Resources

What is a Trust Center, and how can growing businesses leverage one to proactively demonstrate their commitment to security?

Lifecycle management is the process of overseeing employees, their systems, and their hardware from onboarding to offboarding. Here's we do it at Vanta.

If you are building your company's security program, you likely have some questions. We're here to answer (almost) all of them.

We’re thrilled to announce the introduction of Trust Center in addition to our annual State of Trust Report.

Join Vanta as we share insights from our latest State of Trust Report. This 2023 report surveyed 2,500 security and IT professionals across the US, UK, Germany, France, and Australia to find out what’s top of mind, from generative AI to proving customer trust in a hybrid world.

Earlier this year, the Vanta EE team migrated our internal Mobile Device Management (MDM) platform to help Vanta continue to scale our MDM strategy as we grow.

If you’re part of a startup or small company and haven’t thought about procurement just yet, chances are that you should. Here are some best practices on how to start thinking about procurement.

Our AI principles outline how we plan to steward the safe and effective deployment of AI at Vanta. Read more about Vanta’s AI principles.

Heyhack helps customers gain a complete overview of their application portfolio so they can remediate security issues quickly. Learn how Heyhack integrates with Vanta.

Want to get a peek into the Vanta platform? Have questions about how Vanta works? Check out this blog.

Riot combines learning modules and phishing simulations to raise cyber awareness and solve compliance needs. Find out how Riot integrates with Vanta using the Connectors API.

Risk assessments are exercises that help an organization understand, analyze, and address the most significant risks to their objectives. Read on to learn we approach security risk assessments at Vanta.

Performing regular user access reviews help ensure that current employees have access to the right tools and also limits access to only those who need access.

Maintaining robust security measures and meeting compliance requirements are paramount in today's fast-paced digital landscape.

Learn how to turn security into a competitive advantage with our five-step checklist. Kickstart a security program that unlocks your deals by building trust.

Our security culture is one of the most powerful ways to achieve our mission.

Learn how Vanta uses Okta for internal identity and access management (IAM) to help provide a seamless access experience for our employees.

With a security compliance program, companies can demonstrate that they meet designated security requirements and objectives. Here's how to start one.

Rob Picard and Jess Chang from Vanta's Security team explain why and how we migrated to WebAuthn as the mandatory way to log into Okta.

The goal of threat modeling is to make better decisions. In this post, the Vanta Security team shares their approach.

Wondering about AI and what it means for your company’s compliance program? You can ask these privacy and security experts (almost) anything! Join Vanta’s AM(almost)A on June 27 at 10 am PT and 1 pm ET to connect with Matt Cooper, Senior Manager of Privacy, Risk, & Compliance, and Rob Picard, Security Lead, on emerging trends in AI and compliance. They’ll answer questions and share practical advice to help you navigate this evolving landscape and stay ahead of the curve.

Get insights and best practices from security & compliance experts on how to manage third-party vendor risk in this free guide.

CCPA/CPRA, CPA, CTDPA, UCPA, and VCDPA — that’s a lot of acronyms, and a lot of questions around compliance.

Turn security into a competitive advantage for your business. Get our free ebook to learn how centering security in the buyer journey can help you unlock revenue.

The Vanta Privacy, Risk, & Compliance team provides internal and external support for our customer, auditor, and partner experience in service of the company’s mission to secure the internet.

In this on-demand webinar you'll learn: How being ISO 27001 certified benefits your business The five main requirements in the certification process How automation can lead to a more cost-effective path to ISO 27001 compliance The value of continuous security monitoring during the two-year surveillance audit

If you’re working towards a stronger security posture, your vendors are going to play an increasingly important role. Read more to learn what a robust vendor management process looks like.

Today we’re excited to introduce Vanta’s new security and privacy training library, developed by our in-house team of security, privacy, and compliance experts to help ensure your employees learn about important and required principles for each framework.

Join Aaron Kraus, Director of InfoSec at Butterfly MX, and Gig Walsh, Director of Security and Compliance at LinkSquares on June 20 at 12 PM PST as they discuss best practices for vendor risk management with Eric Martin, Head of Sales at Vanta in this live webinar discussion.

Vanta's Enterprise Engineering team provides essential internal operational support, manages the employee lifecycle, and partners closely with other teams to keep Vanta safe and secure.

