Vanta
VantaExternal reviews
2,320 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Easy SOC 2 experience
What do you like best about the product?
It was easy to filter by framework so that I could complete all of the items needed for our SOC 2. This was my first time doing a SOC 2 (Type 1) & first time using Vanta. Team was helpful and accomodating. Prescient did audit & they plugged into our Vanta portal without issue.
What do you dislike about the product?
There is a lot on the portal so I think without instruction, it may not be inherently intiuitive. But once I understood how to navigate the tool, it worked well.
What problems is the product solving and how is that benefiting you?
Vanta helped us become SOC 2 compliant - Understanding what was needed, templates to use for some of the requirements & tracking completion were all helpful aspects of the tool.
Complete platform that lacks a few improvements
What do you like best about the product?
Vanta is easy to get started with and allows you to achieve your compliance goals with all the available modules.
What do you dislike about the product?
The Vanta platform is powerful with many features, the problem is that the scores can change overnight without understanding why, which can give a feeling of losing control over the progress of these objectives. Another point, at the beginning many tests/checks are available without the ability to prioritize them according to the best practices of the targeted certification.
What problems is the product solving and how is that benefiting you?
Vanta allows us to have a more detailed view of the steps and controls to comply with a certification.
Streamlined Compliance and Security with Minimal Hassle
What do you like best about the product?
is its ability to simplify and automate the process of achieving and maintaining compliance standards, such as SOC 2, ISO 27001, and GDPR
What do you dislike about the product?
is that the initial setup can be somewhat complex, especially for organizations that are new to compliance processes. The onboarding process requires a thorough understanding of your existing security infrastructure, which might be challenging for smaller teams without dedicated compliance expertise. Additionally, while Vanta automates much of the compliance process, there are still areas that require manual input, and some integrations might not fully cover all use cases, leading to occasional gaps in automated evidence collection.
What problems is the product solving and how is that benefiting you?
SOC 2, ISO 27001, and GDPR
Vanta review
What do you like best about the product?
Vanta is a solution that offers everything under one platform
What do you dislike about the product?
Its complicated to start using and understanding all the funcionalities
What problems is the product solving and how is that benefiting you?
ISO 27001 Verification
Easy to use and start
What do you like best about the product?
Easy to create, adjust and maintain policies & tests
What do you dislike about the product?
Multiple suggestions for some sections of policies could be a nice to have
What problems is the product solving and how is that benefiting you?
Easy integrations with our tech stack and maintenance of our policies
Review for the Vanta Compliance Automation software
What do you like best about the product?
Ease of Use: Vanta is designed to be user-friendly, with a focus on automating the compliance process. It simplifies the complex tasks associated with compliance, making it accessible even to those who are not experts in the field.
Automation: Vanta automates many of the repetitive and time-consuming aspects of compliance, such as evidence collection, monitoring, and reporting. This allows us to maintain compliance with minimal ongoing work.
Real-Time Monitoring: Vanta continuously monitors the systems, detecting issues in real-time.
Support for Multiple Frameworks: Vanta supports various compliance frameworks such as SOC 2, GDPR that we have signed up for, but in future we can expand to more easily.
Automation: Vanta automates many of the repetitive and time-consuming aspects of compliance, such as evidence collection, monitoring, and reporting. This allows us to maintain compliance with minimal ongoing work.
Real-Time Monitoring: Vanta continuously monitors the systems, detecting issues in real-time.
Support for Multiple Frameworks: Vanta supports various compliance frameworks such as SOC 2, GDPR that we have signed up for, but in future we can expand to more easily.
What do you dislike about the product?
Customization Limitations: Some of the tools that we use (eg. Sonarqube) dont have ready integration in Vanta.
Potential for False Sense of Security: Automated tools can sometimes create a false sense of security, where we might assume that the compliance is fully covered.
Potential for False Sense of Security: Automated tools can sometimes create a false sense of security, where we might assume that the compliance is fully covered.
What problems is the product solving and how is that benefiting you?
Providing assurance to our stakeholders (internal and external) about the data security. Ensuring that the Cloud deployments are done as per SOC2 security framework and the data is managed properly as per GDPR framework
Great GRC platform that can be customised in any way
What do you like best about the product?
