My main use case for Veza is to use it for authentication and to determine who can access what and what can be accessed by the system or organization users. We set permissions for cloud platforms across the organization to our database and other tools using Veza, managing who can access the data, what they can access such as user roles and resource permissions.
External reviews
1 review
from
External reviews are not included in the AWS star rating for the product.
Centralized access control has strengthened least privilege and streamlined audit compliance
What is our primary use case?
What is most valuable?
The best features Veza offers in my experience are access visibility to see who can access what and which parts, relationship mapping of a user to roles, policies and resources, and risk detection such as over-permission and unused permission privileges. I can perform audit compliance using those features and the platform supports multiple platforms.
Out of those features, I find risk detection to be the most valuable in my day-to-day work because I can check who has over-permission or unused permissions and understand relationship mapping and access visibility.
Veza has positively impacted my organization by improving access for our users, allowing us to check the user and perform auditing for our system or organization. We are now able to implement least privilege practices, which has made our organization and system more secure.
What needs improvement?
Veza can be improved as it is currently not suitable for small projects due to its high cost, complex setup, and requirement for more integration with multiple systems. Additionally, there are no enforcement tools available, only visibility and insights, which I would like to see improved.
For how long have I used the solution?
I have been using Veza for six to seven months.
What do I think about the stability of the solution?
In my experience, Veza is stable.
What do I think about the scalability of the solution?
Veza's scalability is good.
How are customer service and support?
The customer support is good.
Which solution did I use previously and why did I switch?
We have not previously used a different solution.
What was our ROI?
I have seen a return on investment as fewer employees are needed because we are now able to manage access using Veza, which has made our work easier.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is that the pricing is much higher and the setup is very complex.
Which other solutions did I evaluate?
Before choosing Veza, we decided to evaluate other options but selected Veza because of the ratings and reviews.
What other advice do I have?
My advice to others looking into using Veza is that if they want to manage their system organization's access and policies, perform mapping from user to policy and resource, detect the risk for users' over-permissions and unused permissions, and audit multiple supported platforms, they should consider using it. I would rate this product an 8 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Streamlined compliance process with custom control framework and AI-driven security questionnaire management
What is our primary use case?
We are currently in the implementation stages of Vanta. It's been challenging to build out as it is not as intuitive as OneTrust, especially in terms of scoping and needs.
How has it helped my organization?
Vanta has made the security questionnaire process much easier, thanks to AI. It automatically extracts answers and populates them within the SIG.
The custom control framework allows me to incorporate our HITRUST controls and additional ISO twenty-seven thousand and one and financial controls.
Moreover, it includes a knowledge bank for questionnaires and RFPs, making information updates more streamlined.
What is most valuable?
The most valuable features of Vanta are the custom framework option and the support services. It's the only current GRC vendor with licensing rights for HITRUST 11.3 framework, and I've avoided expensive HITRUST licensing costs through a custom control framework.
What needs improvement?
The support experience could be better. We often need to escalate our issues to the account executive to receive a response, especially when support is needed for integrations.
For how long have I used the solution?
We started using Vanta about three months ago.
What do I think about the stability of the solution?
So far, I would rate the stability of the product as ten out of ten, with no issues in that regard.
What do I think about the scalability of the solution?
In terms of scalability, I would rate it better than OneTrust, giving it an eight out of ten. It accommodates small, lean teams or larger public organizations, providing a holistic view of compliance without being limited by capacity.
How are customer service and support?
Although I've read that others have had issues with Vanta's support, our experience involves having to escalate matters to our account executive to get a response.
The support team itself has been less responsive, which can be problematic when integrating and building out the platform.
What's my experience with pricing, setup cost, and licensing?
The overall price point of Vanta is commendable, especially considering the custom control framework that allows me to evade the high costs associated with HITRUST licensing.
What other advice do I have?
The test feature of Vanta is great, making it a recommendable product to others.
I'd rate the solution eight out of ten.
showing 1 - 2