Resources

Curated content for the compliance connoisseur: We cover the latest on frameworks, risks, and security trends.

Show filters

Security

Content Type
Tags
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Compliance
Event
ISO 27001 & SOC 2 Compliance Automation

Join Vanta’s 45-minute live product demo on 10th April at 1pm AEST. Two of our team members will walk you through the platform and answer questions throughout the session.

Compliance
How to use Vanta and AWS to manage vulnerabilities
Security
Blog
How to use Vanta and AWS to manage vulnerabilities

Identify your vulnerabilities with Amazon Inspector then manage and mitigate them using Vanta.

No items found.
Compliance
Event
Combating threats through a continuous compliance

In the world of cloud infrastructure, security teams frequently find themselves bouncing between tools to track alignment to compliance standards. What’s more, they must often contend with a lack of visibility into risk and potential threats.

Compliance
Features
Experts
Compliance
Event
SOC 2 & ISO 27001 Compliance Automation

Join Vanta’s 45-minute live product demo on April 16 at 10 am PST. Two of our team members will walk you through the platform and answer questions throughout the session.

No items found.
Security
Event
Security at Every Stage! How to build an enduring security program as your company grows

Join Vanta's CISO, Jadee Hanson, and seasoned security leaders at company's big and small to discuss building and maintaining an efficient and high performing security program.

Compliance
Experts
Compliance
Event
Ask Me (Almost) Anything: AI & Compliance

What does AI mean for your company’s security compliance program? Join our session on 28 March 9 am AEDT where Matt Cooper, Privacy, Risk and Compliance Manager at Vanta, and Noam Rubin, Sr. Software Engineer at Vanta, will answer (almost) all your questions about AI and compliance.

AI
Compliance
Risk Management
Compliance
Event
Automating SOC 2 compliance & more

Join Vanta’s 45-minute live product demo on March 12 at 11 am PST where Devin and Natalie will walk you through the Vanta platform and show you how we automate 90% of the work for security and privacy frameworks, and help you move towards a state of continuous compliance.

Compliance
Risk Management
Vanta in Action: Vendor Risk Management
Security
Event
Vanta in Action: Vendor Risk Management

Vendor security reviews can be manual and time-consuming, draining security teams of precious hours. Vanta’s Vendor Risk Management solution changes that, automating and streamlining security reviews so that you can spend less time on repetitive work and more time strengthening your security posture. Curious to see what it looks like?

Building Trust
Compliance
Risk Management
Automate your technical vulnerability management with Aikido and Vanta
Security
Blog
How to automate your technical vulnerability management with Aikido and Vanta

See how the integration between Aikido and Vanta can help you easily identify, manage, and automate your technical vulnerabilities to achieve and maintain compliance.

Integrations
Compliance
Event
Ask Me (Almost) Anything: Essential Eight

Join our Ask Me (Almost) Anything session on 27 February at 10 am AEDT, where Matt Cooper, Privacy, Risk & Compliance Manager at Vanta, will cover the basics and answer (almost) all your questions about Essential Eight.

Compliance
Risk Management
Vanta in Action: Vendor Risk Management
Security
Event
Vanta in Action: Vendor Risk Management

Vendor security reviews can be manual and time-consuming, draining security teams of precious hours. Vanta’s Vendor Risk Management solution changes that, automating and streamlining security reviews so that you can spend less time on repetitive work and more time strengthening your security posture. Curious to see what it looks like?

Building Trust
Compliance
Risk Management
Security
Event
Building Security Programs That Reduce Risk

In today’s evolving threat landscape, compliance is only the first step—resilience is the ultimate goal. That’s why Vanta and Huntress have teamed up to help you achieve true cybersecurity resilience.

Cybersecurity
Security
Blog
In AI we trust: AI governance best practices from legal and compliance leaders

With AI regulation still in flux, how can companies adopt AI safely and responsibly to minimize risk while accelerating innovation? Leaders from Ironclad, Anthropic, and Quora share their best practices.

AI
Automate your third-party risk management
Security
Blog
Why you should automate your third-party risk management

Discover how to navigate third-party risk management challenges in a dynamic tech environment with Vanta’s comprehensive solutions.

No items found.
Security
Blog
How AI is transforming the future of trust

What does it mean for companies to be trustworthy in an increasingly AI-driven world? Leading AI innovators and investors share their insights.

