The main use cases are all healthcare related and specifically SOC and HIPAA compliance.
Vanta
VantaExternal reviews
2,125 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Compliance workflows have become organized and automation supports ongoing healthcare audits
What is our primary use case?
What is most valuable?
In my opinion, the best features of Vanta include a lot of functionalities. The document control makes sense to me and works pretty well. All our policy documents are organized so I always know where I can go to get the latest and greatest version of those. I think that's a relatively strong feature. It ties in with automation and some of the controls that we have as part of our policies, and the automation and some of the infrastructure testing is pretty handy. Vanta also does a strong job on things like corporate risk analysis, where they pre-build a tabulated rubric for you to use so I didn't have to create that from scratch. I think that's handy.
In general, some of those things they've done make things handier. There's more talk these days about AI features and I'm sure that's all possible, but we haven't had a chance to experience any of that just yet. We're just trying to get the basic compliance program bootstrapped.
Vanta provides a necessary repository that any compliance expert will look at and recognize right away. Being in the healthcare space and with Vanta, there are nothing but difficult problems. This is not one of them. Having Vanta, we know we're doing the industry-approved procedures. The company seems to be going in the right direction for us. We're just drafting on the capabilities that they have. I would give them at least an eight, maybe even a nine. I don't know enough about the competitive offers or we don't have a big enough problem with this that we feel anybody out there that's better or could do better.
What needs improvement?
There are always tons of rooms for improvement for Vanta. I kind of exaggerated a little bit about the policy control. I don't really love the way they handle the revision management of that feature. If I'm on V1 of the policy document and I make some changes to it, then I get rid of V1 and then I re-upload V2. It's not that it keeps a running history of each of the different revisions. A little bit of an issue with that, but workable. I don't really have any negative complaint right now that would be worthwhile expressing. It's just that there's a lot of features. The UI is not super intuitive, but now that I've worked with it for a couple of years, I know how to navigate and get around. Initially, it was a little bit of a struggle understanding how these things would all work.
For how long have I used the solution?
I have dealt with Vanta for two years.
What do I think about the stability of the solution?
There are connection problems about 50% of the time because of the automated evidence collection.
How are customer service and support?
Support is quite good. On a scale of one to ten, if I were to rate them for support, I would say their human support is quite good. Every time I ask their customer success team, if I get a technical question and I've done this half a dozen times in the last year, they will respond within the next 24 hours. If I leave a message at 7:00 or 8:00 at night, I'll have the message the next morning because their London team will pick up on it and respond. I find their success team and their customer support to be pretty effective. They come back and make good recommendations and I think they do actually care about us, who's a relatively low-end customer for them. That's very positive. From a sales point of view, I didn't find them difficult to work with either. In fact, we negotiated a favorable deal where we extended the contract for two years as opposed to one and they gave us the price we wanted. On both fronts, they've treated us well from a customer support point of view.
How would you rate customer service and support?
Positive
Which other solutions did I evaluate?
Vanta is not used for real-time security posture monitoring. It's pseudo real-time. If an alarm happens overnight or if there's an expiration of an SLA because there's been a vulnerability that hasn't been addressed in 45 days and now it's the 46th day, it will let you know that immediately. We use New Relic for most of the real-time monitoring. We have integrations into our cloud service with New Relic.
What other advice do I have?
I am using Vanta for my consulting gig with the healthcare company in San Francisco, Healthx. We are highly integrated with AWS, so the integration capabilities with AWS or Google Cloud for our operations are not really a question. It's the heart and soul of what we're building. It's not that we have half the service with AWS and half the service with Google Cloud. We are AWS. There isn't that much integration. There is integration between Vanta and AWS, but I don't think it's as integral as our software integration with AWS. Our system basically works on their resources and it's tightly integrated.
At Healthx, I do several different things, but generally I'm a consultant working on the compliance program. My background is more as a VP of engineering, but I do this because I know the guys and I know the founding team. My overall rating for Vanta is eight out of ten in terms of customer satisfaction and customer support.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Clean Layout and Excellent Support
What do you like best about the product?
