Resources

Curated content for the compliance connoisseur: We cover the latest on frameworks, risks, and security trends.

Show filters

Security

Content Type
Tags
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Security
Event
Enhancing Security with Trust Center

What is a Trust Center, and how can growing businesses leverage one to proactively demonstrate their commitment to security?

Cybersecurity
Security
Blog
Our approach to lifecycle management at Vanta

Lifecycle management is the process of overseeing employees, their systems, and their hardware from onboarding to offboarding. Here's we do it at Vanta.

No items found.
Security
Event
Building a security program

If you are building your company's security program, you likely have some questions. We're here to answer (almost) all of them.

No items found.
Company news
Blog
Introducing Vanta Trust Center and the State of Trust Report

We’re thrilled to announce the introduction of Trust Center in addition to our annual State of Trust Report.

Building Trust
Security
Event
Uncovering global security trends from Vanta’s State of Trust Report

Join Vanta as we share insights from our latest State of Trust Report. This 2023 report surveyed 2,500 security and IT professionals across the US, UK, Germany, France, and Australia to find out what’s top of mind, from generative AI to proving customer trust in a hybrid world.

Building Trust
Security
Blog
How Vanta migrated MDM platforms in just 3 days

Earlier this year, the Vanta EE team migrated our internal Mobile Device Management (MDM) platform to help Vanta continue to scale our MDM strategy as we grow.

Engineering
Security
Blog
Getting started with procurement

If you’re part of a startup or small company and haven’t thought about procurement just yet, chances are that you should. Here are some best practices on how to start thinking about procurement.

No items found.
Security
Blog
Vanta’s AI principles: Building with trust and transparency

Our AI principles outline how we plan to steward the safe and effective deployment of AI at Vanta. Read more about Vanta’s AI principles.

AI
Security
Blog
How Heyhack integrates automated pen testing with Vanta

Heyhack helps customers gain a complete overview of their application portfolio so they can remediate security issues quickly. Learn how Heyhack integrates with Vanta.

Integrations
Product updates
Blog
How does Vanta work? Top product questions about the Vanta Platform

Want to get a peek into the Vanta platform? Have questions about how Vanta works? Check out this blog.

Features
Security
Blog
How Riot integrates with Vanta to increase cybersecurity awareness

Riot combines learning modules and phishing simulations to raise cyber awareness and solve compliance needs. Find out how Riot integrates with Vanta using the Connectors API.

Partners
Integrations
Security
Blog
How we operationalize security risk assessments at Vanta

Risk assessments are exercises that help an organization understand, analyze, and address the most significant risks to their objectives. Read on to learn we approach security risk assessments at Vanta.

No items found.
Security
Blog
How to perform effective user access reviews

Performing regular user access reviews help ensure that current employees have access to the right tools and also limits access to only those who need access.

Engineering
Experts
SOC 2
Event
Demonstrating security while pursuing your SOC 2

Maintaining robust security measures and meeting compliance requirements are paramount in today's fast-paced digital landscape.

No items found.
Security
Guide
How to build trust and unlock growth checklist

Learn how to turn security into a competitive advantage with our five-step checklist. Kickstart a security program that unlocks your deals by building trust.

No items found.
Security
Blog
How we scaled our security culture at Vanta

Our security culture is one of the most powerful ways to achieve our mission.

Engineering
Security
Blog
How Vanta uses Okta for identity and access management

Learn how Vanta uses Okta for internal identity and access management (IAM) to help provide a seamless access experience for our employees.

Engineering
Compliance
Blog
How to start a security compliance program

With a security compliance program, companies can demonstrate that they meet designated security requirements and objectives. Here's how to start one.

No items found.
Security
Blog
Lessons from Vanta’s WebAuthn migration

Rob Picard and Jess Chang from Vanta's Security team explain why and how we migrated to WebAuthn as the mandatory way to log into Okta.

Cybersecurity
Security
Blog
Our approach to threat modeling

The goal of threat modeling is to make better decisions. In this post, the Vanta Security team shares their approach.

Risk Management
Security
Event
Ask Me (Almost) Anything: AI & Compliance

Wondering about AI and what it means for your company’s compliance program? You can ask these privacy and security experts (almost) anything! Join Vanta’s AM(almost)A on June 27 at 10 am PT and 1 pm ET to connect with Matt Cooper, Senior Manager of Privacy, Risk, & Compliance, and Rob Picard, Security Lead, on emerging trends in AI and compliance. They’ll answer questions and share practical advice to help you navigate this evolving landscape and stay ahead of the curve.