AI
Building Trust
A man and woman with the words ama on a yellow background.
Compliance
Event
Ask Me (Almost) Anything: AI & Compliance

What does AI mean for your company’s security compliance program? Watch the on-demand session where we answer audience question about AI and compliance.

AI
Compliance
Experts
Risk Management
Security
Blog
How to protect your physical infrastructure with AWS and Vanta

In this blog, we’ll cover physical and environmental infrastructure, explaining what AWS does to protect the cloud centers that store your data and what other security steps you need to take.

Cybersecurity
Security
Blog
How to use AWS and Vanta for identity and access management

Learn how to use Vanta to secure the portions of your cloud environment that AWS customers are responsible for, starting with identity and access management.

No items found.
Security
Blog
From automated compliance to AI: How investors are prioritizing security

AI and cybersecurity are top strategic priorities for companies at every scale. See how investors are thinking about security in our increasingly-AI driven world.

AI
Cybersecurity
Security
Guide
How to do penetration testing: A step-by-step guide

Learn how to perform penetration testing and when it is required.

No items found.
A magnifying glass on a purple background.
Compliance
Blog
The complete guide to compliance risk management

Understand what compliance risk management is and how to create an effective system for your organization. Click here for key tips on managing compliance risk.

Compliance
Risk Management
Security
Event
Enhancing Security with Trust Center

What is a Trust Center, and how can growing businesses leverage one to proactively demonstrate their commitment to security?

Cybersecurity
Security
Blog
What is continuous security monitoring?

What is continuous security monitoring and why is it crucial to your business? Learn about continuous monitoring and best practices for ensuring security within your organization.

Features
Cybersecurity
Compliance
Security
Blog
Our approach to lifecycle management at Vanta

Lifecycle management is the process of overseeing employees, their systems, and their hardware from onboarding to offboarding. Here's we do it at Vanta.

No items found.
Security
Event
Building a security program

If you are building your company's security program, you likely have some questions. We're here to answer (almost) all of them.

No items found.
Company news
Blog
Introducing Vanta Trust Center and the State of Trust Report

We’re thrilled to announce the introduction of Trust Center in addition to our annual State of Trust Report.

Building Trust
Security
Event
Uncovering global security trends from Vanta’s State of Trust Report

Join Vanta as we share insights from our latest State of Trust Report. This 2023 report surveyed 2,500 security and IT professionals across the US, UK, Germany, France, and Australia to find out what’s top of mind, from generative AI to proving customer trust in a hybrid world.

Building Trust
Security
Blog
How Vanta migrated MDM platforms in just 3 days

Earlier this year, the Vanta EE team migrated our internal Mobile Device Management (MDM) platform to help Vanta continue to scale our MDM strategy as we grow.

Engineering
Security
Blog
Getting started with procurement

If you’re part of a startup or small company and haven’t thought about procurement just yet, chances are that you should. Here are some best practices on how to start thinking about procurement.

No items found.
Security
Blog
Vanta’s AI principles: Building with trust and transparency

Our AI principles outline how we plan to steward the safe and effective deployment of AI at Vanta. Read more about Vanta’s AI principles.

AI
Security
Blog
How Heyhack integrates automated pen testing with Vanta

Heyhack helps customers gain a complete overview of their application portfolio so they can remediate security issues quickly. Learn how Heyhack integrates with Vanta.

Integrations
Product updates
Blog
How does Vanta work? Top product questions about the Vanta Platform

Want to get a peek into the Vanta platform? Have questions about how Vanta works? Check out this blog.

Features
Security
Blog
How Riot integrates with Vanta to increase cybersecurity awareness

Riot combines learning modules and phishing simulations to raise cyber awareness and solve compliance needs. Find out how Riot integrates with Vanta using the Connectors API.

Partners
Integrations
Security
Blog
How we operationalize security risk assessments at Vanta

Risk assessments are exercises that help an organization understand, analyze, and address the most significant risks to their objectives. Read on to learn we approach security risk assessments at Vanta.

No items found.
Security
Blog
How to perform effective user access reviews

Performing regular user access reviews help ensure that current employees have access to the right tools and also limits access to only those who need access.

