Vanta helps us to achieve ISO 27001 compliance.
Vanta
VantaExternal reviews
1,959 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Helpful structure for divide & conquer on SOC2 & HIPAA
What do you like best about the product?
Native task management with pre-programmed reminders establish clear accountability and high level visibility into progress against a given framework. This is extremely value add for most frameworks where the volume of requirements & turnover on internal teams can make maintenance just as hard, if not harder, than initial implementation.
What do you dislike about the product?
I don't think that it's as strong as a HIPAA-only solution, where frankly the complexity may not be worth the squeeze. But for organizations that are implementing other frameworks, or HIPAA alongside other frameworks, the way that the tool can streamline progressing against multiple frameworks simultaneously through shared controls is extremely intuitive and time-saving.
What problems is the product solving and how is that benefiting you?
Vanta provides a single source of truth ensuring our framework requirements are met comprehensively and with clear individual-level ownership.
Compliance Made Easy
What do you like best about the product?
My cofounders and I had no background whatsoever when navigating the compliance space, it was a daunting task that none of us wanted to go near. However Vanta made securing the certification we needed a breeze, with a couple of installs it told us exactly what we needed and how to get them. They provided great user experience with speedy customer support for any of our questions. We are still using Vanta to this day to ensure that our systems are compliant.
What do you dislike about the product?
There nothing that particularly stands out as a glaring negative about Vanta from my use cases.
What problems is the product solving and how is that benefiting you?
We needed to be compliant to sell our services to business customers, and Vanta made that dead easy to do.
Vanta works
What do you like best about the product?
Vanta Integrates with most SAAS systems to pull in the information needed to get certified. It offers templates to get you started on your policies as well as easy to follow starter guide that shows your progress through the ISO certification. They even offer an add on trust service for creating a website that shows your progress in the certification process and it can be shared with potential clients. It also provides the necessary security trainging for your personnel.
What do you dislike about the product?
Only thing I didn't like was that the platform will start sending out reminders to end users as soon as you start the process. I had to located the settings to turn this off. I beleive the default setting for notifications should be set to off. Then have a point in the process that tells you to turn the notifications on.
What problems is the product solving and how is that benefiting you?
We are in the process of becoming ISO27001 certified. Vanta makes it easy to see where we are in the process, what we have to accomplish next and all in a centralized location. This makes the already daunting task of becoming certified so much easier and convenient.
Seamless audit and effective management of vulnerabilities
What do you like best about the product?
Ease of Use: offers a user-friendly interface, making it easy to navigate and utilize its features without extensive training.
Ease of Implementation: easy to integrate into existing systems, minimizing disruptions and streamlining the implementation process.
Customer Support: excellent customer support, issues are promptly addressed, smooth user experience.
Ease of Implementation: easy to integrate into existing systems, minimizing disruptions and streamlining the implementation process.
Customer Support: excellent customer support, issues are promptly addressed, smooth user experience.
What do you dislike about the product?
Automation of failing test cases can be improved by identifying the exact line where the issue lies.
eg: JSON files pointing out misconfigurations
eg: JSON files pointing out misconfigurations
What problems is the product solving and how is that benefiting you?
streamline compliance process efficiently by reducing manual efforts, allowing us to concentrate on our core business objectives
Easy to use for security and compliance tracking
What do you like best about the product?
Vanta's customer success team has been instrumental in guiding Byteboard through building security and compliance program. Monitoring for compliance progress on SOC2 is easy to view in addition to integrations with project management platforms such as Asana.
What do you dislike about the product?
It'd be valuable to have a built in timeline for path to compliance as tasks and activities tend to live in different places (not centralized outside of tabs in platform).
What problems is the product solving and how is that benefiting you?
Security monitoring
Great platform, really excited to see how it will perform come audit season
What do you like best about the product?
The interace is really easy to use, the Asana integrations help to push tasks to where our developers and other SMEs work, The dashboards make it really easy to see where things need to be addressed quickly and easily.
What do you dislike about the product?
Transitioning from an existing ISMS program and our own set of controls to Vanta was more tricky than using it straight out of the box. It required more analysis to compare policies and documents we had versus what Vanta's best practice documents were. Not a criticism of the platform, but it has made the onboarding a more time intensive experience than it otherwise would have been.
What problems is the product solving and how is that benefiting you?
Vanta is helping us transition to ISO27001:2022 and uplift our ISMS generally
Compliance Tracker
What do you like best about the product?
Helpful tool for our organization to track our compliance audits
What do you dislike about the product?
User interface can be improved. It's not totally intuitive.
What problems is the product solving and how is that benefiting you?
We use it to track our compliance audit requirements.
Hugely Helpful Cybersecurity platform.
What do you like best about the product?
The number of things the software does. Ease of use.
What do you dislike about the product?
There is no way to invest in the company before a public offering.
What problems is the product solving and how is that benefiting you?
Helped us get our cyber security audit.
Helps to achieve ISO 27001 compliance with automated checks
What is our primary use case?
How has it helped my organization?
The product has provided automated security controls for our cloud provider. It helps to automate security checks. Vanta offers a list of things that can be done to achieve ISO 27001 compliance.
What is most valuable?
The tool's most valuable feature is automated tests.
What needs improvement?
Some of the tool's automated tests do not work the way it should.
For how long have I used the solution?
I have been using the product since February.
What do I think about the stability of the solution?
I rate the solution's stability a ten out of ten.
What do I think about the scalability of the solution?
I rate the tool's scalability a ten out of ten.
What's my experience with pricing, setup cost, and licensing?
