May 14, 2024

New in Vanta | May 2024

Written by

Lauren Wade

Product Marketing

Reviewed by

Accelerating security solutions for small businesses
‍

Tagore offers strategic services to small businesses.

A partnership that can scale
‍

Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate.

Standing out from competitors
‍

Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.

This month, the Vanta team launched:

‍

An AI-powered conversational interface embedded in Trust Center to help you proactively manage security reviews
New enterprise-ready features built for managing security and compliance at scale
Additional integrations and support for multiple instances
Optimizations to Vanta’s Vendor Risk Management experience
Updates to Custom Tests with deeper customization

‍

Proactively manage security reviews with an AI-powered conversational interface on your Trust Center

This month, we introduced an AI-powered conversational interface within Vanta Trust Center. Visitors to your Trust Center can ask questions and Vanta AI will generate answers based on the rich foundation of resources already available in your Trust Center.

‍

For instance, visitors can ask questions like “When did you last complete your SOC 2 report and were there any exceptions?” or “How does your company handle encryption?” and get answers, fast. With this new enhancement, teams can build trust and close deals faster with a proactive approach to security reviews.

‍

Additionally, you can now measure your impact on top-line revenue using the new Salesforce integration, measuring revenue influenced through interactions with Trust Center.

‍

‍

Want to learn more about Vanta Trust Center? Take a product tour today.

‍

Tailor-built features for maturing your program’s needs

Building upon Vanta’s existing enterprise capabilities and customization functionality, we announced an enhanced REST API, support for SCIM provisioning, more multi-instance integrations, and pre-built automated tests aligned to CIS Kubernetes benchmarks for AWS, GCP, and Azure.

‍

These new capabilities enable you to automate more processes right within Vanta, programmatically extract information, automatically initiate external workflows, and build custom integrations.

‍

If you’re interested in learning more about these new capabilities, reach out to your account executive or customer success manager, or contact us here.

‍

Automate even more of your compliance program with new integrations

As our engineering and product teams continue to add new integrations and extend the depth of existing ones to support multiple instances and additional tests, you’ll be able to automate even more of your program.

‍

Now within Zoom and Cloudflare, you can leverage continuous monitoring across multiple instances. Over the past month, we also launched six new integrations including Lever, CanIPhish, Phalanx, and Ramp. With Ramp and Vanta, you can now track access within their tooling for easy-to-use cards, spend limits, approval flows, vendor payments, and more.

‍

See all of our integrations or let us know about additional ones you need.

‍

‍

Simplifying Vendor Risk Management workflows

When we first introduced Vendor Risk Management our team delivered a single source of truth for assessing and reducing third-party risk, streamlined vendor security reviews, and assessing and identifying vendor risk.

‍

Since then we have launched new updates that simplify the experience of running a Vendor Risk Management program. Most recently, our team improved the workflow within VRM to make reviewing findings from AI during security reviews easier. Also, we improved transparency in vendor review, allowing you to seamlessly ignore or reject a vendor and have a log of these actions for future reference.

‍

Build your own Custom Tests, now with deeper customization

With Custom Tests, you now have the ability to adjust Vanta’s pre-built tests as well as create new tests from scratch with custom logic. Since the launch, we’ve seen customers create custom tests that automatically check for things like “AWS Password Policies have specific requirements” and “employee laptops have Crowdstrike Falcon enabled.”

‍

Now, tests can be run on tags in cloud resources. For example, customers add tags related to environment, owner, team, and more to your AWS EC2 or S3 instances. This means even more customization to automate key compliance workflows.

‍

‍

This capability is available in our Collaborate plan. If you’re interested in learning more, talk to our team today.

‍

Test it for yourself

Log in to your Vanta account to try out these new features. If you’re not a Vanta customer and want to learn more, request a demo.

As always, we welcome your feedback. Let us know what you think by reaching out to your Customer Success Manager. And stay in the loop on Vanta news on LinkedIn.

‍

Or see it live - What’s New in Vanta: May Webinar

Join us for our monthly “What’s New in Vanta” webinar taking place May 30, 8:30am PST/4:30pm BST. This series provides you a live look at some of our newest releases and product improvements, including the new features mentioned in this post.

‍

Access Review Stage	Content / Functionality
Across all stages	Easily create and save a new access review at a point in time View detailed audit evidence of historical access reviews
Setup access review procedures	Define a global access review procedure that stakeholders can follow, ensuring consistency and mitigation of human error in reviews Set your access review frequency (monthly, quarterly, etc.) and working period/deadlines
Consolidate account access data from systems	Integrate systems using dozens of pre-built integrations, or “connectors”. System account and HRIS data is pulled into Vanta. Upcoming integrations include Zoom and Intercom (account access), and Personio (HRIS) Upload access files from non-integrated systems View and select systems in-scope for the review
Review, approve, and deny user access	Select the appropriate systems reviewer and due date Get automatic notifications and reminders to systems reviewer of deadlines Automatic flagging of “risky” employee accounts that have been terminated or switched departments Intuitive interface to see all accounts with access, account accept/deny buttons, and notes section Track progress of individual systems access reviews and see accounts that need to be removed or have access modified Bulk sort, filter, and alter accounts based on account roles and employee title
Assign remediation tasks to system owners	Built-in remediation workflow for reviewers to request access changes and for admin to view and manage requests Optional task tracker integration to create tickets for any access changes and provide visibility to the status of tickets and remediation
Verify changes to access	Focused view of accounts flagged for access changes for easy tracking and management Automated evidence of remediation completion displayed for integrated systems Manual evidence of remediation can be uploaded for non-integrated systems
Report and re-evaluate results	Auditor can log into Vanta to see history of all completed access reviews Internals can see status of reviews in progress and also historical review detail