Vanta
VantaExternal reviews
2,351 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Experience with VANTA
What do you like best about the product?
The tool allows for multiple modules to control various components of management systems, such as the compliance part for control issues according to the framework. Additionally, it allows for risk management, vendor management, and it is excellent.
What do you dislike about the product?
I would improve some things in the risk module, as it currently does not have them. For example, I would allow it to be more focused on other types of risk such as business, legal, etc., and when these categories are selected, the fields I need to fill out for this type of risk would be enabled. Even in the information security risk section, I would bring by default the fields for information assets and link them with the asset module.
What problems is the product solving and how is that benefiting you?
They help and contribute to the facilitation and management of information according to the framework we have certified, for example, ISO 27001, 27018, ISO 27701, etc. This has made it easier for us to load evidence, select controls, among other things.
Great Experience with Vanta
What do you like best about the product?
The site was super easy to use and Vanta was extremely responsive
What do you dislike about the product?
I have not found anything I would change about Vanta
What problems is the product solving and how is that benefiting you?
We needed to get SOC 2 certified
Vanta ISMS Review - ISO 27001 and Trust Centre
What do you like best about the product?
We are currently utilising Vanta for ISO 27001 compliance, and it has been instrumental in helping us maintain our certification. One particularly valuable feature is its proactive compliance management, which provides timely alerts on expiring checks. A real concern for us was ensuring that compliance remains an ongoing priority rather than a one-and-done type of exercise, preventing any lapse in security as we continue to scale. Balancing proactive compliance methods with growth has been a constant juggling act for any scale-up.
We have found Vanta’s Trust Centre to be an invaluable asset, providing real-time access to our cybersecurity offerings, which we can efficiently share with customers cutting down time doing DDQs. Additionally, it serves as a central repository for critical security documentation, including DPAs, T&Cs, and cybersecurity reports, while also allowing us to manage and display our subprocessors for greater transparency and accessibility.
Our decision to choose Vanta over alternative solutions was primarily driven by its responsiveness and commitment to continuous improvement. Upon onboarding, we identified that our primary cloud provider was not yet supported, and Vanta was really good in accounting for this and promising to get this implemented in the future. Lo and behold, they are now supported bridging this gap for us.
Furthermore, Vanta has significantly enhanced our device management capabilities. We rely on the platform to track all company laptops, ensuring that they adhere to minimum security requirements and remain compliant with our internal policies.
Looking ahead, as we plan to expand into the US, Vanta’s ability to seamlessly integrate additional frameworks, such as SOC 2, will be essential in maintaining our security and compliance standards across multiple markets.
Overall, Vanta has provided us with a robust, scalable, and efficient solution for managing security and compliance, making it an indispensable part of our operations.
We have found Vanta’s Trust Centre to be an invaluable asset, providing real-time access to our cybersecurity offerings, which we can efficiently share with customers cutting down time doing DDQs. Additionally, it serves as a central repository for critical security documentation, including DPAs, T&Cs, and cybersecurity reports, while also allowing us to manage and display our subprocessors for greater transparency and accessibility.
Our decision to choose Vanta over alternative solutions was primarily driven by its responsiveness and commitment to continuous improvement. Upon onboarding, we identified that our primary cloud provider was not yet supported, and Vanta was really good in accounting for this and promising to get this implemented in the future. Lo and behold, they are now supported bridging this gap for us.
Furthermore, Vanta has significantly enhanced our device management capabilities. We rely on the platform to track all company laptops, ensuring that they adhere to minimum security requirements and remain compliant with our internal policies.
Looking ahead, as we plan to expand into the US, Vanta’s ability to seamlessly integrate additional frameworks, such as SOC 2, will be essential in maintaining our security and compliance standards across multiple markets.
Overall, Vanta has provided us with a robust, scalable, and efficient solution for managing security and compliance, making it an indispensable part of our operations.
What do you dislike about the product?
While Vanta is a powerful compliance solution, it does have some limitations, particularly for businesses that do not rely on major providers - which can limit your flexibility in scaling.
If an application is not natively supported, compliance gaps must be addressed manually, which can add to the operational burden and will give you inaccurate scores on "completion" of a certification.
Although Vanta is responsive to customer needs and continues to expand its integrations, there is no guarantee that less common or niche tools will be supported. This means businesses using custom-built systems or non-mainstream applications may struggle to fully automate compliance tracking, reducing the efficiency of Vanta’s real-time monitoring capabilities.
If an application is not natively supported, compliance gaps must be addressed manually, which can add to the operational burden and will give you inaccurate scores on "completion" of a certification.
Although Vanta is responsive to customer needs and continues to expand its integrations, there is no guarantee that less common or niche tools will be supported. This means businesses using custom-built systems or non-mainstream applications may struggle to fully automate compliance tracking, reducing the efficiency of Vanta’s real-time monitoring capabilities.
What problems is the product solving and how is that benefiting you?
