Vanta
VantaExternal reviews
2,132 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Fastest and most reliable way to achieve security!
What do you like best about the product?
The Vanta UI is very user friendly, there is a wide range of integrations and the majority of tasks can be automated. Plus, we use Vanta as our policy management tool.
What do you dislike about the product?
The only downsides of using Vanta is that it is a software as a service offering, which in itself is great (!), but frequent software updates can introduce minor bugs or changes in ways of working (but also new features!).
What problems is the product solving and how is that benefiting you?
Vanta is our company watchdog, always on the lookout for security issues. This is especially useful for onvoarding and offboarding as we have many connected systems and vendors.
Saves Time and Simplifies Compliance
What do you like best about the product?
Vanta dashboard is a very quick and straightforward status of compliance. The product signifincantly demystifies the various security compliance requirements and gives you direction on how to address any gaps.
What do you dislike about the product?
Not much to mention here other than Kaleido.io and Auth0 service integration is not supported.
What problems is the product solving and how is that benefiting you?
Vanta was very helpful in getting a startup team with some junior IT and DevOps resources aligned on what needed to be done and the best way to achieve compliance, allowing us to get SOC2 Type1 compliance with no exceptions noted.
Enables fast SOC2 compliance!
What do you like best about the product?
Vanta quickly helped us get our SOC2 audit report by connecting our services and employees and provided the tasks needed. For the first audit they helped us get all the policies and routines in place! Its also great for keeping track of all compliance and making sure we follow our security controls. Makes security compliance life easier =)
The CSM team has been great at following up on progress and coming with tips and trix.
The CSM team has been great at following up on progress and coming with tips and trix.
What do you dislike about the product?
Nothing much. Had had some issues with the local installation of the Vanta agent on employees' computers, but got fast help from the support team.
What problems is the product solving and how is that benefiting you?
Helped us get our first SOC2 Audit report. Helps us stay compliant with minimal manual input.
Solid Sales and support, with focus on own abilities and strengths
What do you like best about the product?
The support is extremely available, and the setup makes it easy to get started if you are new to compliance. There is constantly new updates being rolled out, making the experience better and more user friendly.
What do you dislike about the product?
Not sure if there are any downsides, for us the main issue is the difference in timezones, since Vanta is US based and we are EU based - but as i understand it, that is about to get better, with the launching of offices in a closer area.
What problems is the product solving and how is that benefiting you?
Vanta help us get in line with compliance, creates an overview of what is important and makes sure to remind us of different deadlines, so that we are constantly following up, and are not tracking things manually.
Vanta mapped our way to HIPAA compliance
What do you like best about the product?
Monitoring of our infrastructure. List of tests that need to be completed to reach compliance.
What do you dislike about the product?
There is no guidance on standards to use for specific policies. Ideally, policies would be filled out as an onboarding exercise.
What problems is the product solving and how is that benefiting you?
Paving the way for us to reach compliance.
Comprehensive, Yet Pricey Compliance Tool
What do you like best about the product?
I have been using Vanta for about two years mainly for SOC II, and I find it extremely valuable because it provides a comprehensive platform that guides me through certifications, policies, controls, and also offers pen testing and monitoring. What I like most about Vanta is its capability to make the daunting task of achieving certifications much more manageable. It simplifies the establishment of new processes, policies, and documentation while integrating seamlessly with existing systems to highlight security aspects. Vanta gives me a full overview at any given time, enhancing our oversight capabilities. The integrations with cloud infrastructure are particularly helpful, as Vanta thoroughly checks large environments for security issues, vulnerabilities in container images, and other aspects, demonstrating its extensive and reliable functionality. Setting up Vanta was also fairly easy, which I appreciate. These features collectively make it an invaluable tool for our team.
What do you dislike about the product?
Pentesting should be included in the main subscription as Vanta is quite pricey, and they quickly charge extra for any expansion. Additionally, not all Vanta functions are easy to understand at first glance, leading to a lot of work. Achieving SOC II and maintaining it is not trivial, and it demands significant resources from the DevOps team.
What problems is the product solving and how is that benefiting you?