Engineering
Experts
SOC 2
Event
Demonstrating security while pursuing your SOC 2

Maintaining robust security measures and meeting compliance requirements are paramount in today's fast-paced digital landscape.

No items found.
How to build trust and unlock growth.
Security
Guide
How to build trust and unlock growth checklist

Learn how to turn security into a competitive advantage with our five-step checklist. Kickstart a security program that unlocks your deals by building trust.

No items found.
A group of people sitting around a table looking at a laptop.
Security
Blog
How we scaled our security culture at Vanta

Our security culture is one of the most powerful ways to achieve our mission.

Engineering
The logo for okta on a yellow background.
Security
Blog
How Vanta uses Okta for identity and access management

Learn how Vanta uses Okta for internal identity and access management (IAM) to help provide a seamless access experience for our employees.

Engineering
Two people sitting at a desk looking at a computer.
Compliance
Blog
How to start a security compliance program

With a security compliance program, companies can demonstrate that they meet designated security requirements and objectives. Here's how to start one.

No items found.
A laptop with the word webauthn on it.
Security
Blog
Lessons from Vanta’s WebAuthn migration

Rob Picard and Jess Chang from Vanta's Security team explain why and how we migrated to WebAuthn as the mandatory way to log into Okta.

Cybersecurity
A magnifying glass with a yellow triangle on it.
Security
Blog
Our approach to threat modeling

The goal of threat modeling is to make better decisions. In this post, the Vanta Security team shares their approach.

Risk Management
Two men with the words ai and compliance on a yellow background.
Security
Event
Ask Me (Almost) Anything: AI & Compliance

Wondering about AI and what it means for your company’s compliance program? You can ask these privacy and security experts (almost) anything! Join Vanta’s AM(almost)A on June 27 at 10 am PT and 1 pm ET to connect with Matt Cooper, Senior Manager of Privacy, Risk, & Compliance, and Rob Picard, Security Lead, on emerging trends in AI and compliance. They’ll answer questions and share practical advice to help you navigate this evolving landscape and stay ahead of the curve.

Cybersecurity
How to minimize third party risk with strong vendor management.
Security
Guide
How to minimize third-party risk with vendor management

Get insights and best practices from security & compliance experts on how to manage third-party vendor risk in this free guide.

Cybersecurity
A man and woman with the words ama on a yellow background.
Security
Event
Ask Me (Almost) Anything: US Data Privacy

CCPA/CPRA, CPA, CTDPA, UCPA, and VCDPA — that’s a lot of acronyms, and a lot of questions around compliance.

Cybersecurity
The cover of vanta shift left how to turn security into revenue.
Security
Guide
Shift Left: How to turn security into revenue

Turn security into a competitive advantage for your business. Get our free ebook to learn how centering security in the buyer journey can help you unlock revenue.

No items found.
Meet the vanta privacy, risk & compliance team.
Security
Blog
Meet the Vanta Privacy, Risk, & Compliance Team

The Vanta Privacy, Risk, & Compliance team provides internal and external support for our customer, auditor, and partner experience in service of the company’s mission to secure the internet.

Experts
Compliance
Risk Management
Scaling with security how to streamline your iso 27001 certification.
Security
Event
Scaling with security: How to streamline your ISO 27001 certification

In this on-demand webinar you'll learn: How being ISO 27001 certified benefits your business The five main requirements in the certification process How automation can lead to a more cost-effective path to ISO 27001 compliance The value of continuous security monitoring during the two-year surveillance audit

Cybersecurity
Two people with gears on a purple background.
Security
Blog
Building trust with vendor management

If you’re working towards a stronger security posture, your vendors are going to play an increasingly important role. Read more to learn what a robust vendor management process looks like.

Risk Management
An image of a forest with the word vanta on it.
Product updates
Blog
Introducing Vanta’s Security and Privacy Training Library

Today we’re excited to introduce Vanta’s new security and privacy training library, developed by our in-house team of security, privacy, and compliance experts to help ensure your employees learn about important and required principles for each framework.

Features
How to effectively manage vendor risk.
Security
Event
Coffee & Compliance: How to Proactively Manage Vendor Risk

Join Aaron Kraus, Director of InfoSec at Butterfly MX, and Gig Walsh, Director of Security and Compliance at LinkSquares on June 20 at 12 PM PST as they discuss best practices for vendor risk management with Eric Martin, Head of Sales at Vanta in this live webinar discussion.

