Vanta
VantaExternal reviews
2,112 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Essential for any business
What do you like best about the product?
It takes a huge amount of burden away from managing our compliance needs via the automation
Executive report is a great addition
The automation is incredible, between HRIS, to Cloud to IdPs.
Access review reminders and super helpful
Executive report is a great addition
The automation is incredible, between HRIS, to Cloud to IdPs.
Access review reminders and super helpful
What do you dislike about the product?
Some of the integrations require enterprise or top plans, it would be ideal to have this information up front
1Password integration doesn't work with the Google Cloud SCIM Bridge
1Password integration doesn't work with the Google Cloud SCIM Bridge
What problems is the product solving and how is that benefiting you?
It helps to meet our SOC2 compliance needs without an additional head
A fantastic GRC tool for budding companies
What do you like best about the product?
Vanta is continually and productively improving the platform - it's a no-brainer when you look at how many controls, documents, and tests you'd have to track and maintain without this tool. You earn you money back in just people-hours alone.
It's also a great way to get some solid visibility into your integrations and access points.
The unsung benefit of Vanta is how it's simultaneously a training tool for GRC in many ways. The extensive templates, descriptions, and cross-references within a certification and cross-certifications is invaluable.
It's also a great way to get some solid visibility into your integrations and access points.
The unsung benefit of Vanta is how it's simultaneously a training tool for GRC in many ways. The extensive templates, descriptions, and cross-references within a certification and cross-certifications is invaluable.
What do you dislike about the product?
It is pricey for small companies but also less expensive than other products out there.
What problems is the product solving and how is that benefiting you?
We initially pursued Vanta as a way to organize our efforts towards a major provider certification, and ended up bundling 2 other certs.
Quick to get started, easy to use, ever growing integrations and features
What do you like best about the product?
Automated compliance monitoring of any kind is excellent for visibility and accountability. Vanta made it easy to integrate with AWS, and the number of system integrations for access tracking is growing rapidly, particularly with the recent launch of the custom integration framework. Compared to previous experiences with SOC2 audits, it significantly accelerated and reduced stress.
I haven't needed much customer support, but when I or a colleague did, the response was prompt, and they were receptive to feedback and product feature requests. Engaged customer success managers have been a valuable asset.
Integrations with platforms like Slack and Email mean that I don't need to log into the Vanta platform often, which is beneficial. This allows the team assigned to specific items or tests to respond quickly to changes and resources that require attention.
While not unique to compliance automation platforms, Vanta's partnerships with accredited and well-renowned auditing companies have improved the audit process. Working with auditors familiar with the platform enhances efficiency in locating monitoring and report functionalities.
I haven't needed much customer support, but when I or a colleague did, the response was prompt, and they were receptive to feedback and product feature requests. Engaged customer success managers have been a valuable asset.
Integrations with platforms like Slack and Email mean that I don't need to log into the Vanta platform often, which is beneficial. This allows the team assigned to specific items or tests to respond quickly to changes and resources that require attention.
While not unique to compliance automation platforms, Vanta's partnerships with accredited and well-renowned auditing companies have improved the audit process. Working with auditors familiar with the platform enhances efficiency in locating monitoring and report functionalities.
What do you dislike about the product?
It's beneficial to utilize AWS infrastructure tags for specifying monitored resources. However, it would be advantageous to have more granular control, distinguishing between excluding a specific resource for a particular test versus excluding it from all tests.
Since the platform focuses on compliance monitoring, marking resources as out of scope presents challenges. It results in either incomplete tracking of resources or additional work for auditors to filter out what's deemed 'out of scope.' Enhancing the ability to monitor and categorize resources as in scope for specific frameworks would be beneficial.
Initially, some functionalities like risk and asset management, along with their interconnectedness and links to controls, were absent. However, these features are swiftly being introduced and enhanced.
Since the platform focuses on compliance monitoring, marking resources as out of scope presents challenges. It results in either incomplete tracking of resources or additional work for auditors to filter out what's deemed 'out of scope.' Enhancing the ability to monitor and categorize resources as in scope for specific frameworks would be beneficial.