Starting from presales, all the way to winning new business and renewing with existing customers, how do you showcase the strength of your security, decrease the time spent on requests for security questionnaires, and not derail the sales process?

If you’re looking into a SOC 2, it’s also worth looking into an incident management tool at the same time. The latter will help you with many requirements to secure a SOC 2 and make your organization more efficient when responding to incidents.

The Vanta Security team’s mission is to ensure that Vanta is a trusted and trustworthy steward of sensitive data. Meet the team that helps keep Vanta secure and compliant.

Vendor Risk Management helps security professionals proactively identify and assess third-party risk, streamline security reviews, and quickly remediate issues.

Discover how MSPs can leverage vCISO solutions to elevate their security offerings, build client trust, and scale services for sustainable business growth

How do you get compliant, stay secure, and demonstrate trust continuously? That’s where a trust management platform comes in. Learn more.

With features like auto-complete functionality and access to Vanta’s policies and documents, Questionnaire Automation streamlines the security questionnaire process, making it easy for organizations to complete questionnaires in minutes.

Access reviews are mission critical for the security of your business. Learn how to implement user account management controls to prevent unauthorized access to critical business data. 

Custom controls and custom frameworks help compliance teams centralize and customize the way their security work gets done in Vanta.

Join Rob Picard, Security Lead at Vanta, and Brian Vallelunga, CEO and Founder of Doppler for the newest episode of Coffee & Compliance as they reveal secrets… about secrets strategy.

Eléonore Dixon-Roche, Senior Product Manager at ResoluteAI, explains how Vanta helped her step outside of her role and take on managing security and compliance for her company.

Keeping your data secure relies on tracking down and fixing vulnerabilities. Find those open doors in your system with vulnerability scanning tools.

As new cybersecurity threats emerge, when is the right time for vulnerability scanning? We give an overview of how to time vulnerability scans for improved security.

What is continuous security monitoring and why is it crucial to your business? Learn about continuous monitoring and best practices for ensuring security within your organization.

Periodic user access reviews prevent the risk that former employees may still retain access to sensitive corporate data and systems after being terminated. Learn how to perform quarterly access reviews.

Vanta announced today its acquisition of Trustpage to transform trust into a marketable advantage for companies around the world.

What is vulnerability scanning and how can it enhance your information security? Find out everything you need to know from the Vanta security team.

What is MVSP? Learn how cutting edge companies have created a lightweight universal security starting point for B2B businesses.

Software Secured, a Vanta partner, gives an overview of penetration testing and the differences between prescriptive and descriptive compliance frameworks.

Join security experts Matt Cooper and Bart Tissue of Vanta as they discuss the importance of conducting regular access reviews in the newest episode of Coffee & Compliance.

Learn how the co-founder of Explo, Gary Lin, uses Vanta to manage security and compliance at a quickly growing startup.

An access review describes the process of monitoring the rights and privileges of everyone who can interact with data and applications.

In this on-demand webinar, you’ll hear from industry expert Rob Picard, Senior Manager for Security & Engineering at Vanta, on how to leverage automated compliance and Trust Reports to communicate security posture and instill trust with prospects.

Watch our webinar to hear from security leaders who have leveled up their compliance programs during periods of hyper-growth.

Steven Conley, IT Audit Director at Insight Assurance, and Matthew Phillips, Lead Auditor at Vanta, discuss security policies for your organization.

Vanta is named the leader in G2’s Cloud Compliance, Cloud Security, Vendor Management, IT Asset Management, and Vendor Security and Privacy Assessment.

In this Convos with Customers episode, where Firaas Rashid, Founder and CEO of Hook, explains how Vanta helped his team automate compliance by limiting manual work.

Join us for our newest episode of Coffee & Compliance, where we discuss the future of endpoint security with Scott Simkin, VP, Portfolio and Product Marketing from CrowdStrike.

Signeasy’s Head of Compliance & Info Systems Bineeta Mitra explains how a small but mighty team of one manages SOC 2 compliance with Vanta.

Jumpstart your NIST 800-171 compliance with Vanta's complete guide to this legally required security standard.

Effective mobile device management (MDM) is a core function of your company's security and compliance program. Learn why it's essential and how to do it right at every stage of growth.