Risk Management
Meet the vanta enterprise engineering team.
Security
Blog
Meet the Vanta Enterprise Engineering Team

Vanta's Enterprise Engineering team provides essential internal operational support, manages the employee lifecycle, and partners closely with other teams to keep Vanta safe and secure.

No items found.
Accelerate deals and reduce security with trust reports.
Security
Event
Vanta in Action: Trust Reports with Lumos

Starting from presales, all the way to winning new business and renewing with existing customers, how do you showcase the strength of your security, decrease the time spent on requests for security questionnaires, and not derail the sales process?

No items found.
Incident io logo on a purple background.
SOC 2
Blog
Fitting incident management into the SOC 2 puzzle

If you’re looking into a SOC 2, it’s also worth looking into an incident management tool at the same time. The latter will help you with many requirements to secure a SOC 2 and make your organization more efficient when responding to incidents.

No items found.
Meet the vanta security team.
Security
Blog
Meet the Vanta Security Team

The Vanta Security team’s mission is to ensure that Vanta is a trusted and trustworthy steward of sensitive data. Meet the team that helps keep Vanta secure and compliant.

Experts
Introducing vendor risk management.
Product updates
Blog
A new way to proactively manage third-party risk: Vendor Risk Management

Vendor Risk Management helps security professionals proactively identify and assess third-party risk, streamline security reviews, and quickly remediate issues.

Risk Management
Features
A table with a number of different items on it.
Security
Blog
From reactive to proactive: Leveraging vCISO solutions to elevate managed security services

Discover how MSPs can leverage vCISO solutions to elevate their security offerings, build client trust, and scale services for sustainable business growth

Partners
A dashboard with a lot of icons on it.
Security
Blog
What is a trust management platform?

How do you get compliant, stay secure, and demonstrate trust continuously? That’s where a trust management platform comes in. Learn more.

Compliance
Risk Management
Building Trust
A screenshot of a dashboard with a purple background.
Product updates
Blog
Introducing Questionnaire Automation

With features like auto-complete functionality and access to Vanta’s policies and documents, Questionnaire Automation streamlines the security questionnaire process, making it easy for organizations to complete questionnaires in minutes.

Features
A man and woman working on a laptop in an office.
Security
Guide
Access reviews are mission critical: Here’s how to get security risk management right

Access reviews are mission critical for the security of your business. Learn how to implement user account management controls to prevent unauthorized access to critical business data. 

Compliance
Risk Management
An image of a dashboard with a rock in the background.
Product updates
Blog
Introducing Custom Frameworks to the Vanta Platform

Custom controls and custom frameworks help compliance teams centralize and customize the way their security work gets done in Vanta.

Features
Coffee and compliance what is your secrets strategy?.
Security
Event
Coffee & Compliance: What is your secrets strategy?

Join Rob Picard, Security Lead at Vanta, and Brian Vallelunga, CEO and Founder of Doppler for the newest episode of Coffee & Compliance as they reveal secrets… about secrets strategy.

Cybersecurity
Compliance
Event
Convos with Customers: ResoluteAI

Eléonore Dixon-Roche, Senior Product Manager at ResoluteAI, explains how Vanta helped her step outside of her role and take on managing security and compliance for her company.

Compliance
A magnifying glass on a purple background with a warning sign.
Security
Blog
Vulnerability scanning tools: What are they and how should they be used?

Keeping your data secure relies on tracking down and fixing vulnerabilities. Find those open doors in your system with vulnerability scanning tools.

Cybersecurity
Security
Blog
When is the right time for vulnerability scanning?

As new cybersecurity threats emerge, when is the right time for vulnerability scanning? We give an overview of how to time vulnerability scans for improved security.

Cybersecurity
Compliance
Compliance
Blog
How do you perform quarterly access reviews?

Periodic user access reviews prevent the risk that former employees may still retain access to sensitive corporate data and systems after being terminated. Learn how to perform quarterly access reviews.

Compliance
Cybersecurity
Features
A blue and purple logo with the words trustpage and vanta.
Company news
Blog
Reimagining the future of trust with Trustpage by Vanta

Vanta announced today its acquisition of Trustpage to transform trust into a marketable advantage for companies around the world.

