assets with us, we knew we needed certifications like ISO 27001 from day one—and that’s what led us to Vanta and Cognisys. 

- Matteo Janssen, co-founder, CrypDefi

‍

The challenge

Unblocking sales velocity 

With a strong security posture as a non-negotiable part of their go-to-market strategy, Matteo knew early on that compliance certifications were required to approach customers credibly. But as a two-person startup with no prior compliance experience, the path forward was daunting. 

Speed to certification was critical. CrypDefi had already begun conversations with prospects who made ISO 27001 a prerequisite—meaning every week spent getting compliant delayed revenue and growth. “I immediately understood we’d need a tool to guide us, or it could take years,” Matteo said. “As a founder, you have a million things to focus on. Compliance is probably last on your list—until you need it. And even then, you want to spend as little time on it as possible.” 

Matteo turned to his startup network for advice. “I talked to a lot of other founders and companies from our venture capital network, and nearly all of them chose Vanta. Their experiences were consistently great.” As Matteo continued his research, it became clear not only that “Vanta is the biggest name out there,” but also that the platform needed to deliver on his primary goal: getting to ISO 27001 certification as quickly as possible.

The decision became obvious when he discovered Vanta Service Partner Cognisys and their Digital Trust Accelerator (DTA) program, which was built directly on Vanta’s platform and promised fast-track ISO 27001 certification in just six weeks. 

“At first, I didn’t believe it was possible. Vanta’s competitors told us ISO would take at least three months—and that even two and a half months would be a miracle. They said it wasn’t possible,” Matteo recalled. “But Vanta and Cognisys said six weeks. So we trusted them. And we never looked back.”

‍

The solution

A six-week sprint with Vanta and Cognisys 

CrypDefi joined Cognisys’ DTA program and began a structured sprint to certification. The program combined Vanta’s automated platform—which tracked progress, surfaced action items, and collected evidence—with weekly cohort sessions and 1:1 consulting from Cognisys.

Cognisys, a Vanta Service Partner focused on strengthening cybersecurity for high-growth companies, created DTA to help startups quickly navigate the compliance landscape. “Without Vanta, our Digital Trust Accelerator wouldn’t be possible—certainly not in six weeks,” says Steve Byrom, Chief Revenue Officer at Cognisys. “What used to be an aggressive three-month timeline, we’ve now compressed dramatically. Vanta’s automation makes it easy to move fast without compromising credibility. For startups like CrypDefi, that’s a game-changer.”

Combining Vanta and Cognisys proved to be a winning formula for Matteo, specifically the hands-on partnership approach Cognisys provided in the DTA program. “In week one, they walked us through ISO 27001 basics: policies, risk registers, vendors, and integrations. Then we just started checking things off,” said Matteo. “Vanta made it feel like a game: try to get to 100% as fast as possible. And then Cognisys was there for every question and every detail.”

For CrypDefi, the value of pairing Vanta with Cognisys was immediately clear. Vanta helped the team focus only on what was essential for their ISO 27001 certification, while also laying a strong security foundation through deep integrations, continuous control monitoring, and cross-mapping against future requirements. At the same time, Cognisys accelerated the process and ensured the team prioritized the areas most critical to their success.

With this combination, CrypDefi achieved certification in just six weeks—far faster than the six to nine months many in the industry consider standard.

‍

“The Vanta tool is so good, and the Cognisys team is so good, that together it didn’t feel like we were just doing the minimum. It was accelerated learning through a tool that was perfectly built for exactly what we needed. 

- Matteo Janssen, co-founder, CrypDefi

‍

The impact

Compliance as a launchpad for growth

With ISO 27001 in hand, CrypDefi closed its first contract and launched pilots with two more major institutions. For customers, certification signaled maturity. For CrypDefi, it unlocked the company’s go-to-market motion, “The certificate was a prerequisite for our first deal,” Matteo shared. “Now when we talk to new prospects, it’s one less thing to worry about. We’re showing them we’ve earned their trust—and making diligence easier by working with a reputable platform and partner.”

The team now plans to pursue additional certifications as they scale, and they’re eager to continue using compliance as a growth accelerator.

For CrypDefi, trust isn’t a checkbox—it’s a business enabler. With Vanta and Cognisys, they’ve proven that even early-stage startups can build a best-in-class security program—faster than the market thought possible.

‍

“I’ve advised anyone I know who wants to get ISO 27001 certified to work with Vanta and Cognisys. There’s no reason to go to another tool. You have everything you need with Vanta. Go with the best, fastest tool and partner.”

- Matteo Janssen, co-founder, CrypDefi

‍