Vanta
VantaExternal reviews
2,110 reviews
from
and
External reviews are not included in the AWS star rating for the product.
SOC2 certification
What do you like best about the product?
We decided to choose a partner that would provide tools to automate a significant amount of the tasks and controls to be implemented. Reducing the number of manual tasks would ensure reliability in the implementation and would allow timely completion. Vanta provides a high level of automation, allowing the process to be completed smoothly.
What do you dislike about the product?
There is not much to dislike, other than a better organization of the user interface.
What problems is the product solving and how is that benefiting you?
Obtaining SOC2 certification in a timely way. We were able to complete the process within the deadline.
Makes SOC 2 Much Easier.
What do you like best about the product?
Vanta is the right balance of monitoring, alerting, and tracking to make it easy to meet SOC 2 Type 1 and 2 requirements. You can choose to use all of their features or some of their features with no pain. Their SSO platform makes it easy to monitor employee computers, servers, and SLA's.
What do you dislike about the product?
Sometimes it appears that the people designing this have never had to manage compliance in real life based on density or placement of information. However, they are extremely responsive to feedback and continue to improve their designs.
What problems is the product solving and how is that benefiting you?
SOC 2 Type 1 & 2 Compliance for employee software, hardware tracking, server tracking, internal vulnerability tracking and SLA for vulnerabilities.
Recommendations to others considering the product:
They integrate really nicely with Amazon. If you run your own metal, it will take a little bit more work to get everything dialed in, but its probably still worth it.
Very useful to setup security process within your entire organization
What do you like best about the product?
Onboarding & Vanta Agent (MacOS)
Security Checklist/Monitoring
Security Checklist/Monitoring
What do you dislike about the product?
Coverage for Google Cloud Platform is not as good as I would like
What problems is the product solving and how is that benefiting you?
Excellent guidance to start implementing stronger security processes, both on technical and organisational aspects. It makes us much more confident about the way we operate by giving a lot of visibility and allow quick response time and SLA tracking.
SOC 2 audit is in progress, so cannot give a complete feedback on that topic yet.
SOC 2 audit is in progress, so cannot give a complete feedback on that topic yet.
Recommendations to others considering the product:
I think Vanta is a great tool to start implementing and monitoring security practices in a small organisation as long as your landscape is aligned with the integrated tools.
The one thing to check is the list of tools you use and how aligned it is with Vanta integrations.
The one thing to check is the list of tools you use and how aligned it is with Vanta integrations.
User friendly security tool
What do you like best about the product?
The task list is what I like best. It makes it so easy to see what task that needs to be done and how to do them. And on some tasks there is a link to the issue as well. It also shows what tasks are the most urgent and important ones so that we can prioritize without thinking about them. All in all the tool is very easy to use and makes security and compliance feel almost fun.
What do you dislike about the product?
We use the tool to get SOC2. But we would also like if there were other features that would cover our security and compliance. As checking that phones that are using company data are secure. We would also like to have the option to request features that are not in the tool and are not directly connected to compliance, but goes with the functions in the tool.
What problems is the product solving and how is that benefiting you?
The problem of not knowing what exactly we need to get SOC2 compliant in an easy and efficient way with a lot of flexibility. Vanta has made it easy to get all actions needed for SOC2 on one place. Now we can fill out tasks, create policies, handle vendors, manage computers and more in one tool.
Recommendations to others considering the product:
Vanta is a simple tool for security and compliance. If you are looking for something that is easy to use with a good overview Vanta is the tool for you. The follow-up has been remarkable, and any questions we have has has been welcomed and answered greatly.
Monitoring Compliance with Vanta
What do you like best about the product?
- Integrates with different application like Bitbucket, Jira, AWS, GCP, Checkr, Slack, GSuite
- Email notifications
- Great Customer Success Team for onboarding
- Email notifications
- Great Customer Success Team for onboarding
What do you dislike about the product?
- Integration issue were difficult to debug.
- Gaps exist, not everything is covered with Vanta that are required for SOC2.
- Not all audit firms support Vanta, however this is growing
- Gaps exist, not everything is covered with Vanta that are required for SOC2.
- Not all audit firms support Vanta, however this is growing
What problems is the product solving and how is that benefiting you?