It as a clean and easy to follow design. Software is fast and stable which does not crash. It reduces manual work by automating the majority of the evidence collection and compliance checking required for audits. Continually monitors our systems and provides a real-time view of compliance, enabling issues to be identified early. Provides pre-built policy templates and 'out-of-the-box' documentation and workflow frameworks to help achieve compliance quickly and easily. Integrates with a wide variety of cloud platforms, identity management tools, HR tools and device management systems. This makes it easier to incorporate Vanta into our existing setup and automatically ingest data for compliance checks. As a great customer service support team and the AI tool is useful.
What do you dislike about the product?
The platform could have more color to its software so tabs/filters are easily viewable. There are some limitations around customising reports or exporting custom formats.
What problems is the product solving and how is that benefiting you?
We use it for our ISO compliance and audits. Manage, measure risks associated with software integration. Assists with ISO compliance and audits.
Reliable Compliance, Outstanding Support
What do you like best about the product?
I really appreciate Vanta's exceptional support team, who not only resolved my account issue swiftly but also did so with a fantastic attitude, making the whole experience pleasant. Additionally, I find the Vanta website incredibly easy to use, which enhances my overall productivity and streamlines my work processes. The initial setup of Vanta for our team was surprisingly straightforward and hassle-free, which was a significant relief. Moreover, Vanta seamlessly integrates with all my enterprise tools, allowing for smooth operations and cohesive workflow management.
What do you dislike about the product?
Explain better what the product is
What problems is the product solving and how is that benefiting you?
I use Vanta to maintain compliance while accessing my account tools, integrating with all enterprise tools easily, with an excellent support team resolving issues quickly.
Streamlines SOC 2 Compliance with Ease
What do you like best about the product?
I appreciate how Vanta automates the entire process of establishing proper documentation and security processes to ensure our company and technology are fully compliant. This automation significantly reduces the manual workload associated with becoming SOC 2 Type I and Type II compliant, making it much easier to manage security-related controls. I find it incredibly convenient that everything is in one place, especially concerning vendors, which streamlines the compliance process further. Additionally, the initial setup is fairly straightforward, which eased the transition to using Vanta. Overall, these features not only improve our operational efficiency but also enhance our confidence in managing compliance effectively.
What do you dislike about the product?
I think there needs to be better transparency regarding the auditor's expectations and for auditors to fulfill their requests within the projected timeline.
What problems is the product solving and how is that benefiting you?
I use Vanta to automate the process of collecting mandatory security controls for SOC 2 compliance, which streamlines documentation and security processes, ensuring our company remains compliant. It provides the convenience of centralizing necessary processes and vendors in one place.
Streamlined Compliance but Needs Better Access Controls
What do you like best about the product?
I appreciate the Vanta Trust Center, as it streamlines repetitive tasks by efficiently handling common customer inquiries, which frees up my team to tackle more complex issues or customer inquiries. This feature stands out because of the way it allows us to optimize our workflow and concentrate on tasks that require more attention. I also value the Compliance features, which, although I haven't explored them fully yet, seem promising with their automation capabilities. What I particularly like is the ability to access pre-loaded frameworks that help us quickly get started with our compliance processes. This aspect makes compliance management much simpler and more efficient.
What do you dislike about the product?
Role-based access doesn't function effectively, as it seems to operate on an all-or-nothing basis, which doesn't suit our needs. Additionally, while the Questionnaires feature is beneficial, organizing the knowledge base is cumbersome and time-consuming. The current tagging system is not efficient, and it would greatly improve usability if there was an option to create organized knowledge stacks, similar to the Risk module's structure.
What problems is the product solving and how is that benefiting you?
Vanta aids in handling customer inquiries, automates compliance processes, and builds a knowledge base, supporting audits. It frees up my team to focus on complex tasks by offloading repetitive questions, and the pre-loaded frameworks streamline compliance setup.
Effortless ISO 27001 Compliance with Vanta
What do you like best about the product?
I really appreciate Vanta's ease of use, which makes the task of managing documents and checklists for ISO 27001 compliance straightforward and efficient. The organized structure of the software allows me to maintain a well-ordered system for keeping track of tests and the evidence needed, which is crucial for compliance management. The organization and testing features are instrumental, as they streamline the processes necessary for compliance, ensuring nothing is overlooked and everything is documented accurately. This functionality provides immense value as it helps maintain an efficient workflow, reducing the hassle and potential stress of managing compliance requirements. Overall, Vanta succeeds in making complex tasks more manageable through its user-friendly interface and robust organizational capabilities.
