Vanta
VantaExternal reviews
2,419 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Compliance the easy way
What do you like best about the product?
Vanta made it much easier for our team to achieve SOC2 compliance by helping aggregate and monitor compliance from various sources of data from our cloud environments, they also assisted with referring us to Auditors that were familiar with our space.
What do you dislike about the product?
There were a few on-premises integrations that we would've liked specifically around GitLab on-premise. Rolling out the Vanta agent felt redundant when we were already using platforms that could ingest and report on the same data
What problems is the product solving and how is that benefiting you?
We procured Vanta to allow us to complete our SOC2 Type 2 Audit, with this complete it has allowed us to provide customers with a heightened sense of trust and security.
Self explanatory security suggestion for your apps and servers.
What do you like best about the product?
They are regularly updating and providing summary points on required action towards your application and server security tips.
Audit reports are excellent and self-explanatory.
Audit reports are excellent and self-explanatory.
What do you dislike about the product?
I feel some UI needs to be more userfriendly and responsive.
What problems is the product solving and how is that benefiting you?
We have measured server and app security and its daily points of summary and require action items to give benefits to our app.
Awesome intergrations and responsive support
What do you like best about the product?
The dashboard and automated tests that show a quick overview of our compliance
What do you dislike about the product?
The output of some tests is hard to see, also would be good to have access to the auditors tools to see what is going on.
What problems is the product solving and how is that benefiting you?
We are going for SOC2 certification and intergrations with our tool chain help for quick compliance
Easy to use and complete solution
What do you like best about the product?
We could cover and fix each item by both the tool and our customer-success specialist. After completing the checklist, we could quickly begin our audit period without any additional work.
What do you dislike about the product?
Heroku review apps are not integrated well. We had to dismiss warnings or submit information for each temporary app on our account.
What problems is the product solving and how is that benefiting you?
We could complete our requirements for a Soc2 audit. It helped us to identify our missing items and suggested solutions to them. We improved our security structure with the help of Vanta's suggestions.
Great security & compliance monitoring providor
What do you like best about the product?
I like how they strive to provide compliance solutions to make the businesses ace every possible opportunity to grow.
What do you dislike about the product?
I have no dislikes since if I need SOC2 compliance. Vanta is there to prepare me to get one, so I do not have much to worry and dislike about
What problems is the product solving and how is that benefiting you?
Vanta has helped my organization to secure and protect user data which made us achieve SOC2 compliance. I can say with confidence that the business has grown and extended to new markets. All thanks to Vanta
This has Potential
What do you like best about the product?
Vanta is unique in that it automates much of the timely process of evidence collation. It's great to be able to just point Vanta at cloud environments and let it do the heavy lifting!
What do you dislike about the product?
Vanta is only really useful as a utility towards ISO 27001 compliance - it lacks fundamental aspects of the standard for it to be the sole tool to achieve an ISO 27001 certification. Really fundamental and mandatory parts of the standard are lacking, such as the statement of applicability.
In addition, the risk management does not take all of the BAU risks of an organisation into account, instead only providing valid output against technical controls or some policy controls.
In addition, the risk management does not take all of the BAU risks of an organisation into account, instead only providing valid output against technical controls or some policy controls.
What problems is the product solving and how is that benefiting you?
Vanta has been a very effective way for the clients I work with to learn and understand ISO 27001 through the in-built templates. I am not sure how useful these templates would be in an audit scenario as they are generic to the point of almost being meaningless, but they do provide an illustrative example of how the standard works.
It just works. Vanta's integrations make SOC2/HIPAA work much smoother
What do you like best about the product?
I like how Vanta integrates with our services and perform an actual scan of the configuration, and suggests smart improvements
What do you dislike about the product?
Vanta agent should be shipped as a Mac app via Mac Store, not an Adhoc package
What problems is the product solving and how is that benefiting you?
SOC2/HIPAA attestation
Vanta gives me an action plan
What do you like best about the product?
We are a small team pursuing ISO 27001 and SOC2 certification. We are security conscious but are by no means compliance experts. The challenge for us was to figure out exactly what we need to do to meet the compliance requirements. Vanta translates compliance requirements into concrete and actionable tasks, and provides instructions for executing those tasks. They speak the language of engineers.
What do you dislike about the product?
There are some aspects of demonstrating compliance that our ISO consultant thinks could be improved. For example, demonstrating that we have a process for access reviews, and that we conduct them.
What problems is the product solving and how is that benefiting you?
The problem that we are solving with Vanta is that engineers can't interpret ISO and SOC two requirements. They need to know exactly what to do to achieve compliance. Vanta does the translation between requirements and actionable tasks.
Recommendations to others considering the product:
Vanata makes the life of engineers easier. However, not all auditors will like or be willing to use the tool. Ensure that your auditors are comfortable with using Vanta, or better yet hire your auditors through Vanta.
Useful for tracking, but gaps and some busy-work
What do you like best about the product?
It is useful to have one source for tracking and monitoring security risks and processes. Some of the integrations are helpful and have eliminated some administrative work.
What do you dislike about the product?
It is sometimes difficult to understand when an SLA will be violated. In some versions of the UI, deep-linking to specific tests or remediation instructions hasn't worked. Vanta also produces a lot of work to redress trivial risks, but failed to detect some important risks.
What problems is the product solving and how is that benefiting you?
We are using Vanta to deliver a secure software product and track our progress towards a security certification. Vanta has eliminated some administrative work, and identified some risks that other tools and processes did not.
Vanta is great for employee onboarding on SOC2 compliance
What do you like best about the product?
Vanta is great at managing computer assets, onboarding new personel and monitoring security vulnerabilities.
What do you dislike about the product?
It is hard to integrate and automate filling out the "owner" and "description" of cloud assets that are dynamically created. There should be a way to automatically assign these assets to a particular owner.
What problems is the product solving and how is that benefiting you?
SOC2 compliance, employee onboarding, policy creation.
showing 2,181 - 2,190