External reviews
External reviews are not included in the AWS star rating for the product.
Vanta saved us during our certification process
What do you like best about the product?
It is easy to use and constantly evolving
What do you dislike about the product?
Sometimes you rely on the system too much
What problems is the product solving and how is that benefiting you?
Certification for ISO and SOC
- Leave a Comment |
- Mark review as helpful
Fantastic security management accelerator
What do you like best about the product?
Its a great way to kick-start your journey to compliance with security standards like ISO27001 or SOC 2 Type 2. Vanta helps you design policies and stay compliant through automation and demonstrate it through trust center.
I make heavy use of its vendor risk management as well.
Customer support has been great from Krista V.
I make heavy use of its vendor risk management as well.
Customer support has been great from Krista V.
What do you dislike about the product?
The vendor risk management assumes that your vendors are mainly SaaS and so there is some awkwardness with out of the box questions when they are not (e.g. an MSP).
The API isn't fully featured so if you want to do a bespoke integration yourself, you may run into API restrictions and will need to use a "glue" system as only official integrations are pull, your own via API will be a push.
The API isn't fully featured so if you want to do a bespoke integration yourself, you may run into API restrictions and will need to use a "glue" system as only official integrations are pull, your own via API will be a push.
What problems is the product solving and how is that benefiting you?
VRM, compliance
Vanta makes ISO27001 compliance painless
What do you like best about the product?
Vanta brings all the controls, tests, policies, and risks together in a well structured and integrated approach to make compliance to cyber security frameworks much easier. The large suite of third party integrations automates lots of the controls and tests. The vendor risk management component is also excellent. We could not be happier using this service on our ISO 27001 journey.
What do you dislike about the product?
More integrations would be helpful. There are a lot but some smaller services are not yet connectable.
What problems is the product solving and how is that benefiting you?
We have chosen to be ISO 27001 certified. Vanta is enabling this.
Vanta ERM
What do you like best about the product?
Using Vanta ERM tool has been extremely helpful to design and prepare for SOC2 audit for our organisation. They have AI powered tools to design various documents and policies along with automated Risk register and their mitigation controls
What do you dislike about the product?
More advise and interaction from Vanta team for inperson guidance for audit prepartion could be appreciated more
What problems is the product solving and how is that benefiting you?
Using Vanta ERM tool has been extremely helpful to design and prepare for SOC2 audit for our organisation
Best security application for making your workplace safe
What do you like best about the product?
Continuously checks devices for compliance with security frameworks like SOC 2, ISO 27001, HIPAA, and GDPR. Reduces the need for manual security checks.
What do you dislike about the product?
agent taking a long time to acquire information and only detecting encryption by BitLocker
What problems is the product solving and how is that benefiting you?
Provides real-time visibility into device security posture.
Helps companies pass audits faster by collecting evidence automatically.
Helps companies pass audits faster by collecting evidence automatically.
Used for PCI, SOC2 and GDPR - simply amazing
What do you like best about the product?
Large number of integrations with other software
Very helpful and fast support
Easy to use
Very helpful and fast support
Easy to use
What do you dislike about the product?
Nothing particular for now, everything looks good
What problems is the product solving and how is that benefiting you?
preparaing and maintaining compliance for PCI DSS, SOC2, GDPR
Vanta tastes eminently fineness and has flawless features.
What do you like best about the product?
I love best Vanta focus on data security which gives us peace of mind when sharing sensitive information with our clients.The ability to use AI allow us to save time and effort in our processes. Assess and monitor 3rd party system and APIs used in our software development thus ensure all comply with security standards.Provides secure coding practices by integrating with development tools.
What do you dislike about the product?
Vanta delivered beyond our organisation expectations ,yet to have any challenge.
What problems is the product solving and how is that benefiting you?
Vanta has solved the problem of time wasting and cost of obtaining security certification by reducing helping us build trust with our clients .Also helps us to prevent data breeches by ensuring real time security checks.
Services of Vanta are reliable and top quality
What do you like best about the product?
The quality of services and their ease to integrate features make them more useful platform for managing Vendors data and also their cloud compliances and security management gives reliable and hassle free services.
What do you dislike about the product?
Their support and implemention was so quick and fast so I don't have any bad comment to mention here about vanta.
What problems is the product solving and how is that benefiting you?
I like the features of Vanta like Audit management, Security compliances, cloud compliances amd Vendor management. Their multiple features gives freedom to work on Vanta with more effective manaers than other providers.
The best GRC solution I've tried to use
What do you like best about the product?
It is easy to navigate and find information.
AWS resources are shown clearly, and when AWS references an AWS resource in a test, it links directly to it in the AWS console, which is super helpful.
The application has been reliable with few bugs.
While they have lots of integrations, it was also really useful and easy to build a "private integration" for our own application, so we could track MFA settings for own application inside of Vanta.
AWS resources are shown clearly, and when AWS references an AWS resource in a test, it links directly to it in the AWS console, which is super helpful.
The application has been reliable with few bugs.
While they have lots of integrations, it was also really useful and easy to build a "private integration" for our own application, so we could track MFA settings for own application inside of Vanta.
What do you dislike about the product?
It makes some assumptions in the identity provider that prevent us from using it fully. It is not a complete blocker though.
We use Google Workspace, but some team members have multiple inboxes in Google Workspace. If we tell Vanta to populate the list of People in Vanta from Google Workspace, there is no way to deduplicate these Google accounts, and say they are used by the same person.
I either have to mark them as out of scope, which means they are not tested for MFA, or I have to mark Google Workspace as NOT our identity provider, and then manually create users in Vanta.
Similarly, it assumes all monitoring of AWS is done in Cloudwatch. However, we use Datadog for monitoring. There is a Datadog integration, but Vanta currently has no way to mark a Datadog monitor as meeting the monitoring requirements in a failing control test for an AWS resource.
As I said though, these have been more "wish list" items than blockers.
We use Google Workspace, but some team members have multiple inboxes in Google Workspace. If we tell Vanta to populate the list of People in Vanta from Google Workspace, there is no way to deduplicate these Google accounts, and say they are used by the same person.
I either have to mark them as out of scope, which means they are not tested for MFA, or I have to mark Google Workspace as NOT our identity provider, and then manually create users in Vanta.
Similarly, it assumes all monitoring of AWS is done in Cloudwatch. However, we use Datadog for monitoring. There is a Datadog integration, but Vanta currently has no way to mark a Datadog monitor as meeting the monitoring requirements in a failing control test for an AWS resource.
As I said though, these have been more "wish list" items than blockers.
What problems is the product solving and how is that benefiting you?
It automates a lot of tracking of MFA settings on user accounts, which is super useful. Many automatic tests are useful. The control mappings are helpful, especially since we are pursuing both SOC 2 and ISO 27001
Streamlining Security Standards with Vanta
What do you like best about the product?
Vanta’s quick implementation process and capacity to satisfy all necessities with out errors create a hassle-free and effective person enjoy.
What do you dislike about the product?
Deepening integrations to permit greater computerized requirement tests would improve the general experience.
What problems is the product solving and how is that benefiting you?
Vanta simplifies compliance by automating the procedure of meeting safety frameworks like SOC 2 and HIPAA, saving time and sources at some stage in audits.
showing 171 - 180