Vanta
VantaExternal reviews
2,144 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Experience with VANTA
What do you like best about the product?
The tool allows for multiple modules to control various components of management systems, such as the compliance part for control issues according to the framework. Additionally, it allows for risk management, vendor management, and it is excellent.
What do you dislike about the product?
I would improve some things in the risk module, as it currently does not have them. For example, I would allow it to be more focused on other types of risk such as business, legal, etc., and when these categories are selected, the fields I need to fill out for this type of risk would be enabled. Even in the information security risk section, I would bring by default the fields for information assets and link them with the asset module.
What problems is the product solving and how is that benefiting you?
They help and contribute to the facilitation and management of information according to the framework we have certified, for example, ISO 27001, 27018, ISO 27701, etc. This has made it easier for us to load evidence, select controls, among other things.
Great Experience with Vanta
What do you like best about the product?
The site was super easy to use and Vanta was extremely responsive
What do you dislike about the product?
I have not found anything I would change about Vanta
What problems is the product solving and how is that benefiting you?
We needed to get SOC 2 certified
I do not know how compliance worked before this software.
What do you like best about the product?
Vanta has been an invaluable tool for us, making the SOC 2 process seamless and efficient. It simplifies compliance, saves time, and provides great visibility into our security posture. Highly recommend!
What do you dislike about the product?
- Some integrations are not in place (e.g. Tailscale, LogTail).
- During SOC2 some controls were missing linked automated tests and documents which are clearly related to those controls.
- During SOC2 some controls were missing linked automated tests and documents which are clearly related to those controls.
What problems is the product solving and how is that benefiting you?
Vanta automates and streamlines the SOC 2 compliance process, eliminating the manual work of tracking security controls, gathering evidence, and maintaining audit readiness. It continuously monitors our security posture, integrates with our existing tools, and provides clear guidance, saving us time and reducing the risk of compliance gaps. This has allowed us to focus more on building our product while ensuring we meet security and compliance requirements efficiently.
Great for small teams- pass your audit first time
What do you like best about the product?
Easy to use framework for starting compliance journey
What do you dislike about the product?
Sometimes can be tricky to find your way around
What problems is the product solving and how is that benefiting you?
Preparation for various compliance frameworks
I have never worked on a security framework previously so its impressive how quickly you can get up and running in Vanta
I have never worked on a security framework previously so its impressive how quickly you can get up and running in Vanta
Very good tool for vulnerability management
What do you like best about the product?
I enjoy using Vanta because it makes it very easy to manage vulnerabilities of all resources in one place.
What do you dislike about the product?
Automated compliance in Vanta sometimes flag issues that aren't actually problems, creating unnecessary work.
What problems is the product solving and how is that benefiting you?
Vanta automates security and compliance checks, making it easier to stay on top of SOC 2, ISO 27001, and other standards. It continuously monitors cloud security, access controls, and vulnerabilities, so we don’t have to track everything manually. It also simplifies audit prep by collecting evidence automatically, saving a ton of time. Plus, it helps enforce security policies and ensures we meet SLA deadlines for fixing vulnerabilities. Overall, it reduces compliance headaches and improves our security posture without extra manual work.
Vanta ISMS Review - ISO 27001 and Trust Centre
What do you like best about the product?
We are currently utilising Vanta for ISO 27001 compliance, and it has been instrumental in helping us maintain our certification. One particularly valuable feature is its proactive compliance management, which provides timely alerts on expiring checks. A real concern for us was ensuring that compliance remains an ongoing priority rather than a one-and-done type of exercise, preventing any lapse in security as we continue to scale. Balancing proactive compliance methods with growth has been a constant juggling act for any scale-up.
We have found Vanta’s Trust Centre to be an invaluable asset, providing real-time access to our cybersecurity offerings, which we can efficiently share with customers cutting down time doing DDQs. Additionally, it serves as a central repository for critical security documentation, including DPAs, T&Cs, and cybersecurity reports, while also allowing us to manage and display our subprocessors for greater transparency and accessibility.
Our decision to choose Vanta over alternative solutions was primarily driven by its responsiveness and commitment to continuous improvement. Upon onboarding, we identified that our primary cloud provider was not yet supported, and Vanta was really good in accounting for this and promising to get this implemented in the future. Lo and behold, they are now supported bridging this gap for us.
Furthermore, Vanta has significantly enhanced our device management capabilities. We rely on the platform to track all company laptops, ensuring that they adhere to minimum security requirements and remain compliant with our internal policies.
Looking ahead, as we plan to expand into the US, Vanta’s ability to seamlessly integrate additional frameworks, such as SOC 2, will be essential in maintaining our security and compliance standards across multiple markets.
Overall, Vanta has provided us with a robust, scalable, and efficient solution for managing security and compliance, making it an indispensable part of our operations.
