Intuitive and Efficient Compliance Management
What do you like best about the product?
I like Vanta's user interface. It is intuitive and easy to add evidence to the compliance frameworks for the auditor. Vanta keeps us on top of our compliance requirements with its automated tests and alerting, making it easy to stay on top of it. It's easy to use and allows for efficient distribution of tasks to different company stakeholders. Also, the initial setup was very easy to implement. We integrate Vanta with our cloud infrastructure, like AWS.
What do you dislike about the product?
I have had experiences with auditors requiring additional evidence for compliance controls. Sometimes, meeting the requirements of the automated testing is not enough. Vanta could improve the experience by automatically detecting screenshots that are not going to be accepted by the auditor. For example, making sure that a 'timestamp' is included in the screenshot.
What problems is the product solving and how is that benefiting you?
Vanta helps manage our HIPAA and SOC-2 compliance with automated tests and alerts, streamlining our compliance processes. Its intuitive user interface allows for effortless evidence collection and task distribution among stakeholders, making compliance management straightforward.
Easy to use, super intuitive!
What do you like best about the product?
Vanta makes compliance feel effortless. The automation features save hours of manual work, and the platform’s clarity helps everyone on the team stay aligned. I especially appreciate how intuitive the dashboard is.... it gives a real-time pulse on our security posture without needing to dig through spreadsheets or audit trails!!
What do you dislike about the product?
Occasionally, some integrations take a bit of fine-tuning to sync perfectly, and certain alerts could use more context or flexibility. But overall, the product team is clearly responsive, and improvements roll out frequently.
What problems is the product solving and how is that benefiting you?
Vanta centralized and automated much of the compliance work that used to take endless spreadsheets and back-and-forths between teams. It gives us a single source of truth for our security posture, makes evidence collection and audit preparation far more efficient, and ensures we’re continuously meeting requirements instead of scrambling at the end of the cycle. It’s also helped improve collaboration between People Ops, Engineering, and Leadership by making compliance a shared, visible process.. not a siloed or reactive one.
Has improved our compliance workflow and helped identify and fix security vulnerabilities
What is our primary use case?
My main use case for Vanta is compliance in general, aiming for an ISO to be compliant with the standards.
A specific example of how I use Vanta for ISO compliance is that we have Vanta connected to our AWS account and our Azure DevOps repositories.
Regarding my main use case for Vanta, we are using it to make sure our security posture is good. For example Vanta has picked up all the AWS Inspector for our ECR repos vulnerabilities, and we create tickets and hand them out to our team, trying to remediate these images one by one, which provides a very useful view of our weak points.
What is most valuable?
The best features Vanta offers include reasonable recommendations, a nice user experience, and everything being organized. The remediation guidance is very nice, so if I don't have a clue about that item, Vanta gives me a hint on what to do and what the subject of that resource is.
Most of the time the recommendations are quite sufficient, which is great. Sometimes, if the task is a little bit complicated, it requires some extra research, but in general, it's good, especially for infrastructure as code. It even has solid examples on what to do.
Vanta has positively impacted my organization by helping us remediate a lot of vulnerabilities and bad practices, especially from vulnerable ECR repos, and enforced good behavior. For example, we enforce reviews for our pull requests, which wasn't mandatory before and was on a per-repo basis. Now, this enforcement is uniform across the entire organization.
After implementing those changes with Vanta, we tracked specific outcomes and metrics and improved compliance scores, which we can see in Vanta. We started out at around 17%, and we're now at over 80%. It's still a work in progress, but we've come a long way.
What needs improvement?
The only thing I wish for regarding the features is better RBAC. Permissions for platform users have been an issue. We've had to give admin access to Vanta for another team member to view all items. It would be great if the permissions of Vanta platform users had more verbosity to them, more dynamic.
To improve Vanta, I think the refresh after remediation takes place could be controlled more. If it could be faster, that would be great.
Besides the user permissions and the refreshing, which are improvements rather than issues, the rest looks fine. Vanta has been really nice, with a nice user experience, clear layout, and very reasonable recommendations compared to other platforms we've tried.
For how long have I used the solution?
I've been using Vanta for the past 10 months, starting in early January this year.
What do I think about the stability of the solution?
Vanta is very stable; we haven't had any downtimes or weird behavior so far, which we really appreciate.
What do I think about the scalability of the solution?
Regarding Vanta's scalability, our whole DevOps team and SRE teams have been onboarded, and it has been a smooth ride.
How are customer service and support?
I haven't interacted with customer support yet, as we haven't had any need to contact them so far. I'm sure they will be good.
Which solution did I use previously and why did I switch?
I previously used Azure Defender, which was a hideous solution with inconsistencies. Connectors would go down randomly, and some suggestions from Azure Defender were very awful and unrealistic. We had a rough time with it; We've had a very nice time with Vanta so far compared to Azure Defender.
What was our ROI?
Besides achieving a better security posture and coming closer to ISO compliance, I have nothing else to share about return on investment.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing isn't in my domain to give a good answer.
Which other solutions did I evaluate?
Before choosing Vanta, our team lead evaluated other options, and I personally evaluated other options regarding security posture in general, mostly open-source ones.
What other advice do I have?
For others looking into using Vanta, I would say it's great, and if they're new to compliance, that's the perfect place to start. Start using Vanta, narrow down the scope, and take the items one by one to get one step closer to good compliance.
I think Vanta is one of the good platforms out there. I'm glad we're using it. I'm comfortable with it, and so is my team.
On a scale of 1-10, I rate Vanta a 9 out of 10.
