New in Vanta | May 2025

 This past month, the Vanta team launched new features to help you: 

• Map controls to policies in a few clicks with AI-generated suggestions
• Streamline policy approvals with automated change summaries 
• Tailor your Trust Center to your brand
• Bring stakeholders in to Vanta securely with the Collaborator role
• Gain a complete view of your vendors with custom metadata 
• Continuously monitor your cloud resources with CIS GCP Foundations Benchmark tests
• Unlock additional automation with new integrations, and a significant update to the Wiz integration

‍

Map controls to policies in a few clicks with AI-generated suggestions

Manually mapping controls to pre-existing policies can be a tedious and time-consuming task. If you're bringing your own policies into a new automated compliance platform, you’re often faced with the burden of linking each control by hand. It’s a repetitive process that slows down audit preparation and diverts valuable time and resources from your team.

With our latest update, Vanta AI automatically analyzes your uploaded policy content and recommends relevant controls from your existing control library. You’ll receive a curated list of suggestions—each with a clear rationale—so you can quickly accept or reject them with a click. By streamlining this process, Vanta helps you enforce policies efficiently and stay audit-ready without the manual overhead.

‍

‍

This capability is available on the Growth package and above. Learn more here. 

‍

Streamline policy approvals with automated change summaries 

Annual policy reviews are a necessary but often cumbersome part of maintaining compliance. Whether changes are minor or significant, any policy update typically requires a formal approval process due to its sensitive nature. 

‍

Now, Vanta AI simplifies policy approvals with automated change summaries. When you upload a revised policy, Vanta AI compares it against the previous version and generates a clear, editable summary of what’s changed. You can review and customize this summary before sending it as part of the approval request—no need to parse through dense documentation or write a summary from scratch. Approvers can then easily view the AI-generated summary within Vanta, making the review process faster, clearer, and more efficient for everyone involved.

This capability is available on the Growth package and above. 

‍

Tailor your Trust Center to your brand

Your customers expect a certain level of polish and cohesion across all brand touchpoints, from your marketing website to your Trust Center.  

‍

Vanta now offers enhanced customization features to help your Trust Center feel like a true extension of your brand. With an updated hero banner design, new editor experience, and support for custom typography, you have more flexibility than ever to align your Trust Center with your brand guidelines. These updates empower both security and marketing teams to deliver a consistent customer journey—from first impressions on your homepage to collecting security evidence in your Trust Center.

‍

‍

The new header design and editor experience are available to all customers with Trust Center, while custom typography is available to customers with Trust Center Advanced. Check out our Trust Center page to see the new design in action or learn more here. 

‍

Bring stakeholders into Vanta securely with the Collaborator role

Security and GRC teams collaborate with many internal stakeholders like engineering, legal, HR, and even sales. These groups are critical to workflows like control failure remediation, assessing risk scenarios, uploading evidence, and conducting access reviews. Security and GRC teams use Vanta as their source of truth for all of this work, and need an easy way to streamline their crossfunctional work.

‍

Now with the Collaborator role, Vanta admins can invite these stakeholders into Vanta with a limited set of privileges. Collaborators can only access the items explicitly assigned to them in Vanta, respecting the concept of least privilege while enabling them to complete their work. For example, an engineering manager can be invited to Vanta as a Collaborator and assigned ownership of a technical control within their purview. As the screenshot below shows, this engineering manager will see the assigned control and any mapped tests or documents, and nothing else, enabling them to stay focused on their work.

‍

The Collaborator role is now available as a default user role to all Vanta customers. Today, Collaborators can be assigned as owners of controls, tests, documents, risk scenarios, risk tasks; system reviewers in access reviews; and viewers on reports.

‍

‍

Invite Collaborators to your Vanta instance, and learn more about user permissions in Vanta here.

‍

Gain a complete view of your vendors with custom metadata 

If you’re like most GRC teams, you’re managing an ever-growing list of vendors, and it’s critical to have a streamlined vendor review process. Vendor Risk Management is already helping Vanta customers save up to 50% of time on vendor security reviews, and now we’re introducing new ways to capture critical information about your vendors. 

‍

Vanta already supports a standard set of metadata fields including the vendor’s website, contract amount, headquarters, and more. With new custom metadata fields, you’re able to customize what data is collected, helping you quickly identify which vendors to focus on and giving you more contextual information as you assess their risk.

‍

‍

Custom Metadata is available to customers who’ve purchased the Vendor Risk Management product. Learn more here.

Continuously monitor your cloud resources with CIS GCP Foundations Benchmark tests

Many organizations look to the Center for Internet Security (CIS) to understand and implement industry best practices across their security program. The CIS GCP Foundations Benchmark is one such example, and this benchmark prescribes secure configuration guidelines for GCP users, offering practical guidance for hardening your GCP infrastructure.

‍

Now, Vanta provides automated tests that align with the CIS GCP Foundations Benchmark, providing an easy path to continuously monitor your alignment with the benchmark, identify gaps, and streamline remediation. 

‍

The CIS GCP Foundations Benchmark tests are available on Vanta’s Growth plan and above. These tests can be enabled within the GCP integration setup page.

‍

Unlock additional automation with new integrations, and a significant update to the Wiz integration

This month, Vanta released four new integrations, and a significant update to our integration with Wiz. Vanta now integrates with Plerion for vulnerability scanning, Primo for mobile device management tooling, Subrosa for user access data, and EDAMAME for mobile device management.

‍

We’ve expanded our integration with Wiz to support Wiz Issues, bringing high fidelity cloud signals into Vanta to centralize key data. Within Vanta, you can set CSPM alert remediation SLAs by severity, and track your adherence to your stated SLAs over time. This Wiz integration update is currently in a closed preview—users with the Wiz integration already installed can enable Wiz Issues within the integration configuration page. Vanta users that don’t have the Wiz integration installed can reach out to their Customer Success Manager to be added to the closed preview.

‍

‍

Explore all our integrations or tell us about others you’d like to see.

‍

Try it for yourself!

Log in to your Vanta account to try out these new features today. If you’re not a Vanta customer and want to learn more, request a demo.

As always, we welcome your feedback. Let us know what you think by reaching out to your Customer Success Manager and stay in the loop on Vanta news on LinkedIn.