Da 17 anni aiutiamo le aziende
a scegliere i migliori software
Cos'è Vanta?
Vanta è un esperto di sicurezza e conformità automatizzato, scelto da centinaia di aziende per la preparazione a SOC 2. Ti offre tutto il necessario per preparare rapidamente le ispezioni di conformità. Grazie a strumenti di facile utilizzo per la valutazione delle lacune e la valutazione e correzione dei rischi, questo software riduce i tempi di preparazione per SOC 2, con un significativo risparmio in termini di tempo, stress e denaro. Quando la tua azienda è pronta per quell'ispezione SOC 2, ti aiuterà a trovare un revisore adatto alle tue esigenze di conformità. Inizia a utilizzarlo oggi stesso.
Chi utilizza Vanta?
Vanta è al servizio di aziende basate sul cloud che hanno da 2 a 1.000 dipendenti.
Hai dubbi su Vanta?
Confrontalo con un'alternativa popolare
Vanta
Recensioni su Vanta
Great GRC instrument
Aspetti positivi:
Policy creation and management. Toons of integration and automated tests. Very cool integrated vulnerability management.
Aspetti negativi:
Risk management can be more flexible. We started the new approach to risk assessment and can’t use internal risk management instrument so we made it in excel :-)
Alternative considerate:
Essential for Compliance
Commenti: We needed to get SOC 2 audit ready and were only progressing slowly with the manual approach. As it turned out that manual preamble was useful because when we started using Vanta, we understood the terminology and understood what was wanted.
Aspetti positivi:
Vanta enabled us to move our compliance (SOC 2, and next PCI) projects forward in an organized and monitored manner. After struggling manually with SOC 2 requirements with a major accounting firm, we got to audit readiness in half a year and felt confident going into our audit.
Aspetti negativi:
There is definitely a learning curve, and I am sure the system has useful features that I have not encountered yet. That is not really a negative, though.
Awesome tool to make your company audit ready
Aspetti positivi:
The automation that Vanta offers, does get you really far on your path to become a certified company. The policy builder is one of the best features of the service. There is a wide variety of different frameworks to choose from.
Aspetti negativi:
The start can be a bit overwhelming because there is a lot to do but you will get forward quite fast.
BUYER BEWARE
Commenti: This business charged my card for a second year without permission and after being told I would not renew. They took thousands of dollars. I needed to do a chargeback after they refused to return the money even though I notified them same day they were previously told I would not renew. It turns out they have a clause in their contact that says you need to notify them 30 days in advance of renewal. Well, guess what? I did! Still, it's a stupid clause that they use, clearly, to force clients to renew who don't realize such a clause exists. Buyer beware with this shady organization. I wouldn't recommend them to anyone, except maybe someone I didn't like.
Aspetti positivi:
The software seemed easy to use - at first, until some of my documents disappeared without explanation.
Aspetti negativi:
They lost documents, and weren't able to explain to me satisfactorily where they went. This caused me to question renewal. I notified them I wouldn't renew without a good explanation, which I never got. Also, they make very difficult to reach them when you have a problem. At the time of this writing, no phone numbers in any email signatures, not on the web site either. You're forced into their process, and if they choose not to answer you via their web form, good luck. It's a black box at that point.
Makes compliance easier
Commenti: It makes what would be a really difficult and laborious task into something that is easy to manage and maintain. It also makes extending compliance to other areas really straightforward too.
Aspetti positivi:
Without Vanta we would definitely not have been able to achieve SOC2 compliance throughout our business and then have visibility of maintaining that status. The dashboard and easy progress bar indicating where work is still needed guides you through everything you need to know and achieve.
Aspetti negativi:
They require you to install an agent of every computer, which makes sense to be able to monitor certain things but this can become a pain in a remote business with lots of employees.
Compliance simplified
Commenti: Very good. We have been able to formalize our internal security programs and successfully completed our SOC2 audit. The Vanta team has always been very responsive to our needs, soliciting feedback and promptly answering questions (no matter how basic) and guiding is in the right direction.
Aspetti positivi:
We love that Vanta has made it easy for us to develop a comprehensive InfoSec program and helped us prepare for our SOC2 audit. Onboarding was straightforward and the continuous monitoring ensures ongoing compliance. The product integrates with most of the software we use day-to-day and has saved a lot of time.