Vanta has been instrumental in helping us achieve and maintain ISO 27001 compliance, streamlining the process and ensuring we stay on track with ongoing requirements.
Beyond compliance, Vanta serves as our comprehensive ISMS tool, enabling us to efficiently manage our policies, devices, and access controls.
The Trust Centre has been incredibly useful for our security posture by providing real-time visibility into our cybersecurity measures, allowing us to easily share compliance reports, agreements, and subprocessors with customers.
Beyond compliance, Vanta serves as our comprehensive ISMS tool, enabling us to efficiently manage our policies, devices, and access controls.
The Trust Centre has been incredibly useful for our security posture by providing real-time visibility into our cybersecurity measures, allowing us to easily share compliance reports, agreements, and subprocessors with customers.
Great product!
What do you like best about the product?
Vanta helped me get SOC 2 certified. It was easy to integrate, the onboarding support was good, and it helped satisfy my auditor. It also notifies via slack when things get out of shape, so it is easy for me to stay ahead of the issues all the time.
What do you dislike about the product?
Sometimes it is not clear enough how to fix the problem. Might be inherent with the benchmark, not Vanta's fault. Also - auditor still wants to add custom documents and proof.
What problems is the product solving and how is that benefiting you?
Helped me get SOC 2 certified and helps me stay that way
Vanta is usefull to scale due dilignece
What do you like best about the product?
the trust center is a good resource to self serve customers
What do you dislike about the product?
the due diligence automation feature because it only ingest spreadsheet
What problems is the product solving and how is that benefiting you?
Source of truth for security docuemntation and processes
Reliable and High-Quality partner
What do you like best about the product?
The ability to automate our audits and consolodate our evidence was the primary reason we chose Vanta and has been of great value for us, however the Trust Center functionality has also been an unexpected high point.
What do you dislike about the product?
Currently the platform is geared towards SOC2, however it does not entirely align with ISO27001 just yet. We are still working from spreadsheets for our inforamtion asset managment. It would be good to see a more robust alignment with ISO27001.
What problems is the product solving and how is that benefiting you?
We are able to significantly reduce the amount of audit preparation time as much of this is automated. In addition we can now ensure our clients and prospects have up to date access to our policies and certifications.
Meets all our needs
What do you like best about the product?
Automations and integrations make compliance a breeze
What do you dislike about the product?
Some complex solutions to meeting the requirements, which aren't always clear.
What problems is the product solving and how is that benefiting you?
Without an appointed compliance manager, we needed a tool that helped us organise and maintain our policies and procedures for compliance.
Compliance made easy for startups
What do you like best about the product?
Vanta is a very easy to use and the level of support available is great. It is easy to use for people without much of a background in security and provides you with a detailed step by step process of what needs to be done to meet your compliance requirements. The policies and documents sections are easy to setup, track and maintain. Onboarding and offboarding process is also streamlined through Vanta from a security standpoint.
What do you dislike about the product?
One area of improvement can be if I can automate some of the mandatory to dos for new joinees instead of manually creating those alerts for them to complete the required tasks will be great.
What problems is the product solving and how is that benefiting you?
HIPAA compliance
Comprehensive Platform, Needs Better Vulnerability Tracking
What do you like best about the product?
I love Vanta for its great user interface, which makes the platform super easy to use. It's our primary GRC platform for vulnerability tracking and supports our other security programs, making it invaluable for our certifications and accreditations. The ease of setting it up was a major plus, allowing us to quickly start utilizing its features. Vanta is beneficial as it helps map our controls to relevant ISO or SOC 2 standards, supporting us in achieving necessary certifications for customer needs. I find the ability to manage multiple streams of work, such as vulnerability tracking and control tracking, in one platform very useful. The integration with other software like AWS, GitLab, and Jira enhances our workflow, allowing seamless coordination. The all-in-one usability of Vanta, where multiple streams of work are incorporated into one platform, is incredibly beneficial for our operations.
What do you dislike about the product?
I find the vulnerability tracking system within Vanta problematic. There are multiple inaccuracies and questionable aspects in the way vulnerabilities are displayed on the front end. Although the backend service seems fine, the front-end display does not accurately represent the data, which can be quite misleading. Additionally, even after raising a support ticket regarding this issue, there hasn't been a resolution for quite some time.
What problems is the product solving and how is that benefiting you?
I use Vanta for vulnerability tracking and to aid our certifications. It helps manage controls for ISO or SOC compliance, simplifying our accreditation process. Its all-in-one platform for control and vulnerability tracking, and questionnaires enhances efficiency and usability.
BEST RISK ASSESSMENT AND VENDOR MANAGEMENT TOOL
What do you like best about the product?
We used vanta for automated compliance check and risk assessment , it has the best remote secure access and assess management
What do you dislike about the product?
User interface is not efficient for beginner also not affordable
What problems is the product solving and how is that benefiting you?
We used it for risk assesment it was pretty efficient
showing 391 - 400