Vanta Reviews & Product Details

Ease of use for those who are not familiar with GRC platforms is a huge selling point. Setting up integrations and getting your GRC program up and running makes it incredibly easy for the end user; whether its a seasoned IT professional or a new compliance analyst. Review collected by and hosted on G2.com.

Some features aren't as "User Friednly" as they could be though this continues to be enhanced over time with customer feedback being taken into account. While we've had some issue with a certain 3rd party integration, Vanta has continued to make themselves and their engineers available to help resolve (even though the issue lies with the other 3rd party and not Vanta). I'm sure some of the "kinks" I refer to will be worked out over time with future sprints and continued customer feedback. Review collected by and hosted on G2.com.

Vanta has made a tremendous differnece in simplifying security compliance processes. The platform has provided us with automation that makes frameworks like SOC 2 and ISO 27001 much more manageable for us and reducing a huge amount of manual work. We also have utilized its integrations with our cloud provider and which allowed us to streamline security monitoring and make audits easier.

I would like to give a shoutout to the customer support that has been responsive whenever we needed assistance.

Overall, Vanta has been a great solution for out team that has helped us improce security posture and manage compliance efficiently. I Would recommend the businesses if someone is looking for a structured approach to compliance. Review collected by and hosted on G2.com.

Ideailly we would prefer a more cusomtizable workflow at the moment it is somewhat limited. This would help us tailor the compliance a little better to our needs. However, as is it is its still a great a product and i can understand that vanta cant make products tailored specificaly for each individual company needs. Review collected by and hosted on G2.com.

Automated Compliance – Saves time by automating security checks.

Continuous Monitoring – Keeps security strong 24/7.

Easy Audit Process – Makes audits faster and simpler.

User-Friendly Dashboard – Clear insights into security status.

Strong Integrations – Works well with JumpCloud, GitHub, AWS and so many applications. Review collected by and hosted on G2.com.

Bit High Cost – Expensive for small businesses.

Initial Setup Effort – Requires time and effort to configure properly.

Limited Customization – Some reports and features lack flexibility.

Occasional False Alerts – flag some issues that are not actual risks.

Support Response Time – slow customer support. Review collected by and hosted on G2.com.

Vanta made a complicated task of managing and validating controls across multiple frameworks in an actionable set of tasks. Vanta's integrations really helps automate much of the checks and balances against compliance. It's a critical tool in our stack towards security compliance. Review collected by and hosted on G2.com.

We've had some issues getting the the device monitoring to reflect what shows in our Microsoft MDM. Monitoring this has been a bit of a struggle and something we've been hoping to get clarity on resolving. While we were going through audits it was a bit clunky in the sense that there was numerous instances of active audits with our auditors. Our auditors mentioned that this happens often through Vanta. It was a bit cumbersome keeping track of the correct audit in Vanta with our auditors. Review collected by and hosted on G2.com.

The organization that provides documentation for regulatory compliance is very useful. The interface is easy to handle and very intuitive, the "starter guide" is an excellent starting point for those of us who had no experience. The integrations are very easy to perform and work as they should. Although it is not perfect, the Ilma bot can answer 95% of the questions you have as long as you formulate the question appropriately, it is truly an excellent support tool, and those it cannot resolve are quickly escalated to an operator. The risk assessment system is notable, as well as the "trust center" offered from a certain percentage. Review collected by and hosted on G2.com.

Being part of a Spanish-speaking company, we have encountered a significant limitation when developing policies and documents. At the time of this review, the web interface of the platform is only in English. Although the language can be configured in both the "company" and "my account" sections, this does not change anything in the interface. The main problem this causes is when generating policy templates in Spanish, as we have to invest time in a process to adapt the translation and the meaning of the text to align them with the company. This requires considerable time and should be taken into account when planning progress. The Vanta agent offered as a solution really cannot be recommended, it would be pertinent to integrate an MDM solution. It takes a long time to acquire the information and only detects encryption by BitLocker. For the review of Vendors, an additional solution is offered that must be paid for separately. Review collected by and hosted on G2.com.

