My use case involves SOC 2 and ISO 27001 compliance.
Vanta
VantaExternal reviews
2,127 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Outstanding Support | Seamless Automation/Transition | Excellent Automated Trust Center
What do you like best about the product?
Excellent customer service. Automation. Human and AI assistance with transition from other platforms.
What do you dislike about the product?
There's a bit of chaos at first with the setup and number of features, but ultimately this works out for the best.
What problems is the product solving and how is that benefiting you?
The greatest benefit is just having all security and compliance monitoring "in one place". Furthermore, I particularly like Vanta's Trust Center and the ease of Trust Center updating and configuration,
Streamlined SOC2 Compliance with Stellar Support
What do you like best about the product?
I appreciate how Vanta streamlines the process and reduces the overall work effort, making it easy to use. I also really like the support provided by Vanta. The initial setup was great too, as a Vanta resource did most of the migration, which made the transition smoother.
What do you dislike about the product?
I need a better overview of the audit process and there's confusion between evidence in Vanta and what's on the Audit page. I'm also not clear on where to put comments.
What problems is the product solving and how is that benefiting you?
Vanta streamlines the SOC2 process, making it easy to use and reducing the overall work effort.
User-Friendly and Customizable, But Notifications Fatigue is Real
What do you like best about the product?
Customization and user friendly platform that allows for easy day-to-day use.
What do you dislike about the product?
Integrations are not always work optimally. Notifications can be superfluous and unclear on what actions need to be taken to resolve.
What problems is the product solving and how is that benefiting you?
We use Vanta primarily for SOC2 review.
Automated compliance has saved audit time and simplifies access reviews for security controls
What is our primary use case?
How has it helped my organization?
Vanta's integrations and automated tests have streamlined our SOC 2 compliance and provided a single entry point for addressing risks and failed tests.
What is most valuable?
The automated testing of controls and access reviews are valuable features. These two functions have saved countless hours of manual checks.
What needs improvement?
Failed tests for device CVEs seem to be cumulative, meaning I have to clear all CVEs before the test will pass, which makes it difficult to resolve the test before the next round of CVEs are published.
For how long have I used the solution?
I have used the solution for one year.
Which solution did I use previously and why did I switch?
We were evaluating Logic Gate but did not have access to automation. Vanta allowed a trial, which proved its worth.
What's my experience with pricing, setup cost, and licensing?
If you have access to at least one SecOps professional, Vanta's pricing for small businesses allows you to double that person's SOC/ISO compliance capabilities for less than the cost of another staff member.
Which other solutions did I evaluate?
I evaluated Drata as an alternate solution.
What other advice do I have?
If you're using moderately popular third-party products, Vanta's access review module is well worth the cost.
Automation Powerhouse That Simplifies Compliance
What do you like best about the product?
Vanta’s biggest strength is its automation. It continuously collects evidence, provides real-time visibility into compliance posture, and presents everything in a clear, auditor-ready format—significantly reducing manual effort and audit friction.
What do you dislike about the product?
What I dislike about Vanta is that its flexibility can be limited. Custom controls and edge cases often require workarounds, and some workflows still need manual intervention. It’s excellent for standard frameworks, but less adaptable for highly bespoke compliance requirements.
What problems is the product solving and how is that benefiting you?
Vanta solves the problem of manual, time-consuming compliance by automating evidence collection and continuously monitoring controls. This reduces audit prep effort, improves visibility into compliance status, and allows teams to stay audit-ready without diverting significant time from core business work.
Seamless SOC2 Compliance with Exceptional Integration
What do you like best about the product?
I like Vanta's wide range of product integrations, which effectively supports our third-party tools like AWS, GitLab, Intruder, and Zoho Vault, ensuring we always have the integrations we need. I appreciate Vanta's proactive support, which helps address issues swiftly, even when integrating complex platforms. The initial setup was super easy due to detailed and clear documentation, guides, and the assistance of Vanta AI.
What do you dislike about the product?
I was having problems while integrating GitLab. The support team did help me with that, but it was not showing the error in integration for merge request templates as the community version of GitLab, which we were running, doesn't support it.
What problems is the product solving and how is that benefiting you?
Vanta centralizes categorization and integrates multiple data sources for SOC2 compliance, helping me manage tasks, assign responsibilities, and track progress easily.
Effortless Tech Organization with Intuitive To-Do Lists
What do you like best about the product?
Vanta organizes all your tech accounts into ease to-do lists.
What do you dislike about the product?
Vanta feels expensive and new features feel like they are all add-ons instead of general product improvements.
What problems is the product solving and how is that benefiting you?
Vanta organizes all your tech accounts into ease to-do lists. We know which vendors are staying on top of security and have dialed in our license and asset management as a result.
Lightning-Fast Compliance Made Effortless for Startups and SMBs
What do you like best about the product?
Vanta’s biggest strength is how quickly it gets companies from zero to audit-ready by automating evidence collection and mapping controls in a way that’s simple, intuitive, and auditor-friendly. Its broad integration ecosystem (cloud, identity, devices, source control) removes a huge amount of manual work, while the clean UX and clear remediation guidance make it easy for non-security teams to follow without constant hand-holding. It’s not a deep GRC or risk platform, but as a compliance execution engine, it excels at speed, clarity, and reducing audit friction — which is exactly why it’s so effective for startups and SMBs.
What do you dislike about the product?
Vanta is a strong compliance automation platform, but its main limitation is that it’s optimized for speed and standardization rather than highly complex or bespoke security programs. For organizations with unique architectures, custom frameworks, or advanced risk management needs, some controls and workflows can feel a bit rigid and require manual workarounds. That said, this trade-off is intentional and aligns well with Vanta’s goal of making compliance accessible and efficient for most growing teams, especially those pursuing common frameworks like SOC 2 or ISO 27001.
What problems is the product solving and how is that benefiting you?
Vanta solves the problem of manual, time-consuming compliance work by automating evidence collection, continuously monitoring controls, and centralizing everything needed for audits in one place. This significantly reduces the operational overhead of preparing for frameworks like SOC 2 and ISO 27001, minimizes last-minute audit scrambles, and provides clear visibility into compliance posture at any point in time. As a result, it saves time, reduces stress for internal teams, improves audit readiness, and allows us to focus more on higher-value security and risk work rather than chasing screenshots and documentation.
Effortless Tracking and Integrations Across Certifications
What do you like best about the product?
Ability efficiently track tests/controls/policies across different certifications with whole bunch of integrations.
What do you dislike about the product?
When an error occurs with one or more entities during synchronization with an integration, there is no way to manually refresh the process using a button—the error remains and the sync stays stuck. I need to wait for the next sync.
What problems is the product solving and how is that benefiting you?
Thanks to this, we are able to pass certifications; otherwise, we would have struggled to keep everything tracked and up to date.
Effortless Security with Outstanding Support
What do you like best about the product?
I like the ease of implementation and their support in Vanta. They provide a course-like interface that teaches how important security is and includes the installation link within the course itself, making it easy. The initial setup was very easy.
What do you dislike about the product?
Maybe mentioning what are the things the installation package would do. At least the most important parts of it.
What problems is the product solving and how is that benefiting you?
I use Vanta for security purposes, to check how secure the systems are. The course-like interface and installation link make it easy to understand and implement, enhancing my security awareness.
showing 1 - 10