Cybersecurity
Security
Guide
How to minimize third-party risk with vendor management

Get insights and best practices from security & compliance experts on how to manage third-party vendor risk in this free guide.

Cybersecurity
Security
Event
Ask Me (Almost) Anything: US Data Privacy

CCPA/CPRA, CPA, CTDPA, UCPA, and VCDPA — that’s a lot of acronyms, and a lot of questions around compliance.

Cybersecurity
Security
Guide
Shift Left: How to turn security into revenue

Turn security into a competitive advantage for your business. Get our free ebook to learn how centering security in the buyer journey can help you unlock revenue.

No items found.
Security
Blog
Meet the Vanta Privacy, Risk, & Compliance Team

The Vanta Privacy, Risk, & Compliance team provides internal and external support for our customer, auditor, and partner experience in service of the company’s mission to secure the internet.

Experts
Compliance
Risk Management
Security
Event
Scaling with security: How to streamline your ISO 27001 certification

In this on-demand webinar you'll learn: How being ISO 27001 certified benefits your business The five main requirements in the certification process How automation can lead to a more cost-effective path to ISO 27001 compliance The value of continuous security monitoring during the two-year surveillance audit

Cybersecurity
Security
Blog
Building trust with vendor management

If you’re working towards a stronger security posture, your vendors are going to play an increasingly important role. Read more to learn what a robust vendor management process looks like.

Risk Management
Product updates
Blog
Introducing Vanta’s Security and Privacy Training Library

Today we’re excited to introduce Vanta’s new security and privacy training library, developed by our in-house team of security, privacy, and compliance experts to help ensure your employees learn about important and required principles for each framework.

Features
Security
Event
Coffee & Compliance: How to Proactively Manage Vendor Risk

Join Aaron Kraus, Director of InfoSec at Butterfly MX, and Gig Walsh, Director of Security and Compliance at LinkSquares on June 20 at 12 PM PST as they discuss best practices for vendor risk management with Eric Martin, Head of Sales at Vanta in this live webinar discussion.

Risk Management
Security
Blog
Meet the Vanta Enterprise Engineering Team

Vanta's Enterprise Engineering team provides essential internal operational support, manages the employee lifecycle, and partners closely with other teams to keep Vanta safe and secure.

No items found.
Security
Event
Vanta in Action: Trust Reports with Lumos

Starting from presales, all the way to winning new business and renewing with existing customers, how do you showcase the strength of your security, decrease the time spent on requests for security questionnaires, and not derail the sales process?

No items found.
SOC 2
Blog
Fitting incident management into the SOC 2 puzzle

If you’re looking into a SOC 2, it’s also worth looking into an incident management tool at the same time. The latter will help you with many requirements to secure a SOC 2 and make your organization more efficient when responding to incidents.

No items found.
Security
Blog
Meet the Vanta Security Team

The Vanta Security team’s mission is to ensure that Vanta is a trusted and trustworthy steward of sensitive data. Meet the team that helps keep Vanta secure and compliant.

Experts
Product updates
Blog
A new way to proactively manage third-party risk: Vendor Risk Management

Vendor Risk Management helps security professionals proactively identify and assess third-party risk, streamline security reviews, and quickly remediate issues.

Risk Management
Features
Security
Blog
From reactive to proactive: Leveraging vCISO solutions to elevate managed security services

Discover how MSPs can leverage vCISO solutions to elevate their security offerings, build client trust, and scale services for sustainable business growth

Partners
Security
Blog
What is a trust management platform?

How do you get compliant, stay secure, and demonstrate trust continuously? That’s where a trust management platform comes in. Learn more.

Compliance
Risk Management
Building Trust
Product updates
Blog
Introducing Questionnaire Automation

With features like auto-complete functionality and access to Vanta’s policies and documents, Questionnaire Automation streamlines the security questionnaire process, making it easy for organizations to complete questionnaires in minutes.

Features
Security
Guide
Access reviews are mission critical: Here’s how to get security risk management right

Access reviews are mission critical for the security of your business. Learn how to implement user account management controls to prevent unauthorized access to critical business data. 

Compliance
Risk Management
Product updates
Blog
Introducing Custom Frameworks to the Vanta Platform

Custom controls and custom frameworks help compliance teams centralize and customize the way their security work gets done in Vanta.

