Vanta
VantaExternal reviews
2,110 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Simple and Hassle-Free Implementation
What do you like best about the product?
Its implementation is straightforward and, at least from a technical perspective, can be done quickly.
What do you dislike about the product?
Some AWS security controls do not fully comply with the configuration and governance model enforced by Control Tower. In addition, AWS Inspector often fails during vulnerability scans due to issues related to SSM (AWS Systems Manager). Unfortunately, Vanta does not provide actionable guidance to streamline or expedite the remediation process for these Inspector vulnerabilities, leaving users responsible for troubleshooting and identifying the necessary corrective actions on their own.
What problems is the product solving and how is that benefiting you?
Overall, it streamlines audits, helps manage vulnerability remediation tasks, and ensures the cloud environment remains secure and compliant.
Working with Vanta has been an amazing experience
What do you like best about the product?
Once set up Vanta is incredibly easy to maintain.
What do you dislike about the product?
I wish they had a better pricing structure.
What problems is the product solving and how is that benefiting you?
SOC2 management. Vanta makes everything clear and manageable.
Amazing product
What do you like best about the product?
A one stop shop for everything security.
What do you dislike about the product?
It didn't integrate with our cloud scanning tool.
What problems is the product solving and how is that benefiting you?
Vanta gives the organisation a wholistic security, compliance, and risk overview of the company's assets, partners, vendors, and cloud environment.
Great Product for Your Automating your Compliance
What do you like best about the product?
Out of all the compliance automation tools we used, Vanta had the best user interface and the most integrations out of the box. The onboarding was super simple and our account manager was always there we needed help. Vanta also provided easy access for our auditors and made the process very straight forward.
What do you dislike about the product?
I don't like the fact that certain features require additional money. Other providers have those items included in the package they sell.
What problems is the product solving and how is that benefiting you?
Vanta is helping us get through SOC 2 Compliance. It does all the work of figuring out what we need to make sure we can pass the audit.
Feature-Rich for Small Business, But Pricey
What do you like best about the product?
It is pretty feature rich for my needs in the small business I work for.
What do you dislike about the product?
Its pretty expensive for what we get out of it.
What problems is the product solving and how is that benefiting you?
They collect and organize all my SOC2 docs.
Compliance on autopilot, great integrations but not cheap
What do you like best about the product?
Easy to setup. Very useful integrations. Give a roadmap/guide to get certified in ISO27001. Covers a lot of bases that we would need other products for.
What do you dislike about the product?
Cost is high, some features still behind higher plans. Would like task tracking more directly embedded.
What problems is the product solving and how is that benefiting you?
Achieving and maintaining ISO270001 compliance. General improvement of security posture.
Effortless Process Implementation Made Simple
What do you like best about the product?
Easy to make implement all the process. While developing the SOC2 certification all the process was straight forward
What do you dislike about the product?
There are quite a few warnings, but these are connected to the SOC2 certifications.
What problems is the product solving and how is that benefiting you?
Vanta made achieving the SOC2 Type 2 certification straightforward by assisting in the creation of various controls. From there, it was easy to request and upload all the necessary documents, which helped streamline the entire compliance process.
Simplifies Compliance, But Needs More Integrations
What do you like best about the product?
The abstraction from the complexity of the audit compliance
What do you dislike about the product?
Not integrated with enough business tools
What problems is the product solving and how is that benefiting you?
Compliance with SOC 2, it eases the processes and ensuring compliance on many areas.
Comprehensive and Collaborative, But Task Overlap Can Be Confusing
What do you like best about the product?
Comprehensive, great layout and supporting in product guidance to ensure we resolve any issues/tasks at hand in the best way possible. It' s also easy to collaborate on. We use it almost on a daily basis as we received notifications and alerts. It has been easy to implement some of the feaures and roll it out to the org. Customer support has been great and we have a dedicated CSM that has supported us thrughout our journey.
What do you dislike about the product?