International privacy laws are always changing. ISO 27701 certification has become a global standard for PIMS to maintain compliance. Read our guide to get started.

What is FedRAMP? Learn about the origin, certification, and compliance of FedRAMP in this guide.

Hear how Tim Collins, Chief Compliance Officer at InDebted, uses Vanta to save time and resources in our most recent Convos with Customers episode.

Join us for another episode of Coffee & Compliance where we demystify vulnerability scanning with Shawn Miller, Sr. Community Engineering Manager of Snyk.

We're thrilled to announce a big update to our Access Reviews solution. Learn more about pre-built system integrations, intuitive reviewer workflows, remediation management, and more.

See the market-leading compliance automation software in action in this on-demand product demo.

Vanta’s experts have put together this ultimate guide to adding frameworks to your compliance program with strategies for protecting your data and keeping your workload manageable.

Get a better understanding of excessive risk challenges that can be hard to identify and even harder to manage. We’ll share how Vanta relieves those challenges with our newly enhanced ISO-aligned Risk Management solution.

On the newest episode of Convos with Customers, SlapFive Co-founder & CEO Jeff Ernst explains how SlapFive uses Vanta to automate compliance, close deals faster, and build trust with customers.

This month's update includes our new Risk Management solution, plus updates to System Description, Test SLAs, Event Log tracking, and Custom Tag support.

Join us for another episode of Coffee & Compliance where we discuss best practices for choosing a compliance standard for your company.

Join cybersecurity expert Rob Picard as he chats with seasoned engineering and security leader Karthik Rangarajan.

Thinking about becoming a SOC analyst? Learn more about this important cybersecurity role and how to get started in a growing industry.

Security and Compliance Manager Anne Simpson talks about how Databook automates their compliance with Vanta.

Is your organization ready for international regulations? These three Vanta customers are—find out how they did it!

Learn how to leverage tooling and automation to simplify the entire risk assessment process.

Join Co-Founder and CTO Carol Hindsman to learn how JourneyTrack delegates tasks and stays compliant using Vanta.

Join cybersecurity and data privacy expert Matt Cooper as he chats with former auditor Andrew Gulrajani.

CEO Christina Cacioppo shares 5 lessons from Vanta’s journey of achieving hyper-growth without a huge cash surplus.

Here's a blueprint for announcing updates to your security posture, whether it's SOC 2 compliance or any other security-related achievement.

Our top tips to help you develop an impactful Trust Center for your business.

Join cybersecurity and data privacy expert Matt Cooper on this episode of Coffee & Compliance for a quick and informative overview of a risk assessment.

After reviewing hundreds of such pages, we are excited to share a selection of our favorite Trust Centers to inspire you to create your own.

Sequoia Capital partner Andrew Reed and Vanta CEO Christina Cacioppo share best practices at the 2022 Collision Conference.

Vanta joins The Stack Overflow podcast to discuss how engineers can help their organizations get ahead on security, compliance, and privacy.

In the State of Startup Security Report, Vanta shares all the data from our most recent survey which asked startups to honestly and anonymously discuss security processes and priorities.

Our customers are at the center of everything we do. In this article, we’ll show you what it’s like to prove, and improve, your security as a Vanta customer.

Find out how we resolved a host of issues by importing our AWS environment into Terraform.

Find out how Vanta’s engineering team accelerated the developer feedback loop with esbuild.

Although Vanta was not affected by the recent Apache Log4j vulnerability, we're working closely with impacted customers and helping to identify strategies to remediate any security concerns. Learn more about how Vanta can help.

Fintech infrastructure and Vanta collaborate on data security requirements optimized for early and growth-stage digital finance companies.

How to make your potential customers feel confident about your security posture.

Vanta’s Matt Cooper recently spoke at Cobalt's SecTalks 2021 and discussed how audit irritation spurred the idea for compliance automation and how information security audits are evolving.

Learn why enterprises trust SOC 2 compliance and how your organization's growth may depend on it.

A Startup Grind 2021 Session recap with Christina Cacioppo.

Avoid these 3 lurking deal killers

What is a penetration test and why your company might need one

Lessons learned from Vanta's SOC 2 journey and how we leveraged Vanta to get compliant.