We have found Vanta’s Trust Centre to be an invaluable asset, providing real-time access to our cybersecurity offerings, which we can efficiently share with customers cutting down time doing DDQs. Additionally, it serves as a central repository for critical security documentation, including DPAs, T&Cs, and cybersecurity reports, while also allowing us to manage and display our subprocessors for greater transparency and accessibility.
Our decision to choose Vanta over alternative solutions was primarily driven by its responsiveness and commitment to continuous improvement. Upon onboarding, we identified that our primary cloud provider was not yet supported, and Vanta was really good in accounting for this and promising to get this implemented in the future. Lo and behold, they are now supported bridging this gap for us.
Furthermore, Vanta has significantly enhanced our device management capabilities. We rely on the platform to track all company laptops, ensuring that they adhere to minimum security requirements and remain compliant with our internal policies.
Looking ahead, as we plan to expand into the US, Vanta’s ability to seamlessly integrate additional frameworks, such as SOC 2, will be essential in maintaining our security and compliance standards across multiple markets.
Overall, Vanta has provided us with a robust, scalable, and efficient solution for managing security and compliance, making it an indispensable part of our operations.
What do you dislike about the product?
While Vanta is a powerful compliance solution, it does have some limitations, particularly for businesses that do not rely on major providers - which can limit your flexibility in scaling.
If an application is not natively supported, compliance gaps must be addressed manually, which can add to the operational burden and will give you inaccurate scores on "completion" of a certification.
Although Vanta is responsive to customer needs and continues to expand its integrations, there is no guarantee that less common or niche tools will be supported. This means businesses using custom-built systems or non-mainstream applications may struggle to fully automate compliance tracking, reducing the efficiency of Vanta’s real-time monitoring capabilities.
If an application is not natively supported, compliance gaps must be addressed manually, which can add to the operational burden and will give you inaccurate scores on "completion" of a certification.
Although Vanta is responsive to customer needs and continues to expand its integrations, there is no guarantee that less common or niche tools will be supported. This means businesses using custom-built systems or non-mainstream applications may struggle to fully automate compliance tracking, reducing the efficiency of Vanta’s real-time monitoring capabilities.
What problems is the product solving and how is that benefiting you?
Vanta has been instrumental in helping us achieve and maintain ISO 27001 compliance, streamlining the process and ensuring we stay on track with ongoing requirements.
Beyond compliance, Vanta serves as our comprehensive ISMS tool, enabling us to efficiently manage our policies, devices, and access controls.
The Trust Centre has been incredibly useful for our security posture by providing real-time visibility into our cybersecurity measures, allowing us to easily share compliance reports, agreements, and subprocessors with customers.
Beyond compliance, Vanta serves as our comprehensive ISMS tool, enabling us to efficiently manage our policies, devices, and access controls.
The Trust Centre has been incredibly useful for our security posture by providing real-time visibility into our cybersecurity measures, allowing us to easily share compliance reports, agreements, and subprocessors with customers.
Great product!
What do you like best about the product?
Vanta helped me get SOC 2 certified. It was easy to integrate, the onboarding support was good, and it helped satisfy my auditor. It also notifies via slack when things get out of shape, so it is easy for me to stay ahead of the issues all the time.
What do you dislike about the product?
Sometimes it is not clear enough how to fix the problem. Might be inherent with the benchmark, not Vanta's fault. Also - auditor still wants to add custom documents and proof.
What problems is the product solving and how is that benefiting you?
Helped me get SOC 2 certified and helps me stay that way
Vanta is usefull to scale due dilignece
What do you like best about the product?
the trust center is a good resource to self serve customers
What do you dislike about the product?
the due diligence automation feature because it only ingest spreadsheet
What problems is the product solving and how is that benefiting you?
Source of truth for security docuemntation and processes
Reliable and High-Quality partner
What do you like best about the product?
The ability to automate our audits and consolodate our evidence was the primary reason we chose Vanta and has been of great value for us, however the Trust Center functionality has also been an unexpected high point.
What do you dislike about the product?
Currently the platform is geared towards SOC2, however it does not entirely align with ISO27001 just yet. We are still working from spreadsheets for our inforamtion asset managment. It would be good to see a more robust alignment with ISO27001.
What problems is the product solving and how is that benefiting you?
We are able to significantly reduce the amount of audit preparation time as much of this is automated. In addition we can now ensure our clients and prospects have up to date access to our policies and certifications.
Meets all our needs
What do you like best about the product?
Automations and integrations make compliance a breeze
What do you dislike about the product?
Some complex solutions to meeting the requirements, which aren't always clear.
What problems is the product solving and how is that benefiting you?
Without an appointed compliance manager, we needed a tool that helped us organise and maintain our policies and procedures for compliance.
showing 641 - 650