HaaS on SaaS

Jonathan Haas

I'm a product manager at Vanta with a passion for security and privacy. I write about SaaS, startups, and security.

X

LinkedIn

GitHub

Privacy

Cookies

About

As a product manager at Vanta, I’m on a mission to revolutionize how businesses handle security compliance. By automating security assessments, we’re turning what was once a months-long ordeal into a streamlined process that takes days.

My Story

My journey into security and compliance started in the trenches. After serving as a security engineer at Snapchat, DoorDash, and Carta, I noticed a persistent problem: companies were struggling with security assessments, burning countless hours on manual processes. This insight led me to found ThreatKey, a SaaS security company focused on automated misconfiguration detection. We built a platform that could automatically detect and alert on misconfigurations in both cloud infrastructure and SaaS applications.

Running ThreatKey taught me invaluable lessons about building security products that truly serve customer needs. When the opportunity arose to join forces with Vanta, I saw the potential to solve these challenges at a much larger scale. Now, I’m leading product initiatives that help thousands of businesses strengthen their cloud security posture without sacrificing agility.

Speaking & Writing

I frequently share insights about security, compliance, and product management through various channels

Community Involvement

  • Advisory board member for several early-stage security startups
  • Regular speaker at Bay Area security meetups and product management workshops

My Product Philosophy

Three principles guide my approach to product management:

  1. Start with customer pain points, not solutions. I spend at least 20% of my time in customer conversations, ensuring we’re solving real problems.

  2. Make data-driven decisions while respecting qualitative insights. Every major product decision at ThreatKey was backed by both usage metrics and detailed customer feedback.

  3. Build diverse, empowered teams. The best products come from environments where different perspectives are not just welcomed, but actively sought out.

Impact & Results

At Vanta, my team has:

  • Reduced average security assessment completion time from months to weeks

  • Helped thousands of companies achieve SOC 2 compliance

  • Maintained an incredibly high customer renewal rate through continuous product improvements

    More directly, I’ve:

  • Led development of enterprise security integrations, partnering with industry leaders like Wiz and Orca Security

  • Shipped automated cloud security monitoring capabilities, reducing manual review time

  • Developed API-first architecture enabling seamless integration with customers’ existing security tools

Let’s Connect

I’m always eager to exchange ideas with fellow product leaders and security enthusiasts. Whether you’re curious about automated compliance, building security products, or transitioning from engineering to product management, I’d love to share experiences.

Reach out on LinkedIn or Twitter, where I regularly share insights about product management in the security space.