Features
Security
Event
Coffee & Compliance: What is your secrets strategy?

Join Rob Picard, Security Lead at Vanta, and Brian Vallelunga, CEO and Founder of Doppler for the newest episode of Coffee & Compliance as they reveal secrets… about secrets strategy.

Cybersecurity
Compliance
Event
Convos with Customers: ResoluteAI

Eléonore Dixon-Roche, Senior Product Manager at ResoluteAI, explains how Vanta helped her step outside of her role and take on managing security and compliance for her company.

Compliance
Security
Blog
Vulnerability scanning tools: What are they and how should they be used?

Keeping your data secure relies on tracking down and fixing vulnerabilities. Find those open doors in your system with vulnerability scanning tools.

Cybersecurity
Security
Blog
When is the right time for vulnerability scanning?

As new cybersecurity threats emerge, when is the right time for vulnerability scanning? We give an overview of how to time vulnerability scans for improved security.

Cybersecurity
Compliance
Security
Blog
What is continuous security monitoring?

What is continuous security monitoring and why is it crucial to your business? Learn about continuous monitoring and best practices for ensuring security within your organization.

Features
Cybersecurity
Compliance
Compliance
Blog
How do you perform quarterly access reviews?

Periodic user access reviews prevent the risk that former employees may still retain access to sensitive corporate data and systems after being terminated. Learn how to perform quarterly access reviews.

Compliance
Cybersecurity
Features
Company news
Blog
Reimagining the future of trust with Trustpage by Vanta

Vanta announced today its acquisition of Trustpage to transform trust into a marketable advantage for companies around the world.

Building Trust
Startups
Cybersecurity
Features
Integrations
Security
Blog
What is vulnerability scanning?

What is vulnerability scanning and how can it enhance your information security? Find out everything you need to know from the Vanta security team.

Compliance
Cybersecurity
Security
Guide
The complete guide to MVSP

What is MVSP? Learn how cutting edge companies have created a lightweight universal security starting point for B2B businesses.

No items found.
Compliance
Blog
Do you need penetration testing for compliance?

Software Secured, a Vanta partner, gives an overview of penetration testing and the differences between prescriptive and descriptive compliance frameworks.

Compliance
Experts
Partners
Security
Event
Coffee & Compliance: Demystifying access reviews

Join security experts Matt Cooper and Bart Tissue of Vanta as they discuss the importance of conducting regular access reviews in the newest episode of Coffee & Compliance.

Compliance
Cybersecurity
Compliance
Event
Convos with Customers: Explo

Learn how the co-founder of Explo, Gary Lin, uses Vanta to manage security and compliance at a quickly growing startup.

Compliance
Security
Blog
What is an access review?

An access review describes the process of monitoring the rights and privileges of everyone who can interact with data and applications.

Cybersecurity
Risk Management
Features
Security
Event
Prove trust to prospects: How to win deals in an economic downturn

In this on-demand webinar, you’ll hear from industry expert Rob Picard, Senior Manager for Security & Engineering at Vanta, on how to leverage automated compliance and Trust Reports to communicate security posture and instill trust with prospects.

Building Trust
Compliance
Event
How to scale compliance at a hyper-growth company

Watch our webinar to hear from security leaders who have leveled up their compliance programs during periods of hyper-growth.

Cybersecurity
Compliance
Experts
Security
Event
Coffee & Compliance: Demystifying security policies

Steven Conley, IT Audit Director at Insight Assurance, and Matthew Phillips, Lead Auditor at Vanta, discuss security policies for your organization.

Experts
Cybersecurity
Compliance
Partners
NIST
Guide
The ultimate guide to NIST 800-53

Compliance
Cybersecurity
Company news
Blog
Vanta is the #1 Leader in G2’s Winter 2023 Grid Reports for Security Compliance

Vanta is named the leader in G2’s Cloud Compliance, Cloud Security, Vendor Management, IT Asset Management, and Vendor Security and Privacy Assessment.

Experts
Cybersecurity
Compliance
Building Trust
Compliance
Event
Convos with Customers: Hook

In this Convos with Customers episode, where Firaas Rashid, Founder and CEO of Hook, explains how Vanta helped his team automate compliance by limiting manual work.

Compliance
Features
Experts
Security
Event
Coffee & Compliance: The future of endpoint security

Join us for our newest episode of Coffee & Compliance, where we discuss the future of endpoint security with Scott Simkin, VP, Portfolio and Product Marketing from CrowdStrike.