Sometimes confusing as many of the tasks form part of other lists, reports, charts, alerts and they are intertwined but in a confusing way.
What problems is the product solving and how is that benefiting you?
Before Vanta, ensuring ongoing SOC 2 compliance at Josef required manual tracking across multiple systems — cloud infrastructure, HR tools, access management, vulnerability management, and evidence collection. This created risks around:
Missed control evidence (e.g. proof of access reviews or change management processes)
Lack of real-time visibility into security posture
Time-consuming audits due to fragmented evidence and ad-hoc screenshots
Limited accountability across engineering and operations teams
Vanta centralises all of this by automatically monitoring controls and integrations (Google Workspace, AWS, Slack, GitHub, ClickUp, etc.), surfacing exceptions, and maintaining continuous audit readiness.
💡 How That Benefits Josef
Continuous compliance and audit readiness
Vanta automatically pulls and updates evidence daily, ensuring our SOC 2 controls remain in place year-round. This has removed the “scramble” before audit periods and simplified the annual audit cycle with Johanson Group.
Reduced manual workload
Instead of maintaining spreadsheets and screenshots, Vanta automatically checks controls like employee onboarding/offboarding, MFA enforcement, and change management. Our compliance and engineering teams can now focus on remediations, not evidence gathering.
Improved visibility and accountability
Dashboards show real-time compliance health across control families, which helps track ownership and identify gaps (e.g., missing device encryption, overdue risk assessments). It’s become the single source of truth for our audit posture.
Integrated risk and vulnerability tracking
With integrations to ClickUp and vulnerability management tools (like our Vanta Zap to auto-create tickets when new vulns are detected), we’ve automated follow-up on risk items and can demonstrate a complete remediation workflow.
Streamlined communication with auditors
During audits, most evidence can be shared directly from Vanta — audit requests are mapped to controls with attached evidence, reducing back-and-forth and cutting audit prep time significantly.
Missed control evidence (e.g. proof of access reviews or change management processes)
Lack of real-time visibility into security posture
Time-consuming audits due to fragmented evidence and ad-hoc screenshots
Limited accountability across engineering and operations teams
Vanta centralises all of this by automatically monitoring controls and integrations (Google Workspace, AWS, Slack, GitHub, ClickUp, etc.), surfacing exceptions, and maintaining continuous audit readiness.
💡 How That Benefits Josef
Continuous compliance and audit readiness
Vanta automatically pulls and updates evidence daily, ensuring our SOC 2 controls remain in place year-round. This has removed the “scramble” before audit periods and simplified the annual audit cycle with Johanson Group.
Reduced manual workload
Instead of maintaining spreadsheets and screenshots, Vanta automatically checks controls like employee onboarding/offboarding, MFA enforcement, and change management. Our compliance and engineering teams can now focus on remediations, not evidence gathering.
Improved visibility and accountability
Dashboards show real-time compliance health across control families, which helps track ownership and identify gaps (e.g., missing device encryption, overdue risk assessments). It’s become the single source of truth for our audit posture.
Integrated risk and vulnerability tracking
With integrations to ClickUp and vulnerability management tools (like our Vanta Zap to auto-create tickets when new vulns are detected), we’ve automated follow-up on risk items and can demonstrate a complete remediation workflow.
Streamlined communication with auditors
During audits, most evidence can be shared directly from Vanta — audit requests are mapped to controls with attached evidence, reducing back-and-forth and cutting audit prep time significantly.
Great AI and Automation, But Takes Time to Learn
What do you like best about the product?
The AI features, the UI is nice. I like the automation it provides.
What do you dislike about the product?
It can be clunky to figure out how to use.
What problems is the product solving and how is that benefiting you?
Speeds up review times during the sales cycles by providing the AI feature for the security questionnaires as well as a Trust Center to make it quicker and more accessible to customers. Some customers don't even send us a questionnaire because they can get the assurance level they need by using the Trust Center only.
showing 31 - 40