We use the solution for automated security and compliance. Most of the time, it is about getting people to certifications.
Vanta
VantaExternal reviews
2,113 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Streamline Compliance with a central hub for policies, tests and controls
What do you like best about the product?
Clarifies the requirements of a lot of important security standards, primarily ISO 27001 and SOC 2.
- Guidance available to gather the required evidence or steps to implement compliant practices.
- Guidance available to gather the required evidence or steps to implement compliant practices.
What do you dislike about the product?
Searching for specific policies and keywords could be clearer, it requires a degree of familiarity making it less useful for end users.
What problems is the product solving and how is that benefiting you?
Aligning the security and compliance requirements of ISO 27001 and SOC 2, making it clear which elements are shared and the specific items required to test and evidence compliance.
Vanta takes the "over" out of "overwhelming" when it comes to SOC 2 compliance
What do you like best about the product?
It's a straightforward, simple, yet robust system for various compliance needs. I like that it clearly lays out the requirements, the tests, and highlights deficiencies in an automated fashion. Implementation is very straightforward and it's easy to connect most/all of your 3rd party systems for automated tests. Once you get through an initial implementation period (which is self-guided) you don't have to actually login and use the system every day--Vanta will send you notifications when tests fail or something is needed. Customer support is solid. They give you a dedicated account rep that can guide you through everything and point you in the right direction.
What do you dislike about the product?
Vanta is a bit nickle-and-dimey with their product. The base fees can be quite hefty and then they try to upsell you on additional modules to automate more of the process.
What problems is the product solving and how is that benefiting you?
We use Vanta for SOC 2 and PCI compliance. Without Vanta, we'd have to pay a consultant 5x what we pay Vanta for. That does mean that we have to put in some extra work ourselves to self-manage and keep on schedule, but it's worth the tradeoff. Vanta also has a number of partner CPA/audit firms to pair with their customers, yet you can still choose your own audit firm if desired. Ultimately, Vanta is guiding us through the process of becoming SOC 2 compliant and helping us understand the scope at the same time.
The Vanta platform has been invaluable for our SOC2 compliance efforts
What do you like best about the product?
Vanta's ability to provide near realtime information regarding test failures or vulnerabilities makes it an extremely comprehensive tool. The questionnaires auto fill has saved countless hours where manually filling inquiries often took hours per month.
What do you dislike about the product?
Because of the comprehensive nature of the platform, its not always easy to navigate to the exact spot you need to address. To fix an issue can be done on th main vulnerability page while others required you to go somewhere else first.
What problems is the product solving and how is that benefiting you?
Vanta shines a light on issues related to SOC2 and helps us strengthen our security stance.
Vanta makes a difficult process (SOCII Type 2) easier to understand
What do you like best about the product?
Vanta aggregates all necessary controls, policies, documents, etc into a single platform. This in and of itself is helpful as we have a repository and tracker for all of our current SOCII needs & requirements. Vanta's Trust Center has helped us to display that we are in process and will eventually serve as our homepage to share with external partners when asked about compliance. We use Vanta every day as we prepare for our final audit process.
External integrations into our systems has been fairly simple each time we've needed to implement.
External integrations into our systems has been fairly simple each time we've needed to implement.
What do you dislike about the product?
Some of the controls, documents and policies are unclear. Assistance in understanding what is "in scope" vs what is "out of scope" would be helpful. Also had some trouble sourcing a pentest provider through the Vanta team. A more thorough outline of onboarding expectations would be helpful as well. We have reached out to our Account Executive a few times with technical questions that were immediately passed off to another department.
What problems is the product solving and how is that benefiting you?
Vanta is providing a solution to our team that would otherwise be unable to obtain SOCII Certification on our own. It has saved us numerous hours I'm sure. SOCII Compliance is not for the faint of heart!
Vanta is a fantastic platform for organizing multiple security frameworks and accelerating timelines
What do you like best about the product?