Aspetti negativi:
There are some areas of the UI which are a bit rough around the edges and non-intuitive, I chalk this up to Vanta being a relatively new product. It has improved a lot since we became a customer and specific areas such as the employees onboarding/off-boarding flows show that the team is constantly iterating and responsive to user feedback. In addition, I would love to see more automation in the product - we are a smaller company without a dedicated IT team. Vanta does a great job of alerting us to issues, but being able to help us take steps to remediate would be much appreciated.
Vanta works well for Compliance Management
Aspetti positivi:
Vanta is great at providing clients with a step-by-step guide on compliance. It gives the Trust center for free, which some competitors do not. They keep updating it because they listen to their customer's needs.
Aspetti negativi:
The templates for policies need a little update. Vendor assessment - a security questionnaire would be a nice-to-have as we'd like for our contractors to take a security awareness training, respond to some questions, and/or provide us with responses to a security questionnaire.
Top-Tier Automated Compliance Tracking
Commenti: Vanta has been great to work with, and continues to listen to feedback and implement fixes wherever possible. They make the audit process easy and preparation ahead of the audit simple.
Aspetti positivi:
Vanta is continually growing to provide its clients with top-tier compliance tracking. While some pieces are still managed manually, that number is dwindling as Vanta continue to expand on their already extensive automated services. Vanta support is outstanding. Vanta also makes understanding compliance targets and requirements easy.
Aspetti negativi:
The frequent changes that Vanta undergoes as they continue to improve their platform can be mildly disruptive, but the payoff is always worth it. They integrate with some of the key components of our software stack but we'd like to see more as it relates to provisioning/deprovisioning, vendor management/security assessment, and MDMs.
Great Product, Great support
Commenti: It's been great. I'm huge on support for apps. I'll pay more for an app if they have A+ support along with automations.
Aspetti positivi:
I love how easy it is to understand, the service and support. When I was first introduced to Vanta it was already set up, and while I was trying to put all the puzzle pieces together all I did was go in every day, attend/watch some webinars, my CSM has been great and it didn't take long for me to start to understand. I love that they take my feedback and pass it on to their team.
Aspetti negativi:
There was an update to the homepage, however their support team shared a quick tip on how to view the testing page ANNNND took my feedback to the why
Smooth and seamless SOC2 preparation
Commenti: We needed to get a SOC2 audit completed quickly to satisfy a customer need. Most "traditional" audit shops told us it would take 12 - 15 months. With the automation features, customer support, and auditor integration, we were done end-to-end (from signing up with Vanta to receiving our SOC2 report) in just over 5 months. Very smooth process from beginning to end - went almost exactly as advertised during the sales process - that's rare and unexpected these days.
Aspetti positivi:
User interface was intuitive - provided a clear "checklist" approach for actions to take and problems to resolve. Vanta Agent (for our laptops and (virtual) servers at AWS) is very useful to ensure continuous oversight of what's on the machine and when it needs to be updated. Working with our auditor to get our first SOC2 was also seamless and painless - the auditor plugged right into our Vanta instance and downloaded/monitored everything remotely - no need for screen shots or sending lots of documentation.
Aspetti negativi:
Would have been nice to have more integrations with some of our existing tools (monday.com, AWS Code Commit, etc.) to make the process even more automated. The automated policy generator is nice for filling holes in an existing policy suite, but isn't great if you have to make a lot of customizations to it as the "automated" part breaks down once you edit it offline. Two minor things in an overall great experience.
Vanta's automated tests are great. Dashboard is intuitive.
Commenti: Vanta's dashboard is easy to follow. Instructions for how to fix failing tests are clear. I am happy that we don't have to create these tests ourselves. And I am thankful that Vanta tells us what's important.
Aspetti positivi:
As a software engineer in charge of preparing our cloud infrastructure for security compliance, I really enjoy the automated tests that Vanta deploys to our cloud providers. These tests are comprehensive. They would take us months to create ourselves. I am happy Vanta does this for us.
Aspetti negativi:
I do not know how to efficiently triage the information I get from Vanta notifications. I get a lot of notifications about failing automated tests in my email and in my Slack. I get "alarm fatigue" and end up ignoring most of the notifications.
Great Resource for Security Compliance
Commenti: The support at Vanta is incredible and the platform continues to be a huge asset to our security compliance program.
