Introducing enterprise-ready capabilities to help you manage compliance at scale

Today we’re excited to announce new and enhanced enterprise-grade platform capabilities that build upon our existing enterprise capabilities and customization functionality. Along with our new AI-powered Trust Center announced today, these capabilities enable mature organizations to run their security and compliance programs and demonstrate trust at scale.

‍
Our new enterprise-ready capabilities include an enhanced REST API, support for SCIM provisioning, more multi-instance integrations, and pre-built automated tests aligned to the CIS Kubernetes Benchmarks for AWS, GCP, and Azure. Together these enhancements enable you to improve your compliance and security posture, reduce risk, and save time and costs.

‍

‍

Extend the power of Vanta with our new REST API

Now available in public preview, our enhanced Vanta API uses the popular REST architectural style, making it easier to write to, use, and manage. With the new API, you can extend the power of Vanta by integrating with other applications and workflows to:

‍

• Automate processes in Vanta to minimize clicks and human error. Examples include auto-uploading documents or policies, bulk assigning owners to resources, or bulk offloading employees.
• Programmatically extract information from Vanta into external reports that aggregate data from multiple systems. For example, you can automatically export test status information from Vanta and Trust Center viewer data to a Business Intelligence tool to help power enterprise-wide compliance dashboards.
• Automatically initiate external workflows to improve your security posture through fast remediation of security gaps. For instance if a critical test in Vanta fails, an external workflow or script that monitors this test can automatically initiate remediation.
• Build custom integrations so Vanta can run automated tests against systems the platform does not already integrate with, including on-premise or custom applications.

‍

The Vanta API includes security and authentication that leverages Oauth and full API documentation for developers. It is now available in all Vanta plans. Learn more about the Vanta API and how to participate in the public preview here.

‍

‍

“Our Vanta Private integration gives us tighter monitoring around a key internal tool. We can verify new accounts have two-factor authentication on, and that employee offboarding is done in a timely manner. Also, our developer had our Private Integration up and running in less than a day, start to finish.” - Jason Morcos, Director of Engineering & ISO, SwipeSense

‍

‍

‍

‍

Easily provision and manage users with SCIM

Coming soon, Vanta will support SCIM, or the System for Cross-domain Identity Management standard, which enables a simple, automated, and more secure way to provision, manage, and deprovision users, including Vanta users.

‍

This is important for enterprise IT teams that prefer to do user provisioning and management for all their cloud applications, which might number into the hundreds, in a single location — their identity provider — using the SCIM standard. 

‍

SCIM will be available in the Vanta Scale plan in the coming months.

‍

‍

Automate more compliance with multi-instance integrations

For organizations that have multiple instances of one application, Vanta now supports more multi-instance integrations with widely-used applications or systems such as AWS, Microsoft Azure, Microsoft Office 365, Snowflake, Zoom, Github, Okta, Google Cloud, Google Workspace, Office 365, Cloudflare, Datadog, Atlassian Bitbucket, and GitLab. 

‍

If you have multiple instances or accounts of an application for different parts of your business, you can now easily integrate all of those instances with Vanta. This enables Vanta to run automated tests and evidence collection against each instance and incorporate them into controls and other areas of compliance.

‍

‍

‍

Secure and monitor Kubernetes with automated tests 

Vanta offers hundreds of tests to automate the checking of technical controls and evidence collection for auditors. We recently launched specific automated tests that use Vanta integrations to ensure your public cloud managed Kubernetes environment has the proper configurations aligned to the CIS Kubernetes Benchmarks for the following:

‍

• Amazon Elastic Kubernetes Service (EKS)
• Google Kubernetes Engine (GKE)
• Azure Kubernetes Service (AKS)

‍

This is crucial for enterprises that rely on container resources in the cloud and leverage Kubernetes to manage these containers. With these automated tests, you can ensure your Kubernetes environments, including sensitive data within them, are properly configured and secured.

‍

Some of the tests are included in our Core plan, while all available tests are included in Collaborate and Scale plans. If you’re interested in learning more about automating CIS Benchmarks for public cloud, managed Kubernetes, reach out to our team.

‍

‍

‍

Manage compliance at scale with Vanta

Vanta is committed to supporting enterprises with the capabilities and scalability they need to stay compliant and secure and demonstrate trust to their buyers. If you’re interested in learning more about these new capabilities, reach out to your account executive or customer success manager, or contact us here.  And if you're attending the RSA Conference in San Francisco May 6-9, drop by booth #2166 to meet the Vanta team.

‍