Cybersecurity
Engineering
Experts
Security
Event
Convos with Customers: Vanta x Signeasy

Signeasy’s Head of Compliance & Info Systems Bineeta Mitra explains how a small but mighty team of one manages SOC 2 compliance with Vanta.

Features
Compliance
Startups
NIST
Guide
The ultimate guide to NIST 800-171

Jumpstart your NIST 800-171 compliance with Vanta's complete guide to this legally required security standard.

Compliance
Cybersecurity
Risk Management
Security
Blog
Mobile device management 101: Why it matters and how to deploy

Effective mobile device management (MDM) is a core function of your company's security and compliance program. Learn why it's essential and how to do it right at every stage of growth.

Cybersecurity
Engineering
Experts
Risk Management
Startups
Compliance
Guide
The ultimate guide to ISO 27701

International privacy laws are always changing. ISO 27701 certification has become a global standard for PIMS to maintain compliance. Read our guide to get started.

Compliance
Risk Management
Compliance
Guide
The ultimate guide to FedRAMP

What is FedRAMP? Learn about the origin, certification, and compliance of FedRAMP in this guide.

Cybersecurity
Compliance
Compliance
Event
Convos with Customers: Vanta x InDebted

Hear how Tim Collins, Chief Compliance Officer at InDebted, uses Vanta to save time and resources in our most recent Convos with Customers episode.

Startups
Compliance
Security
Event
Coffee & Compliance: Demystifying vulnerability scanning

Join us for another episode of Coffee & Compliance where we demystify vulnerability scanning with Shawn Miller, Sr. Community Engineering Manager of Snyk.

Experts
Risk Management
Product updates
Blog
Vanta announces enhanced Access Reviews solution

We're thrilled to announce a big update to our Access Reviews solution. Learn more about pre-built system integrations, intuitive reviewer workflows, remediation management, and more.

Cybersecurity
Features
Integrations
Risk Management
SOC 2
Event
Product Demo Webinar

See the market-leading compliance automation software in action in this on-demand product demo.

Compliance
Cybersecurity
Experts
Features
Integrations
Compliance
Guide
The ultimate guide to scaling your compliance program

Vanta’s experts have put together this ultimate guide to adding frameworks to your compliance program with strategies for protecting your data and keeping your workload manageable.

Compliance
Cybersecurity
ISO 27001
Guide
Revolutionize risk: How to manage risk with Vanta

Get a better understanding of excessive risk challenges that can be hard to identify and even harder to manage. We’ll share how Vanta relieves those challenges with our newly enhanced ISO-aligned Risk Management solution.

Compliance
Risk Management
SOC 2
Event
Convos with Customers: Vanta x SlapFive

On the newest episode of Convos with Customers, SlapFive Co-founder & CEO Jeff Ernst explains how SlapFive uses Vanta to automate compliance, close deals faster, and build trust with customers.

Compliance
Experts
Startups
Product updates
Blog
New in Vanta | October 2022

This month's update includes our new Risk Management solution, plus updates to System Description, Test SLAs, Event Log tracking, and Custom Tag support.

Cybersecurity
Features
Compliance
Event
Coffee & Compliance: Choosing the right compliance standard for your business

Join us for another episode of Coffee & Compliance where we discuss best practices for choosing a compliance standard for your company.

Compliance
Experts
Cybersecurity
Security
Event
Coffee & Compliance: Hiring for security and compliance

Join cybersecurity expert Rob Picard as he chats with seasoned engineering and security leader Karthik Rangarajan.

Experts
Compliance
Cybersecurity
Security
Blog
What is a security operations center (SOC) analyst?

Thinking about becoming a SOC analyst? Learn more about this important cybersecurity role and how to get started in a growing industry.

Cybersecurity
Experts
Startups
Risk Management
SOC 2
Event
Convos with Customers: Vanta x Databook

Security and Compliance Manager Anne Simpson talks about how Databook automates their compliance with Vanta.

Compliance
Company news
Blog
Building bridges: How Vanta helps EMEA-based companies navigate complex EU regulations

Is your organization ready for international regulations? These three Vanta customers are—find out how they did it!

Compliance
Risk Management
Startups
Security
Event
De-risky business: How to assess and mitigate risk

Learn how to leverage tooling and automation to simplify the entire risk assessment process.

