External reviews
External reviews are not included in the AWS star rating for the product.
Easy to use and complete solution
What do you like best about the product?
We could cover and fix each item by both the tool and our customer-success specialist. After completing the checklist, we could quickly begin our audit period without any additional work.
What do you dislike about the product?
Heroku review apps are not integrated well. We had to dismiss warnings or submit information for each temporary app on our account.
What problems is the product solving and how is that benefiting you?
We could complete our requirements for a Soc2 audit. It helped us to identify our missing items and suggested solutions to them. We improved our security structure with the help of Vanta's suggestions.
- Leave a Comment |
- Mark review as helpful
Great security & compliance monitoring providor
What do you like best about the product?
I like how they strive to provide compliance solutions to make the businesses ace every possible opportunity to grow.
What do you dislike about the product?
I have no dislikes since if I need SOC2 compliance. Vanta is there to prepare me to get one, so I do not have much to worry and dislike about
What problems is the product solving and how is that benefiting you?
Vanta has helped my organization to secure and protect user data which made us achieve SOC2 compliance. I can say with confidence that the business has grown and extended to new markets. All thanks to Vanta
This has Potential
What do you like best about the product?
Vanta is unique in that it automates much of the timely process of evidence collation. It's great to be able to just point Vanta at cloud environments and let it do the heavy lifting!
What do you dislike about the product?
Vanta is only really useful as a utility towards ISO 27001 compliance - it lacks fundamental aspects of the standard for it to be the sole tool to achieve an ISO 27001 certification. Really fundamental and mandatory parts of the standard are lacking, such as the statement of applicability.
In addition, the risk management does not take all of the BAU risks of an organisation into account, instead only providing valid output against technical controls or some policy controls.
In addition, the risk management does not take all of the BAU risks of an organisation into account, instead only providing valid output against technical controls or some policy controls.
What problems is the product solving and how is that benefiting you?
Vanta has been a very effective way for the clients I work with to learn and understand ISO 27001 through the in-built templates. I am not sure how useful these templates would be in an audit scenario as they are generic to the point of almost being meaningless, but they do provide an illustrative example of how the standard works.
It just works. Vanta's integrations make SOC2/HIPAA work much smoother
What do you like best about the product?
I like how Vanta integrates with our services and perform an actual scan of the configuration, and suggests smart improvements
What do you dislike about the product?
Vanta agent should be shipped as a Mac app via Mac Store, not an Adhoc package
What problems is the product solving and how is that benefiting you?
SOC2/HIPAA attestation
Vanta gives me an action plan
What do you like best about the product?
We are a small team pursuing ISO 27001 and SOC2 certification. We are security conscious but are by no means compliance experts. The challenge for us was to figure out exactly what we need to do to meet the compliance requirements. Vanta translates compliance requirements into concrete and actionable tasks, and provides instructions for executing those tasks. They speak the language of engineers.
What do you dislike about the product?
There are some aspects of demonstrating compliance that our ISO consultant thinks could be improved. For example, demonstrating that we have a process for access reviews, and that we conduct them.
What problems is the product solving and how is that benefiting you?
The problem that we are solving with Vanta is that engineers can't interpret ISO and SOC two requirements. They need to know exactly what to do to achieve compliance. Vanta does the translation between requirements and actionable tasks.
Recommendations to others considering the product:
Vanata makes the life of engineers easier. However, not all auditors will like or be willing to use the tool. Ensure that your auditors are comfortable with using Vanta, or better yet hire your auditors through Vanta.
Useful for tracking, but gaps and some busy-work
What do you like best about the product?
It is useful to have one source for tracking and monitoring security risks and processes. Some of the integrations are helpful and have eliminated some administrative work.
What do you dislike about the product?
It is sometimes difficult to understand when an SLA will be violated. In some versions of the UI, deep-linking to specific tests or remediation instructions hasn't worked. Vanta also produces a lot of work to redress trivial risks, but failed to detect some important risks.
What problems is the product solving and how is that benefiting you?
We are using Vanta to deliver a secure software product and track our progress towards a security certification. Vanta has eliminated some administrative work, and identified some risks that other tools and processes did not.
Vanta is great for employee onboarding on SOC2 compliance
What do you like best about the product?
Vanta is great at managing computer assets, onboarding new personel and monitoring security vulnerabilities.
What do you dislike about the product?
It is hard to integrate and automate filling out the "owner" and "description" of cloud assets that are dynamically created. There should be a way to automatically assign these assets to a particular owner.
What problems is the product solving and how is that benefiting you?
SOC2 compliance, employee onboarding, policy creation.
You won't even notice it's running
What do you like best about the product?
The setup was straightforward; I just had to install the application and sign in. I didn't even notice it after that.
What do you dislike about the product?
I didn't find anything that I disliked about Vanta.
What problems is the product solving and how is that benefiting you?
Our company got the SOC2 certification.
They have nice structured way to manage IT security compliances
What do you like best about the product?
I would say most likely I enjoy the onboarding process and a nice way to manage documentation and other security stuff on a single platform.
What do you dislike about the product?
For penetration testing, they don't have enough resources, I would strongly recommend some well-reputed security organizations and transparency.
What problems is the product solving and how is that benefiting you?
We are able to manage our IT compliances with the help of Vanta and it's easy to get the information at single platform.
Solid product. Makes getting through SOC2 a lot easier. UI getting better too.
What do you like best about the product?
Everything you need to do is in one place. SOC2 compliance is just a headache and having the guidance and structure of Vanta helps a lot!
What do you dislike about the product?
The UI wasn't great to start, but honestly, it's getting better quickly.
What problems is the product solving and how is that benefiting you?
We are trying to get SOC2 compliant for our business needs. I don't think we'd be nearly as close this fast without Vanta leading the way for us.
showing 1,571 - 1,580