Building Trust
Startups
Cybersecurity
Features
Integrations
Security
Blog
What is vulnerability scanning?

What is vulnerability scanning and how can it enhance your information security? Find out everything you need to know from the Vanta security team.

Compliance
Cybersecurity
A book with the word mvsp on it.
Security
Guide
The complete guide to MVSP

What is MVSP? Learn how cutting edge companies have created a lightweight universal security starting point for B2B businesses.

No items found.
Compliance
Blog
Do you need penetration testing for compliance?

Software Secured, a Vanta partner, gives an overview of penetration testing and the differences between prescriptive and descriptive compliance frameworks.

Compliance
Experts
Partners
Coffee and compliance demystifying access reviews.
Security
Event
Coffee & Compliance: Demystifying access reviews

Join security experts Matt Cooper and Bart Tissue of Vanta as they discuss the importance of conducting regular access reviews in the newest episode of Coffee & Compliance.

Compliance
Cybersecurity
Compliance
Event
Convos with Customers: Explo

Learn how the co-founder of Explo, Gary Lin, uses Vanta to manage security and compliance at a quickly growing startup.

Compliance
Security
Blog
What is an access review?

An access review describes the process of monitoring the rights and privileges of everyone who can interact with data and applications.

Cybersecurity
Risk Management
Features
Prove trust to prospects how to win deals in an economic downturn.
Security
Event
Prove trust to prospects: How to win deals in an economic downturn

In this on-demand webinar, you’ll hear from industry expert Rob Picard, Senior Manager for Security & Engineering at Vanta, on how to leverage automated compliance and Trust Reports to communicate security posture and instill trust with prospects.

Building Trust
How to scale compliance at a hyper growth company.
Compliance
Event
How to scale compliance at a hyper-growth company

Watch our webinar to hear from security leaders who have leveled up their compliance programs during periods of hyper-growth.

Cybersecurity
Compliance
Experts
Security
Event
Coffee & Compliance: Demystifying security policies

Steven Conley, IT Audit Director at Insight Assurance, and Matthew Phillips, Lead Auditor at Vanta, discuss security policies for your organization.

Experts
Cybersecurity
Compliance
Partners
Nst 800 - 353 exam questions and answers.
NIST
Guide
The ultimate guide to NIST 800-53

Compliance
Cybersecurity
A group of badges with the words leader winter 2019.
Company news
Blog
Vanta is the #1 Leader in G2’s Winter 2023 Grid Reports for Security Compliance

Vanta is named the leader in G2’s Cloud Compliance, Cloud Security, Vendor Management, IT Asset Management, and Vendor Security and Privacy Assessment.

Experts
Cybersecurity
Compliance
Building Trust
Compliance
Event
Convos with Customers: Hook

In this Convos with Customers episode, where Firaas Rashid, Founder and CEO of Hook, explains how Vanta helped his team automate compliance by limiting manual work.

Compliance
Features
Experts
Coffee and compliance the future of endpoint security.
Security
Event
Coffee & Compliance: The future of endpoint security

Join us for our newest episode of Coffee & Compliance, where we discuss the future of endpoint security with Scott Simkin, VP, Portfolio and Product Marketing from CrowdStrike.

Cybersecurity
Engineering
Experts
Security
Event
Convos with Customers: Vanta x Signeasy

Signeasy’s Head of Compliance & Info Systems Bineeta Mitra explains how a small but mighty team of one manages SOC 2 compliance with Vanta.

Features
Compliance
Startups
The nst 800 - 1717 logo on a yellow background.
NIST
Guide
The ultimate guide to NIST 800-171

Jumpstart your NIST 800-171 compliance with Vanta's complete guide to this legally required security standard.

Compliance
Cybersecurity
Risk Management
A laptop with a padlock and gears on it.
Security
Blog
Mobile device management 101: Why it matters and how to deploy

Effective mobile device management (MDM) is a core function of your company's security and compliance program. Learn why it's essential and how to do it right at every stage of growth.

Cybersecurity
Engineering
Experts
Risk Management
Startups
Iso 27701 - iso 27702 - iso 27703 - iso 27704 - iso.
Compliance
Guide
The ultimate guide to ISO 27701

International privacy laws are always changing. ISO 27701 certification has become a global standard for PIMS to maintain compliance. Read our guide to get started.