It is easy to navigate and find information.

AWS resources are shown clearly, and when AWS references an AWS resource in a test, it links directly to it in the AWS console, which is super helpful.

The application has been reliable with few bugs.

While they have lots of integrations, it was also really useful and easy to build a "private integration" for our own application, so we could track MFA settings for own application inside of Vanta. Review collected by and hosted on G2.com.

It makes some assumptions in the identity provider that prevent us from using it fully. It is not a complete blocker though.

We use Google Workspace, but some team members have multiple inboxes in Google Workspace. If we tell Vanta to populate the list of People in Vanta from Google Workspace, there is no way to deduplicate these Google accounts, and say they are used by the same person.

I either have to mark them as out of scope, which means they are not tested for MFA, or I have to mark Google Workspace as NOT our identity provider, and then manually create users in Vanta.

Similarly, it assumes all monitoring of AWS is done in Cloudwatch. However, we use Datadog for monitoring. There is a Datadog integration, but Vanta currently has no way to mark a Datadog monitor as meeting the monitoring requirements in a failing control test for an AWS resource.

As I said though, these have been more "wish list" items than blockers. Review collected by and hosted on G2.com.

Hi, my name is Marlyn & I work in a Cloud computing Saas startup organisation based in Bengaluru. I recently had the pleasure of working with the Vanta customer support to ensure my team met our compliance requirements and I cannot recommend them enough. I am very new to the process and needed guidance and had many questions. The team demonstrated exceptional expertise, guiding us through each step with clarity and efficiency. They were always available to address our questions and provide actionable solutions tailored to my needs. Paige was extremely dedicated in making the process smoother than I anticipated. Thanks to her support, we were able to complete our compliance requirements on time & with confidence. I was able to guide my employees seamlessly. A big thank you to Page and the Vanta team for their professionalism and outstanding service :) Review collected by and hosted on G2.com.

Nothing. It was smooth, better than my expectations. Review collected by and hosted on G2.com.

Vanta automations has been the best, most reliable and allow us to automate the routine security monitoring tasks. The support team is always quick to respond and makes our life working with the product so easy. Vanta seamless integration with other products help us achieve security and compliance across all our products. It offer very insightful security and compliance reports that allow us to continuously monitor the security and compliance status of our tools and systems. Vanta provide real-time alerts any time an issue has been detected which allow us to fix the issues quickly before they spread. Review collected by and hosted on G2.com.

Vanta has not shown any weaknesses at all so far. It works so perfectly for us and all its features are in great working conditions. Nothing at all to dislike. Review collected by and hosted on G2.com.

Vanta has been the most simple and easy to use automated governance, risks and compliance tool. The easy of implementation with the intuitive interface and seamless integration makes it great for all users from management to operationally.

Vanta is the go to tool, on a daily to day basis for getting stats and activtely monitoring compliance across various standards.

The customer sucess managers are always well informed and provide a wealth of know, excellent support on all aspects. Review collected by and hosted on G2.com.

There can be areas of Vanta that can be improved and innovated around the Privacy requirements, as areas of GDPR is worldwide.

The development of DPIA, ROPAs can be useful for the integration of security and privacy. Review collected by and hosted on G2.com.

Its a great way to kick-start your journey to compliance with security standards like ISO27001 or SOC 2 Type 2. Vanta helps you design policies and stay compliant through automation and demonstrate it through trust center.

I make heavy use of its vendor risk management as well.

Customer support has been great from Krista V. Review collected by and hosted on G2.com.

The vendor risk management assumes that your vendors are mainly SaaS and so there is some awkwardness with out of the box questions when they are not (e.g. an MSP).

The API isn't fully featured so if you want to do a bespoke integration yourself, you may run into API restrictions and will need to use a "glue" system as only official integrations are pull, your own via API will be a push. Review collected by and hosted on G2.com.