What do you dislike about the product?
nothing
What problems is the product solving and how is that benefiting you?
I use Vanta for ISO 27001 compliance, managing documents, and checklists. It keeps track of tests and evidence efficiently, with ease of use and organization being major benefits.
Lightning-Fast Integrations and Seamless Automations
What do you like best about the product?
its fast integrations and automations are making it easy to work with
What do you dislike about the product?
doesnt recognize demos or tests that later gets alerted on
What problems is the product solving and how is that benefiting you?
it helps us work with our auditor to complete compliance and get security certifications
Streamlined SOC 2 compliance with excellent support.
What do you like best about the product?
I like that Vanta makes our SOC 2 compliance process simple and organized. The platform centralizes evidence collection, automates monitoring, and integrates smoothly with our systems. The support team is great, they respond quickly, understand the issue right away, and guide us directly to the correct solution. Vanta has also been extremely helpful with completing security questionnaires, which saves us a lot of time.
What do you dislike about the product?
The only area that can be challenging is the integration with Microsoft MDM/Intune. Sometimes the security test controls don't sync perfectly, and Vanta may flag workstations as failing items like encryption or password manager even though they are compliant in Intune. In some cases, a single missing data point can cause multiple tests to show as incomplete for the same device. It’s manageable, but it does create extra verification work.
What problems is the product solving and how is that benefiting you?
Vanta helps us stay continuously compliant with SOC 2 by reducing manual tasks, automating evidence collection, and keeping our controls monitored in real time. It also improves our efficiency when completing security questionnaires for clients. Overall, it saves time, reduces overhead, and ensures our compliance posture is always audit-ready.
Rapid SOC 2 Compliance with Seamless AWS Integration
What do you like best about the product?
I like how Vanta significantly streamlined our SOC 2 compliance process for our Cloud SaaS. The integration with AWS services was seamless and incredibly beneficial, enabling us to achieve certification in record time. Working with a consulting partner from Vanta's network who managed an accelerator program made the entire journey efficient and productive. I appreciate that Vanta offers super easy setup and integration, providing actionable suggestions every step of the way. This efficiency is enhanced further by the deep integration with AWS, Cloudflare, and GitHub, which works great together within our ecosystem. As someone who operates within AWS, I found the initial setup very quick and easy. Overall, Vanta's performance exceeded my expectations, which is why I'm very likely to recommend it to others, rating it a 9 out of 10.
What do you dislike about the product?
I find some templates and minor issues with Google Docs import to be less than ideal. The Google Docs policies are marked as updated drafts every time someone opens the document, which is not optimal. Additionally, some template builders in Vanta produce a .docx file that doesn't import natively into Google Docs, and fixing the formatting can be a hassle. There was also a minor niggle with AWS Identity Center integration where user account status wasn't pulling through, but Vanta support was very responsive and we were promised this will be reviewed for the product team's roadmap.
What problems is the product solving and how is that benefiting you?
I find Vanta accelerates SOC 2 compliance, simplifying setup and integration. It provides actionable suggestions, supports deep AWS integration, and facilitates auditor connections, streamlining certification with expert guidance.
Trust-Building Simplified with Vanta's AI
What do you like best about the product?
I love the simplicity of Vanta's user experience. It's intuitive and eliminates the confusion often found in other tools. The straightforward nature allows me and even those without much awareness of frameworks to easily understand and articulate what needs to be done, especially when addressing cybersecurity requirements. Vanta's AI engine is particularly powerful in querying policies, making complex tasks much simpler and more efficient. The setup process was super easy and straightforward, even for those without extensive knowledge, which is great for onboarding. This ease of use combined with the robust AI capabilities truly makes Vanta a valuable asset for my company.
What do you dislike about the product?
I am just starting to explore the third-party risk area with Vanta and am unsure about how it integrates with our insurance partner. I feel there is a need for improvement in collaborating with our insurance company, particularly to address the company's risk management, ensuring we are neither underinsured nor overinsured, but appropriately insured.
What problems is the product solving and how is that benefiting you?
I use Vanta to prove trust and compliance to our customers, enhancing awareness and speeding up time to market. Its simplicity and powerful AI engine make managing policies straightforward, eliminating confusion from having data in multiple places.
showing 1 - 10