Aspetti positivi:
I use Vanta every day for my work in compliance. The main Tasks page is extremely helpful in flagging and identifying where I need to focus my attention, which allows me to efficiently spend my energy. Being part of a smaller company (for now!), this platform was invaluable during our SOC 2 audit as a source of evidence for many technical and operational controls. My favorite features include a space for hosting security policies (they have so many awesome customizable templates, too) and tracking who has reviewed and accepted them, allowing real-time reporting on technical controls that our customers can view, and vendor and other inventories to keep track of our resources.
Aspetti negativi:
I look forward to seeing more product enhancements in the future. I would love to see more integrations or an admin-facing API so that the same groups and dates used in our identity platforms aligned here, and other user-experience efficiencies like bulk sending email reminders or viewing a person's onboarding tasks plus their assigned computer's information within one row on the same page.
Playbook for SOC-2, and Outsourced Compliance Employee!
Commenti: Having no SOC-2 background, a friend suggested checking out Vanta to speed up the SOC-2 process. We were blown away by the amount of work that needed to be completed, but working with Vanta helped automate and most importantly organize the requirements for SOC-2 type 1. Our SOC vendor was impressed by the number of things we had completed and it made our type 1 attestation a cinch - 5 weeks! We're in the process of type 2 (12 months) and Vanta has been a valuable asset to help us maintain our compliance. Without Vanta, we would have had to hire a consultant or FT employee to manage the project.
Aspetti positivi:
Ease of use, support and expertise and confidence in remaining compliant before and after the real SOC-2 process.
Aspetti negativi:
Only critique is that when we started, Vanta was very new to the market and they lacked some integrations. However, we saw rapid improvements and additional integrations during our initial work with them and they were very responsive to our needs.
Great value and support
Commenti: I found the support getting the controls to be compliant and option for auditors very useful. Additionally, the templates for documentation and automation for people and computer controls to be extremely helpful.
Aspetti positivi:
The automation, templates, features and support. The ability to view and remediate the issues with people and hardware was very useful. The document templates were very helpful in getting them done quickly.
Aspetti negativi:
One or two brief bugs in the software. They were resolved quickly!
Excellent security product
Aspetti positivi:
Vanta keeps track of our device inventory and cloud resources. Integration to our systems is seamless. The software is easy to set up and has a few great dashboards for monitoring and addressing vulnerabilities and compliance issues.
Aspetti negativi:
It is fairly easy to trick Vanta into passing a certain compliance check. It's up to the implementer of the security measures to check carefully that the resources are in compliance, since Vanta can at times provide false positives.
Best path to get to SOC 2 for early stage startups
Aspetti positivi:
Extensive integrations made it very easy to audit our entire infrastructure. Without Vanta, gathering critical evidence for our SOC 2 audit would have been a pain.
Aspetti negativi:
I wish the platform could be extended to other popular certifications such as PCI .
Finally confident in our HIPAA compliance
Aspetti positivi:
In the past we navigated our HIPAA compliance on our own. There was just too much to keep track of. Vanta has made it really easy to know if we're compliant or if there are issues we need to address.
Aspetti negativi:
There aren't really any cons. The training videos for employees are cheesy, but I don't think there's any way around that :)
Vanta makes SOC 2 compliance easy
Aspetti positivi:
Vanta makes it easy by giving you a dashboard to check regressions, and gives you easy templates of complying policies to implement in your organization.
Aspetti negativi:
The dashboard is web-UI only. An API would be nice, or even better - integrations with our existing issue trackers.
Makes security compliance fun and easy (for real)
Commenti: Killer product. Great engagement with their account management too.
Aspetti positivi:
* Clean, simple, easy to use. * Policy generation is particularly magical. * Brings structure and order to the SOC compliance mess. Overall, Vanta has gamified aspects of compliance to the point where I no longer dread or fear it. It's actually kinda fun.
Aspetti negativi:
Could use more integrations. Once you go off the beaten path, you're fully on your own.
title
Commenti: Very good customer support.
Aspetti positivi:
Easy to get overiew about your systems in use and compliance check list.
Aspetti negativi:
In general not sure about overall security.
Vanta is the future of compliance.
Aspetti positivi:
Software is intuitive, the policies alone are worth the cost, and I'm impressed by how Vanta continually expands coverage and functionality.
Aspetti negativi:
There really isn't anything I don't like about the software.