New in Vanta | February 2026

This past month, the Vanta team launched new features to help you with:

‍

• More control over audits with IRLs
• TPRM - Auto collect public evidence from external Trust Centers 
• Leverage an enhanced, secure AWS GovCloud environment
• Enhancements to the Vanta AI Agent
• Deeper visibility with new Issues Report

‍

More control over audits with IRLs

For teams running modern, complex audits, control matters just as much as automation. IRLs are now available in public preview, built to help you run audits the way your team actually works.

‍

IRLs let you bring your auditor’s exact request list into Vanta and manage the entire audit process in one place. Instead of relying on predefined templates or syncing everything automatically, Vanta adapts to your auditor’s process while keeping you in control.

‍

You can map each auditor request to your existing controls and evidence, assign owners, and run internal reviews before anything is shared. Evidence is intentionally selected and approved, not automatically exposed. Vanta AI also helps identify gaps or mismatches early, so issues get addressed as part of your workflow—not at the last minute.

‍

Whether your auditor works directly in Vanta or prefers their own system, collaboration stays smooth and status stays aligned, no spreadsheets, email threads, or side processes needed.

‍

Currently available in public preview, available to all customers on Professional+ plans.

‍

‍

Scale assessments without the admin

Security assessments don’t stall because teams lack content, they stall because evidence collection is manual, repetitive, and time-consuming. Security and GRC teams spend hours chasing documents, tracking access, re-uploading files, and following up with vendors. This delays assessments, reduces completion rates, and makes it difficult to scale third-party risk management (TPRM) across a growing vendor portfolio.

‍

Vanta automates these steps and removes the guesswork by enabling users to instantly see what evidence is available and how to retrieve it. For vendors with Vanta Trust Centers, teams can view public and private documents, request access to restricted files, and clearly understand any required steps like NDAs. For external Trust Centers, users can see available public documents and automatically import them into assessments. 

‍

By eliminating manual document chasing and creating clarity around the documents available, Vanta shortens assessments timelines and helps teams focus on risk analysis instead of administrative busywork. It’s a foundational step towards truly scalable, automated TPRM.

‍

Currently available for TPRM add-on customers.

‍

Leverage an enhanced, secure AWS GovCloud environment

We’re expanding Vanta’s support for teams operating in highly regulated and security-sensitive environments with two major updates: VantaGov and OSCAL export.

‍

VantaGov is Vanta-hosted in an enhanced, secure AWS GovCloud environment, purpose-built for organizations pursuing federal frameworks like FedRAMP, CMMC, and NIST, and for enterprises that require additional boundary controls and infrastructure assurances. With VantaGov, teams can prepare for authorization, operate controls, and maintain continuous compliance entirely in-boundary. Compliance evidence, integrations, and workflows stay inside GovCloud, reducing boundary risk and simplifying federal audits, while teams continue using the Vanta workflows they already know.

‍

We’re also introducing OSCAL export for FedRAMP 20x. Instead of assembling large, document-based authorization packages, teams can now export controls, tests, and supporting evidence from Vanta in machine-readable OSCAL format. This aligns with FedRAMP 20x guidance, reduces back-and-forth with agencies, and helps speed up authorization as machine-readable submissions become the standard.

‍

Together, these updates make it easier to run federal compliance end to end, securely, continuously, and with less manual effort.

‍

OSCAL is currently available to all customers with federal frameworks.

‍

Vanta Gov is currently available to all customers as an add-on. 

‍

Enhancements to the Vanta AI Agent

The Vanta AI Agent is your 24/7 GRC engineer, designed to help you drive program excellence and consistency, provide personalized guidance grounded in your company’s context, and automating tasks and workflows to save you time. Several enhancements are now available to the Vanta AI Agent, including:

‍

• Agent memory, allowing you to save company-specific context in your AI settings, so the agent can reference this information to provide more personalized and consistent responses
• Integration with the Vanta Help Center, enabling the agent to search for and read Help Center articles to provide more helpful, conversational responses in chat
• Personnel context, allowing the agent to answer questions about your personnel directly in chat. This enables natural language queries like “Show me all the engineers who haven’t completed security training”, or “What’s the acceptance rate for our Information Security Policy?”
• Corrective action suggestions for issues, allowing the agent to analyze policy-related issues and generate recommended corrective actions for you to review and approve. Requires access to issue management in Vanta, available on the Professional plan or above.
• Globally available agent, enabling you to easily access the agent chat interface from any page in Vanta. The agent is page-aware and adapts its starter prompts based on that context, helping you stay focused on your current task.

‍

‍

Deeper visibility with new Issues Report

We’re expanding the Reports Center with a new Issues Report, giving teams deeper visibility into their compliance issue backlog and how it evolves over time.

‍

With the Issues Report, customers using Vanta to track and remediate compliance gaps can monitor key backlog metrics like issues opened vs. resolved, % closed on time, and average time to close. Teams can analyze trends in severity and status, and use filters for owner, status, source, and audit to understand where issues originate and who is responsible for remediation. This makes it easier to spot bottlenecks, prioritize work, and keep remediation on track.

‍

Built on our new reporting architecture, the Issues Report updates within minutes and continuously captures changes, providing more timely insights today while enabling richer reporting and advanced analytics over time.

‍

Together, these updates make it easier to understand, manage, and improve your compliance posture with real-time visibility and more powerful reporting.

‍

‍

Available to all customers on Professional+ plans.

‍

Try it for yourself!

Log in to your Vanta account to try out these new features today. If you’re not a Vanta customer and want to learn more, request a demo.

As always, we welcome your feedback. Let us know what you think by reaching out to your Customer Success Manager and stay in the loop on Vanta news on LinkedIn.

‍