The way we can costumise everything and adjust things to work for our organisation. There are no limitations and we can automate almost everything. The automated tests and integrations with key tools make continious monitoring easier than ever.
Customer support team is also great with dedicated slack channel where we receive responses the same day we run into an issue.
Customer support team is also great with dedicated slack channel where we receive responses the same day we run into an issue.
What do you dislike about the product?
There is some lack of customisation in the vendor management module
What problems is the product solving and how is that benefiting you?
Vanta is solving all our problems around GRC. It is our one-stop-shop and we cannot live without it anymore. Thanks to all the automations we save much time and as a result we can spent more time on reducing risk accorss the organisation.
Vanta greatly simplifies and speeds up security and compliance for early-stage organizations.
What do you like best about the product?
In my experience, Vanta distills the complexities of compliance frameworks into clear, bite-sized objectives. A small team can effectively manage GRC for their organization with Vanta, in large part due to the many supported integrations that automate a significant chunk of the process. I've found the software platform really straightforward and easy to understand, and Vanta's customer success team has been great to work with.
What do you dislike about the product?
The only negative I've experienced with Vanta has been a slightly inconsistent software user experience. Different modules have slightly different interfaces or workflows, which can be a bit confusing; that said, the impact of this has been negligible, in my experience.
What problems is the product solving and how is that benefiting you?
Vanta provides us with a straightforward platform for ensuring that we remain in compliance with our chosen frameworks (HIPAA and SOC 2), and for enabling easy auditing (in the case of SOC 2). Without Vanta, we would likely need a dedicated GRC expert on our team to manage these priorities. The return on our investment in Vanta's products and services is abundantly clear for our use cases.
Automated controls testing platform ideal for SaaS heavy organisations
What do you like best about the product?
Vanta was assessed against the other market leading automated assurance & GRC platforms before being implemented. We are a SaaS heavy business and all of our tools integrate with Vanta. All testing exceptions can be escalated into Jira tickets for engineers to easily investigate. The audit module is making our SOC 2 audit much easier than via spreadsheets which were previously used. The risk management module is quite intuitive, and importing of controls, linking of evidence etc works well. User management is easy, with access via SSO.
Overall, it's a very complete automated assurance & GRC platform that is well maintained, with new functionality dropping ~monthly. Customer support is solid, and the educational resources are very helpful.
Overall, it's a very complete automated assurance & GRC platform that is well maintained, with new functionality dropping ~monthly. Customer support is solid, and the educational resources are very helpful.
What do you dislike about the product?
Dark mode is still to be developed, and would be a nice to have.
Note that automated testing of some controls (e.g. AWS alerts / monitoring) will only be applicable if your organisation leverages that 'out-of-the-box' functionality specifically. If your organisation has a more custom built tech stack (e.g. Splunk monitoring), some of the automated controls testing will need to be evidenced manually.
Also note that a number of Vanta's integrations do not currently have automated testing of controls beyond UAR, so check your tech stack against Vanta's list of integrations during your procurement process.
Note that automated testing of some controls (e.g. AWS alerts / monitoring) will only be applicable if your organisation leverages that 'out-of-the-box' functionality specifically. If your organisation has a more custom built tech stack (e.g. Splunk monitoring), some of the automated controls testing will need to be evidenced manually.
Also note that a number of Vanta's integrations do not currently have automated testing of controls beyond UAR, so check your tech stack against Vanta's list of integrations during your procurement process.
What problems is the product solving and how is that benefiting you?
Previously we had a very manual GRC & audit process, which has now been systemised via Vanta.
Streamline Compliance with a central hub for policies, tests and controls
What do you like best about the product?
Clarifies the requirements of a lot of important security standards, primarily ISO 27001 and SOC 2.
- Guidance available to gather the required evidence or steps to implement compliant practices.
- Guidance available to gather the required evidence or steps to implement compliant practices.
What do you dislike about the product?
Searching for specific policies and keywords could be clearer, it requires a degree of familiarity making it less useful for end users.
What problems is the product solving and how is that benefiting you?
Aligning the security and compliance requirements of ISO 27001 and SOC 2, making it clear which elements are shared and the specific items required to test and evidence compliance.
showing 521 - 530