A Reliable Partner for Security and Compliance
What do you like best about the product?
What I appreciate most about Vanta is the significant amount of time it saves our team. Rather than constantly following up with people for screenshots or stressing over whether controls are being met, Vanta handles everything automatically in the background. Its integrations with the tools we already rely on, such as AWS, GitHub, and Google Workspace, make tracking compliance seamless. I also enjoy the straightforward dashboard, which clearly displays our current status and eliminates unnecessary guesswork. Using Vanta feels like having an additional team member focused solely on compliance, but without the extra burden.
What do you dislike about the product?
One aspect I find challenging about Vanta is that the initial setup can be somewhat overwhelming. There are numerous integrations and settings to configure, and it takes a while to figure out the optimal way to organize everything. Sometimes, a few integrations don’t sync correctly on the first attempt, requiring us to troubleshoot or reach out to support. However, after the setup is finished, everything operates smoothly, and the support team has always responded quickly whenever we needed assistance.
What problems is the product solving and how is that benefiting you?
Vanta is helping us solve one of the biggest challenges we had as a growing company – managing compliance across multiple platforms and vendors. Since we use a mix of GCP, AWS, and other third-party tools, keeping track of security controls, access management, and system monitoring was becoming very difficult. Vanta centralizes all of this into a single platform.
With automated checks and continuous monitoring, we don’t have to manually chase logs or worry about missing compliance requirements. It also makes audits much smoother because all the evidence is already organized and mapped to controls. For us, the biggest benefit is the time and effort saved — developers can focus on building products while Vanta ensures that our systems remain compliant and secure in the background.
Streamlined compliance and peace of mind
What do you like best about the product?
Vanta makes the entire compliance process seamless, from automated evidence collection to real-time monitoring. The platform removes a lot of manual work and gives us confidence that we’re always audit-ready. Their integrations are broad and reliable, and the support team is responsive and knowledgeable.
What do you dislike about the product?
Some of the dashboards can feel a bit overwhelming at first, and setup takes time if you have a complex environment. A few integrations could go deeper, and reporting customization is limited. That said, these are minor compared to the overall value.
What problems is the product solving and how is that benefiting you?
Vanta is helping us automate the time-consuming parts of compliance and security monitoring. Instead of chasing evidence, managing spreadsheets, or worrying about audit readiness, the platform continuously tracks our systems and flags issues in real time. This saves our team significant time, reduces human error, and gives customers and partners confidence in our security posture.
Vanta is User Friendly
What do you like best about the product?
Vanta has automated all the compliance framework by integrating all the tools and it becomes very easy to track all the test and remediate them according to the SLA set in the platform.
What do you dislike about the product?
Till now I don't have any dislikes about Vanta
What problems is the product solving and how is that benefiting you?
Vanta is solving in tracking all the test required for compliance of SOC 2 Type II
A solid GRC platform, and smoothly intuitive
What do you like best about the product?
I was prompted to leave a review after I reported (and they promptly resolved) a minor UX bug, and the responsiveness from the Vanta team was first rate. But beyond that, it's a well-architected platform, and enjoyable to use, especially for the Trust Center we rely on for our own customer trust efforts.
What do you dislike about the product?
I do find the complexity of the left menu a bit daunting, and could do more with a little less.
What problems is the product solving and how is that benefiting you?
Vanta's chief values are in the Trust Center, as a source for trust truth in working with our prospects and customers, and as a platform for audits.
Streamlined compliance automation that saves time and effort
What do you like best about the product?
Vanta makes the compliance process much easier by automating evidence collection, monitoring, and reporting. The integrations with tools like AWS, GitHub, and Google Workspace save a lot of manual work. The dashboard provides a clear overview of compliance status, making it simple to track progress. It’s especially helpful for SOC 2, ISO 27001, and other frameworks, reducing both audit preparation time and stress.
What do you dislike about the product?
Some integrations can be a bit tricky to set up initially, and there are occasional sync delays with certain tools. The platform is powerful, but the pricing may feel high for smaller startups. Additionally, while the dashboard is good, it could benefit from more advanced customization and analytics features
What problems is the product solving and how is that benefiting you?
Vanta helps us streamline the compliance process by automating evidence collection, security monitoring, and policy management. Instead of manually tracking compliance tasks, the platform provides continuous monitoring and reminders, which saves a significant amount of time and reduces the risk of human error. It has made preparing for SOC 2 and ISO audits much faster, while also giving our team greater confidence in meeting security standards. This not only improves internal efficiency but also builds trust with our customers and partners.
Automates lots of the work.
What do you like best about the product?
It automates lots of the work required for the audit.
What do you dislike about the product?
Navigation might be the most annoying part.
What problems is the product solving and how is that benefiting you?
Security compliance and the requirements surrounding this.
Simplifying Compliance
What do you like best about the product?
Vanta has been helpful for our company as we tried to obtain our GDPR compliance. Having mostly everything centralized in one area was really useful and made it easier. The partnership with GDPRlocal to obtain a local EU representative was also very helpful and provided us with more peace of mind knowing that the 3rd party we were partnering with had a connection with Vanta.
What do you dislike about the product?
There is a bit of a love-hate relationship with the email notifications and frequency upon which Vanta sends the reminder emails. I like that I get reminded but unfortunately I do not always have the time to attend to those emails right away and so they pile up in my inbox.
What problems is the product solving and how is that benefiting you?
Vanta is helping us understand and realize what we don't know about compliance and all the work that was required. Having the templates and step-by-step instructions were really beneficial and time-savers.