Risk Management
Compliance
Experts
SOC 2
Event
Convos with Customers: Vanta x JourneyTrack

Join Co-Founder and CTO Carol Hindsman to learn how JourneyTrack delegates tasks and stays compliant using Vanta.

Compliance
Cybersecurity
Security
Event
Coffee & Compliance: Managing Audit Exceptions

Join cybersecurity and data privacy expert Matt Cooper as he chats with former auditor Andrew Gulrajani.

Experts
Compliance
Company news
Event
Building to $10MM in ARR (before taking a series A)

CEO Christina Cacioppo shares 5 lessons from Vanta’s journey of achieving hyper-growth without a huge cash surplus.

Cybersecurity
Startups
Experts
Security
Blog
Playbook: How to announce your security achievements

Here's a blueprint for announcing updates to your security posture, whether it's SOC 2 compliance or any other security-related achievement.

No items found.
Security
Blog
5 tips for building trust and security with Trust Center

Our top tips to help you develop an impactful Trust Center for your business.

No items found.
Security
Event
Coffee & Compliance: Demystifying risk assessment

Join cybersecurity and data privacy expert Matt Cooper on this episode of Coffee & Compliance for a quick and informative overview of a risk assessment.

Risk Management
Compliance
Experts
Security
Blog
Five great DIY Trust Centers

After reviewing hundreds of such pages, we are excited to share a selection of our favorite Trust Centers to inspire you to create your own.

No items found.
Company news
Event
Break in case of emergency: How to recession-proof your startup

Sequoia Capital partner Andrew Reed and Vanta CEO Christina Cacioppo share best practices at the 2022 Collision Conference.

Experts
Cybersecurity
Security
Blog
How engineers can tackle data privacy and security

Vanta joins The Stack Overflow podcast to discuss how engineers can help their organizations get ahead on security, compliance, and privacy.

Compliance
Cybersecurity
Features
Engineering
Security
Guide
State of Startup Security Report 2022: A transforming security landscape

In the State of Startup Security Report, Vanta shares all the data from our most recent survey which asked startups to honestly and anonymously discuss security processes and priorities.

Compliance
Cybersecurity
Startups
Compliance
Blog
Your Vanta journey: What to expect from the customer experience

Our customers are at the center of everything we do. In this article, we’ll show you what it’s like to prove, and improve, your security as a Vanta customer.

Compliance
Experts
Company news
Blog
Engineering at Vanta: How we imported our AWS environment into Terraform

Find out how we resolved a host of issues by importing our AWS environment into Terraform.

Engineering
Security
Blog
How Vanta's engineering team improved productivity with esbuild

Find out how Vanta’s engineering team accelerated the developer feedback loop with esbuild.

Experts
Engineering
Company news
Blog
How Vanta is helping identify Log4j vulnerabilities

Although Vanta was not affected by the recent Apache Log4j vulnerability, we're working closely with impacted customers and helping to identify strategies to remediate any security concerns. Learn more about how Vanta can help.

Cybersecurity
Company news
Blog
Vanta and Fintech Infrastructure introduce the Open Finance Data Security Standard (OFDSS)

Fintech infrastructure and Vanta collaborate on data security requirements optimized for early and growth-stage digital finance companies.

Cybersecurity
Compliance
Partners
Features
Security
Event
Security compliance and the enterprise sale

How to make your potential customers feel confident about your security posture.

Startups
Experts
ISO 27001
Blog
The evolution of information security audits

Vanta’s Matt Cooper recently spoke at Cobalt's SecTalks 2021 and discussed how audit irritation spurred the idea for compliance automation and how information security audits are evolving.

Cybersecurity
Experts
SOC 2
Blog
Why a SOC 2 is the most accepted security compliance standard

Learn why enterprises trust SOC 2 compliance and how your organization's growth may depend on it.

Compliance
Cybersecurity
SOC 2
Blog
5 Principles for building a secure product

A Startup Grind 2021 Session recap with Christina Cacioppo.

Cybersecurity
Startups
SOC 2
Event
Selling to the enterprise? Avoid these 3 lurking deal killers

Avoid these 3 lurking deal killers

Compliance
Experts
Security
Guide
Penetration testing 101

What is a penetration test and why your company might need one

No items found.
SOC 2
Blog
Walking the walk: SOC 2 Type II

Lessons learned from Vanta's SOC 2 journey and how we leveraged Vanta to get compliant.

Compliance
Cybersecurity
Features
No results found 🤷

Get compliant and
build trust, fast.