Vanta provides numerous automatic controls that significantly reduce the time required to show compliance with security requirements. It is also serves as a central repository for security documents. It makes security audits considerably easier, saving both time and money. Vanta also allows you to view how many controls are already met in additional security frameworks.
What do you dislike about the product?
Each security framework is sold as an additional module. so it can add up.
What problems is the product solving and how is that benefiting you?
Vanta helps automate controls and serves as a central repopsitory for documents.
Vanta is an invaluable tool for achieving compliance for small companies
What do you like best about the product?
Vanta distills the rather daunting task of compliance into a manageable set of controls with automated tracking, templates, and reminders. For a 10 person company, compliance appeared to be a difficult task, but Vanta helped us achieve and maintain SOC 2 compliance without too much trouble.
What do you dislike about the product?
Working with a third party auditor, while necessary, was frustrating at times due to their lack of understanding how Vanta worked or mismatched assumptions on how the audit process worked. We occasionally ran into instances where we'd disabled controls or added evicdence to a particular control that the auditor couldn't see or understand, leading to long email exchanges.
What problems is the product solving and how is that benefiting you?
Our customers desire that we maintain SOC 2 compliance for our SaaS application. Vanta helped us achieve and maintain that compliance.
Helped me close a deal
What do you like best about the product?
I love how it automates all the compliance tasks I used to do by hand. It's such a time-saver! It really easy to hook up all integrations and get going with the SOC 2 program.
What do you dislike about the product?
The pricing is a bit steep for smaller companies. I wish they had a more affordable option for startups just getting started with compliance.
What problems is the product solving and how is that benefiting you?
Vanta's handling all the SOC 2 compliance stuff we used to struggle with. It's freed up so much of our time - now we can focus on actually running our business instead of drowning in paperwork.
Has good task management and vendor assurance features
What is our primary use case?
What is most valuable?
Task management and vendor assurance are the most valuable features. It is also an easy tool to use.
What needs improvement?
Scalability could be improved.
For how long have I used the solution?
I have been using Vanta for seven to eight months.
What do I think about the stability of the solution?
There is no issue with the stability.
What do I think about the scalability of the solution?
The product is scalable.
Thirty or more people are using Vanta
How are customer service and support?
We have contacted support once or twice, and they have been good.
How was the initial setup?
The initial setup is easy.
What other advice do I have?
Real-time security monitoring reduces the busy work of collecting evidence so that the security or IT folks can focus on other things. It has been easy for people to jump in and use the product.
I recommend the solution and advise you to have a plan and a security expert.
Overall, I rate the solution an eight out of ten.
Great experience, wish we found Vanta years ago
What do you like best about the product?
We love the automated AWS controls which proactively alert us to security vulnerabiblities in our architecture which we would have not have found otherwise. The trust centre is excellent for reassuring our customers that we have a secure and robust infosec capability which also helps with RFPs. The automation of policy signoff for staff is very good for demonstrating compliance. We have our next major ISO audit later in the year and we hope the investment in Vanta will make that a lot simpler for our auditor.
What do you dislike about the product?
There is a lot of work to set the platform up and the control based architecture took some getting used to but now we have this setup it's working well. The dashboards can be quite noisy and it would be better if there were an easier way to flag controls as not relevant,
What problems is the product solving and how is that benefiting you?
ISO:27001 and GDPR compliance
Ease of usage
What do you like best about the product?
The effectiveness of the tool i.e. the evidence that it proposes for us to provide makes our Certification Audit program easy.
Ease of use i.e. users as part of the scope have to put in very little effort to update/close tickets.
Primarily and most important, the support from Vanta personnel.
Ease of use i.e. users as part of the scope have to put in very little effort to update/close tickets.
Primarily and most important, the support from Vanta personnel.
What do you dislike about the product?
None that i can think of, since the tool is performing to our expectations based on our requirements.
What problems is the product solving and how is that benefiting you?
Completely eliminate the use of excel sheets for evidence collection & The guidelines on all applicable controls.
showing 421 - 430