Initially, some functionalities like risk and asset management, along with their interconnectedness and links to controls, were absent. However, these features are swiftly being introduced and enhanced.
What problems is the product solving and how is that benefiting you?
Automated monitoring and reporting of cloud security configurations.
Integration of access management, including onboarding/offboarding processes, with key systems.
Streamlining the audit process through automated reports and partnerships with auditors.
Centralized vendor security reviews, accompanied by reminders for completion and uploading certification records.
Integration of access management, including onboarding/offboarding processes, with key systems.
Streamlining the audit process through automated reports and partnerships with auditors.
Centralized vendor security reviews, accompanied by reminders for completion and uploading certification records.
Fantastic value from Vanta platform for achieving SOC 2 compliance
What do you like best about the product?
Vanta allowed our startup to pass SOC 2 compliant and pass audit with minimal staffing.
What do you dislike about the product?
Some interfaces could be improved, especially around people management.
What problems is the product solving and how is that benefiting you?
As a fintech platform, Lane Healt
h had to pass SOC 2 Type 2 certification. This usually requires a staff of several IT/Ops people and significant project budget. Vanta simplifies this process tramendously
h had to pass SOC 2 Type 2 certification. This usually requires a staff of several IT/Ops people and significant project budget. Vanta simplifies this process tramendously
Streamlines SOC 2 for First Timers
What do you like best about the product?
It lets you see everything that you need to do to meet compliance requirements at a glance, demystifying the process significantly for those who aren't familiar with it.
What do you dislike about the product?
I wish Vanta gave better insight into scenarios when certain listed policies, documents, tests, etc aren't needed, especially for smaller companies where a lot of things don't end up applying.
What problems is the product solving and how is that benefiting you?
It's making it much more straighforward to understand what we need to do to be compliant.
Organize the audit chaos
What do you like best about the product?
Vanta has been fantastic about keeping us in compliance month or month. No end of year surprises!
What do you dislike about the product?
I wish PCI tool was more auditmated and thorough.
What problems is the product solving and how is that benefiting you?
Interfacing with auditors, gathering evidence, and organiztion documents.
Good value for spend
What do you like best about the product?
They do a good job and they're not overpriced
What do you dislike about the product?
Nothing - as a non-technical user involved in the process, it would be good to be looped in on final reports.
What problems is the product solving and how is that benefiting you?
Vendor diligence by customers; helpful for investor diligence too
Very good pricing for a small web agency and good onboarding.
What do you like best about the product?
I like their pricing and the initial sales call was very informative and to the point.
What do you dislike about the product?
We are in the in between stage right now [between VIOLEX and the audit group] and we feel a bit lost.
What problems is the product solving and how is that benefiting you?
SOC II compliance that we require to have to be able to sell hosting and web development to banks.
Provides a structured approach towards completing SOC2 compliance
What do you like best about the product?
You get a well-structured format for your compliance journey. It's quite easy to use with a ton of documentation to get you started. The platform is easy to understand and the team is very helpful with answering questions.
The most used features for us have been policy creation, tracking onboarding /offboarding of employees, Vanta's in-built MDM, and pulling of automated tests.
The most used features for us have been policy creation, tracking onboarding /offboarding of employees, Vanta's in-built MDM, and pulling of automated tests.
What do you dislike about the product?
Not exactly a downside, but the addition of new tests can take you by surprise sometimes. Especially if you are not checking the dashboard every day.
What problems is the product solving and how is that benefiting you?
Vanta is automating most of the manual data collection for our SOC2 Type II compliance. It makes it easier to record and keep proofs for the auditors to review, as well as alert us within SLA for any outstanding gaps in our compliance.
Nice evolving platform, saves a lot of time for a CISO.
What do you like best about the product?
People monitoring, automation of of a lot of different tasks in particular with all integrations.
What do you dislike about the product?
Impossible to manage with a non-Vanta auditor.
What problems is the product solving and how is that benefiting you?
Automate our control plan for ISO27001 and ISO27701
showing 481 - 490