Sign up to save your podcasts
Or
Share The Illusion of Trust: Fake Compliance and the LiteLLM Hack
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Illusion of Trust: Fake Compliance and the LiteLLM Hack
This episode dives into the massive compliance fraud orchestrated by Delve, a Y Combinator-backed startup that generated hundreds of identical, fabricated SOC 2 reports using rubber-stamping certification mills. We explore how this "compliance theater" collided with a real-world supply chain attack when LiteLLM, a company boasting Delve-generated certifications, was breached through a compromised vulnerability scanner called Trivy. Ultimately, we unpack the devastating consequences of prioritizing automated compliance badges over actual security controls, and what this structural failure means for enterprise vendor risk management in 2026.
Sponsors
www.compliancehub.wiki
www.cisomarketplace.com
www.breached.company
View all episodes
By CISO MarketplaceThis episode dives into the massive compliance fraud orchestrated by Delve, a Y Combinator-backed startup that generated hundreds of identical, fabricated SOC 2 reports using rubber-stamping certification mills. We explore how this "compliance theater" collided with a real-world supply chain attack when LiteLLM, a company boasting Delve-generated certifications, was breached through a compromised vulnerability scanner called Trivy. Ultimately, we unpack the devastating consequences of prioritizing automated compliance badges over actual security controls, and what this structural failure means for enterprise vendor risk management in 2026.
Sponsors
www.compliancehub.wiki
www.cisomarketplace.com
www.breached.company