I use Vanta to streamline achieving certifications by establishing processes and integrating with systems. It provides a comprehensive security overview, pinpointing vulnerabilities and ensuring compliance with SOC II standards.
Vanta made SOC2 compliance easy, simple and straightforward
What do you like best about the product?
The most helpful aspect of Vanta to our company has been aggregating all compliance requirements in one place. We don't have to question if we are missing certain protocols or standards when it comes time to our audit. I can login in daily and remediate any findings on our in scope systems and feel confident we have a compliant security posture for our clients and auditors.
What do you dislike about the product?
There are a few things I would change about Vanta. The first being how vulnerabilities are handled for servers using AWS inspector. There isn't much of a description or explanation for why a package needs to be remediated. It does link to the vulnerability finding but this doesn't show how to remediate. It would be helpful to see what version it needs to be upgraded to or provide instructions on how to remediate it. It would also be nice to add some type of note system in there. That way if multiple people are working on vulnerabilities they can see each others notes and know if the issue is already being worked on. There is a Jira integration that will let you create tickets for failed test, so this could be a work around for that.
The second would be how some things in Vanta sync. For example, we use Hexnode to monitor our laptops. It can take up to 24 hours for Vanta to recognize a hard drive was encrypted. It would be nice to be able to force a sync somehow so that we can see quicker if people are keeping their laptops compliant.
Finally, the way people are sorted in to groups could be improved. Currently, a user can only be part of one group. It would be nice if they could be part of multiple groups.
The second would be how some things in Vanta sync. For example, we use Hexnode to monitor our laptops. It can take up to 24 hours for Vanta to recognize a hard drive was encrypted. It would be nice to be able to force a sync somehow so that we can see quicker if people are keeping their laptops compliant.
Finally, the way people are sorted in to groups could be improved. Currently, a user can only be part of one group. It would be nice if they could be part of multiple groups.
What problems is the product solving and how is that benefiting you?
The biggest problem that Vanta solves for us is keeping all of our compliance work in one place and eliminating the guessing game when it comes to what we need to stay complaint. By coming in to an audit with almost everything already in compliance speeds up our certification and makes it easier to acquire customer who require SOC2 or other security standards. This allows us to make money quicker and shorten audit periods.
Head of Engineering
What do you like best about the product?
We needed SOC2 certification at our company, and we didn't even know how to approach it. Someone recommended Vanta as an all-in-one solution for all our compliance needs, and we decided to give it a try. Vanta gave us a clear checklist for achieving Soc2 compliance, gave us tools to automate some organizational tasks, and, finally, connected with an auditor who issued us a certificate.
What do you dislike about the product?
Some of the recommendations ended up being extraneous, and the auditor actually never asked about them. Still, it's good that we've fixed all of them and, hopefully, improved our overall security.
What problems is the product solving and how is that benefiting you?
Vanta helped us get SOC2 type I certified and stay continuously compliant for SOC2 type II.
Level up your Compliance and Risk Management Programs!
What do you like best about the product?
Vant has been instrumental in leveling up our compliance and risk management program. We've been using Vanta for several years, and it maintains a step ahead of our maturing goals to create a roadmap for our success.
What do you dislike about the product?
I do wish there was a little better control tie-in to policies. I'd love for the product to recommend policy updates based on the new control frameworks and regulations that I've purchased within the product. The relationship between Policies and Controls could be stronger.
What problems is the product solving and how is that benefiting you?
Vanta puts portions of our Compliance Program into automation. With the various integrations it natively uses, we can bring in data from multiple disparate software products - this takes the load off evidence collection. Our audits are more easily passed and efficient with GRC products like Vanta, and we are grateful for their assistance.
Vanta was the shortest path toward SOC2 compliance
What do you like best about the product?
The ability to integrate with your systems turns compliance into an actionable checklist.
What do you dislike about the product?
I'd like more integrations to alert us of upcoming changes or compliance failures (e.g., webhooks).
What problems is the product solving and how is that benefiting you?
Vanta put us in the best possible conditions for a successful SOC2 Type II audit.
showing 1,751 - 1,760