Continuous monitoring of compliance related controls
- Monitoring employee computers for Vulnerability, 3rd applications used by the organization, Infrastructure systems
- Daily emails on the status and open issues
- Simple UI for customer to easily navigate
- Monitoring employee computers for Vulnerability, 3rd applications used by the organization, Infrastructure systems
- Daily emails on the status and open issues
- Simple UI for customer to easily navigate
Never Going Back
What do you like best about the product?
The simplicity of Vanta's to-do list to complete important compliance steps is where it all started for me. From there, it was a breeze to click into the step, follow the detailed instructions, and track our progress. Contrast that with the totally scattered Excel spreadsheets and ambiguous requirements from audit firms, and Vanta comes out miles ahead of the "DIY approach". Our customer success contact was extremely helpful as well, and she added a ton of value to our experience.
What do you dislike about the product?
Vanta is a young company and product, and there are understandable rough spots that need some polish. However, very few of those rough spots were blockers to get my work done.
What problems is the product solving and how is that benefiting you?
SOC-2 compliance and ongoing HIPAA compliance
Great integration and automation of SOC2 controls
What do you like best about the product?
Vanta gives great value to its customers by integrating with popular tools and automating most of the SOC2 controls. By monitoring our technological stack, it clearly defines the steps that we have to take to implement the controls relevant to a SOC2 audit. It is a helpful tool to manage corporate devices, manage onboarding and monitor our risk.
The support team is responsive and our success manager has always been a great help. It shows that Vanta takes into account their customers needs.
The support team is responsive and our success manager has always been a great help. It shows that Vanta takes into account their customers needs.
What do you dislike about the product?
The Vanta agent has difficulty reading Linux devices and windows servers.
What problems is the product solving and how is that benefiting you?
Vanta allowed us to start our SOC2 audit in a fraction of the time that it would have taken us with the traditional method. The platform allows us to see exactly which controls need to be implemented and to what depth. It is allowing us to monitor for vulnerabilities and monitor our inventories. We are saving time and money by knowing exactly where to put our efforts to achieve our SOC2 certification.
Recommendations to others considering the product:
Best automated tool for SOC2 compliance.
Vanta makes the process of becoming compliant very easy and straight forward.
What do you like best about the product?
It is logically built up with the automatic detection of security gaps in our IT infrastructure is great.
What do you dislike about the product?
Not all of our tools can integrate yet, so we still need to control access to some systems manually.
What problems is the product solving and how is that benefiting you?
SOC 2 compliance and we achieve that with very little resources.
Vanta - SOC2 compliance made easy
What do you like best about the product?
Vanta made our first SOC2 audit as seamless of an audit process as I could ask for. The real-time monitoring of user accounts, advice on security configuration, and the out of the box policies all helped us pass the audit with flying colors. We use it to manage vendor security as well, which has allowed us to store all of our security and compliance documentation in one spot. I've been through a number of these security audits in my career, and the process with Vanta made it more seamless and straightforward for us than I could have imagined. I've already recommended Vanta to peers at other companies and will continue doing so.
What do you dislike about the product?
I'd love to see Vanta make some improvements to their stock policies. I've spoken with their team and they've indicated this is something on their radar and they will be updating these soon.
What problems is the product solving and how is that benefiting you?
We are monitoring all user accounts with Vanta for onboarding, offboarding, and ongoing security. This allows us to manage our security infrastructure from one place which consolidates multiple tools/spreadsheets/processes down into one thing. It's awesome!
Recommendations to others considering the product:
Make sure you talk with your SOC2 auditor to ensure they understand how to use Vanta. There is a separate login for auditors to review, which makes the whole process 100x easier, but the auditors have to understand what they need to do.
Great help for SOC2 compliance
What do you like best about the product?
Vanta is a huge help for on-boarding and off-boarding employees and recording that it was done correctly for compliance purposes. For example, they correlate GitHub accounts with employees names. When an employee leaves they alert me if I have not removed their GitHub account from our org. It's little things like this that prevent me from making mistakes. It also allows auditors to see that we have been following our policies and best practices.
What do you dislike about the product?
Their risk register needs more work. It should be more flexible. I would also like to see more Kubernetes focused security monitoring.
What problems is the product solving and how is that benefiting you?
It helps us maintain compliance, particularly SOC2 compliance. It also keeps us more secure.
showing 851 - 860