Vanta is expensive.
What other advice do I have?
I rate the product a ten out of ten.
Vanta is Awesome!
What do you like best about the product?
Vanta has so many great features but here are my top three that I have gotten the most use out of:
-Risk Management: I love how Vanta not only provides you with an easy to use Risk Register, but also provides you with a library of different but common risk scenarios that you can easily add into your register. I also love how if you have controls already in place in other areas in Vanta it will be able to detect them and automatically add the controls into each risk scenario. Something that used to be time consuming and cumbersome is now done in minutes!
-Security Policy templates: Any security person/team can attest to the gruesome process of dealing with policies and having to create them from scratch. This feature was one of the biggest attractions to me when I first went looking for a security tools for my company. The policy templates they provide are so well written and thought out, they easily help you align your internal security posture with SOC 2/ISO and other security frameworks. The policy templates have really saved me by adding language that I may have missed or forgotten to add entirely.
-Trust Reports: A trust report is a public facing web page that you can easily publish on your website. It's published through a sharable link that you can send to your customers and prospects. What makes this such a big feature for me is having that single source of truth that I can send out to clients or prospects. I used to keep all of our security information in a PDF that I would have to constantly update and send that out to customers and prospects via email. With Trust Reports, it automatically updates from the controls that we have in place in our Vanta instance. Now, all I do is provide a link to our live Trust Report page for our customer and prospects to view. And no matter when they access the link I always have the assurance that they are receiving the most up to date info on our current security posture. A true game changer!
I could go on about many other features but these are definitely my top three and why I always recommend Vanta to anyone looking to stregthen their company's security posture.
-Risk Management: I love how Vanta not only provides you with an easy to use Risk Register, but also provides you with a library of different but common risk scenarios that you can easily add into your register. I also love how if you have controls already in place in other areas in Vanta it will be able to detect them and automatically add the controls into each risk scenario. Something that used to be time consuming and cumbersome is now done in minutes!
-Security Policy templates: Any security person/team can attest to the gruesome process of dealing with policies and having to create them from scratch. This feature was one of the biggest attractions to me when I first went looking for a security tools for my company. The policy templates they provide are so well written and thought out, they easily help you align your internal security posture with SOC 2/ISO and other security frameworks. The policy templates have really saved me by adding language that I may have missed or forgotten to add entirely.
-Trust Reports: A trust report is a public facing web page that you can easily publish on your website. It's published through a sharable link that you can send to your customers and prospects. What makes this such a big feature for me is having that single source of truth that I can send out to clients or prospects. I used to keep all of our security information in a PDF that I would have to constantly update and send that out to customers and prospects via email. With Trust Reports, it automatically updates from the controls that we have in place in our Vanta instance. Now, all I do is provide a link to our live Trust Report page for our customer and prospects to view. And no matter when they access the link I always have the assurance that they are receiving the most up to date info on our current security posture. A true game changer!
I could go on about many other features but these are definitely my top three and why I always recommend Vanta to anyone looking to stregthen their company's security posture.
What do you dislike about the product?
I don't have many areas that I dislike about Vanta, however, I do see areas of improvement. Here are a few features that I would love to see added:
-Vulnerability scanning: With all that Vanta provides, it kind of surprises me that they have not yet implemented their own in-house vulnerability scanner. Since Vanta is my one-stop-shop for almost everything security it would be great if I could use Vanta for dynamic vulnerability scanning of web apps right inside the console (And also be able to schedule these scans on a regular basis). Having this feature would eliminate my need to go to a third-party vendor for my dynamic vulerability scanning. Also this feature would be able to automatically complete specific controls that are required for certain frameworks. I would love to see this implemented one day!
-Security Policy Templates + AI: I might be jumping the gun on this one since Vanta is now starting to roll out new AI features into the application. This feature would scan your Vanta console and learn about your environment, then when opening new policy templates in the Vanta editor the policy would be able to reflect what it has learned about your environment. So for example: If I specify an SLA in Vanta of 7 days for Critical/High issues, when I open the policy editor for the policy where this is specified it would add that language in for me automatically. Again, this may be something they have in the pipeline and I could be jumping the gun a bit but I would love to see something like this in the future.
-Vulnerability scanning: With all that Vanta provides, it kind of surprises me that they have not yet implemented their own in-house vulnerability scanner. Since Vanta is my one-stop-shop for almost everything security it would be great if I could use Vanta for dynamic vulnerability scanning of web apps right inside the console (And also be able to schedule these scans on a regular basis). Having this feature would eliminate my need to go to a third-party vendor for my dynamic vulerability scanning. Also this feature would be able to automatically complete specific controls that are required for certain frameworks. I would love to see this implemented one day!
-Security Policy Templates + AI: I might be jumping the gun on this one since Vanta is now starting to roll out new AI features into the application. This feature would scan your Vanta console and learn about your environment, then when opening new policy templates in the Vanta editor the policy would be able to reflect what it has learned about your environment. So for example: If I specify an SLA in Vanta of 7 days for Critical/High issues, when I open the policy editor for the policy where this is specified it would add that language in for me automatically. Again, this may be something they have in the pipeline and I could be jumping the gun a bit but I would love to see something like this in the future.
What problems is the product solving and how is that benefiting you?
Vanta is providing me with a single source of truth about the status of the security within my environment. Vanta is solving the issue of overly cumbersome security environments and making everything super fast and easy to get rsults on. Their integrations are quick and easy to use, their features just get better every day, and their support and team is awesome to work with.
showing 1,161 - 1,170