Compliance
Risk Management
A book with the word feed ramp on it.
Compliance
Guide
The ultimate guide to FedRAMP

What is FedRAMP? Learn about the origin, certification, and compliance of FedRAMP in this guide.

Cybersecurity
Compliance
Compliance
Event
Convos with Customers: Vanta x InDebted

Hear how Tim Collins, Chief Compliance Officer at InDebted, uses Vanta to save time and resources in our most recent Convos with Customers episode.

Startups
Compliance
Coffee & compliance demystifying vulnerability scanning.
Security
Event
Coffee & Compliance: Demystifying vulnerability scanning

Join us for another episode of Coffee & Compliance where we demystify vulnerability scanning with Shawn Miller, Sr. Community Engineering Manager of Snyk.

Experts
Risk Management
A purple background with a rock and a check mark next to it.
Product updates
Blog
Vanta announces enhanced Access Reviews solution

We're thrilled to announce a big update to our Access Reviews solution. Learn more about pre-built system integrations, intuitive reviewer workflows, remediation management, and more.

Cybersecurity
Features
Integrations
Risk Management
SOC 2
Event
Product Demo Webinar

See the market-leading compliance automation software in action in this on-demand product demo.

Compliance
Cybersecurity
Experts
Features
Integrations
The ultimate guide to scaling your compliance program.
Compliance
Guide
The ultimate guide to scaling your compliance program

Vanta’s experts have put together this ultimate guide to adding frameworks to your compliance program with strategies for protecting your data and keeping your workload manageable.

Compliance
Cybersecurity
The cover of the book revolutionizing risk how to manage risk with yanta.
ISO 27001
Guide
Revolutionize risk: How to manage risk with Vanta

Get a better understanding of excessive risk challenges that can be hard to identify and even harder to manage. We’ll share how Vanta relieves those challenges with our newly enhanced ISO-aligned Risk Management solution.

Compliance
Risk Management
SOC 2
Event
Convos with Customers: Vanta x SlapFive

On the newest episode of Convos with Customers, SlapFive Co-founder & CEO Jeff Ernst explains how SlapFive uses Vanta to automate compliance, close deals faster, and build trust with customers.

Compliance
Experts
Startups
Product updates
Blog
New in Vanta | October 2022

This month's update includes our new Risk Management solution, plus updates to System Description, Test SLAs, Event Log tracking, and Custom Tag support.

Cybersecurity
Features
Compliance
Event
Coffee & Compliance: Choosing the right compliance standard for your business

Join us for another episode of Coffee & Compliance where we discuss best practices for choosing a compliance standard for your company.

Compliance
Experts
Cybersecurity
Security
Event
Coffee & Compliance: Hiring for security and compliance

Join cybersecurity expert Rob Picard as he chats with seasoned engineering and security leader Karthik Rangarajan.

Experts
Compliance
Cybersecurity
A person sitting at a computer with a laptop and graphs.
Security
Blog
What is a security operations center (SOC) analyst?

Thinking about becoming a SOC analyst? Learn more about this important cybersecurity role and how to get started in a growing industry.

Cybersecurity
Experts
Startups
Risk Management
The logo for databook on a purple background.
SOC 2
Event
Convos with Customers: Vanta x Databook

Security and Compliance Manager Anne Simpson talks about how Databook automates their compliance with Vanta.

Compliance
Company news
Blog
Building bridges: How Vanta helps EMEA-based companies navigate complex EU regulations

Is your organization ready for international regulations? These three Vanta customers are—find out how they did it!

Compliance
Risk Management
Startups
De risky business how to assess and mitigate risk.
Security
Event
De-risky business: How to assess and mitigate risk

Learn how to leverage tooling and automation to simplify the entire risk assessment process.

Risk Management
Compliance
Experts
A purple background with the words journeytrack on it.
SOC 2
Event
Convos with Customers: Vanta x JourneyTrack

Join Co-Founder and CTO Carol Hindsman to learn how JourneyTrack delegates tasks and stays compliant using Vanta.

Compliance
Cybersecurity
No results found 🤷

Get compliant and
build trust, fast.

Two wind turbines on a white background.
Get compliant and build trust,
fast.
Get started