The Challenge: Blaxel had strong security foundations, but as enterprise opportunities emerged, they needed to formalize their practices quickly without pulling engineers away from building product.
The Solution: Probo provided a dedicated compliance partner who integrated directly with the team, helping them achieve SOC 2 first, then efficiently mapping controls to ISO 27001, GDPR, CCPA, and HIPAA.
The Results:
- SOC 2 report issued as the foundation for broader compliance
- ISO 27001, HIPAA, GDPR, and CCPA aligned efficiently
- Closed their biggest enterprise deal without compliance becoming a blocker
About Blaxel
Blaxel is building the infrastructure AI agents actually need.
Most sandboxes today are disposable. They spin up, expire after a few hours or days, and lose all context. Developers are forced to rebuild state from scratch or build complex orchestration layers just to keep things running.
Blaxel took a different approach.
They built a perpetual sandbox platform—environments that behave more like a laptop for AI agents. Agents keep their context. Execution resumes in milliseconds.
When you’re hosting agents, inference, memory, and customer workloads in the same backbone, security is not a feature. It’s part of the product.
From day one, Blaxel treated it that way.
Strong Security Foundations—But No Time for Compliance Overhead
Blaxel is a small, senior team based in San Francisco. About ten people building deep AI infrastructure.
Security had always been taken seriously. Architecture decisions were thoughtful. Access controls were clean. Infrastructure was designed properly.
But as the company started engaging larger customers, something became clear: being secure isn’t enough.
You need to prove it.
That moment became real when a major opportunity landed on the table. The type of deal you don’t want to miss. But it came with detailed security questionnaires, compliance expectations, and formal requirements around SOC 2 and governance.
The foundations were there. But they needed formalism.
Blaxel didn’t want engineers pulled into writing policies for weeks. They didn’t want to over-invest energy into documentation formatting or compliance theater. They needed to formalize what already existed.
That’s when they decided to get Probo.
A Dedicated Compliance Partner, Not Just a Tool
Blaxel wasn’t looking for software.
They were looking for someone to own the process with them.
Through Probo, they worked with a dedicated compliance officer who integrated directly with the team. Slack conversations replaced long email threads. Technical questions were discussed in real time. When there was uncertainty about the most secure or compliant way to implement something, Probo was there to advise.
Paul Sinai, CEO & Co-founder of Blaxel:
Probo helped us think through technical security decisions when we weren’t sure what the best compliant approach was. They were always available on Slack to guide us on how to stay secure while moving fast.
SOC 2 First. Then Everything Else.
The first milestone was SOC 2.
Once that foundation was in place, the rest became structured instead of chaotic. Rather than treating ISO 27001, GDPR, CCPA, and HIPAA as separate initiatives, the work was mapped intelligently. Controls were reused where possible. Real gaps were identified and closed. Redundant work was avoided.
The result wasn’t compliance for the sake of badges. It was a coherent trust framework that supported Blaxel’s growth.
Signing Enterprise Customers Without Slowing Down
Compliance didn’t become a distraction.
It became leverage.
With Probo managing the structure behind SOC 2 and aligning the broader frameworks, Blaxel was able to move efficiently through enterprise customer compliance requirements and close the deal.
Paul Sinai, CEO & Co-founder of Blaxel:
Probo helped us sign our biggest deal by handling SOC 2 and other compliance frameworks efficiently, so our team could keep focusing on product.
For a company building critical infrastructure for AI agents, trust is part of the offering. Now, with SOC 2, ISO 27001, HIPAA, GDPR, and CCPA in place, Blaxel can approach enterprise and regulated customers with confidence.
And internally, the team kept doing what matters most: building.
