New in Vanta May 2026
BlogCompany news
May 26, 2026

New in Vanta | May 2026

Written by
Amulya Uppala
Reviewed by
No items found.

Accelerating security solutions for small businesses 

Tagore offers strategic services to small businesses. 

A partnership that can scale 

Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate.

Standing out from competitors

Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.

This past month, the Vanta team launched new features to help you:

  • Get compliant with ISO 22301, the international standard for business continuity
  • Cut through access review fatigue with AI-powered recommendations
  • Automatically deprovision Zoom and Figma accounts during offboarding
  • Track your SPRS Score directly in Vanta for CMMC Level 2 compliance
  • Sync contracts into Customer Commitments directly from SharePoint

New framework: ISO 22301

Vanta now supports ISO 22301, the international standard for Business Continuity Management Systems (BCMS). ISO 22301 helps organizations prepare for, respond to, and recover from disruptive incidents (from cyberattacks to natural disasters) with a structured, auditable framework.

With Vanta's support for ISO 22301, customers can map existing controls, track compliance against the standard's requirements, and streamline evidence collection, all within the same platform they use for their other frameworks.

Available to all customers.

AI recommendations for access reviews

Access reviews are supposed to surface risk, but when reviewers are staring at thousands of accounts, fatigue sets in fast and the accounts that actually need attention get lost in the noise.

Vanta now generates an AI recommendation for every account at the start of a review: Approve, Deny, or Needs Review. Each recommendation surfaces the signals behind it (employment status, last login, access control policy, previous decisions, prior access requests) so reviewers understand why an account was flagged, not just what the verdict is.

The result: Low-risk accounts can be bulk-approved in seconds, freeing reviewers to spend their time on the accounts that actually matter. This is the first release in a broader AI-powered access review experience. More coming soon!

Available in preview to all customers with access reviews.

Automatic deprovisioning for Zoom and Figma

When someone leaves your organization, their accounts need to be shut down immediately. Vanta has long helped teams see what access terminated employees had and track remediation through tasks and admin notifications. Now Vanta can pull the trigger automatically.

Zoom and Figma now support automatic deprovisioning through Vanta's offboarding workflow, joining existing integrations like Calendly and OpenAI. When a team member is offboarded in Vanta:

  • Zoom: The user is deactivated immediately. They can no longer sign in, their license is freed, and their data (meetings, recordings, chats) stays intact.
  • Figma: The user is deactivated via Figma's SCIM API, removing org access while preserving their data.

Available with Access Management.

SPRS score tracking for CMMC Level 2

For organizations pursuing CMMC Level 2 certification, the Supplier Performance Risk System (SPRS) Score is a fundamental requirement: a self-assessed score submitted to the DoD that reflects your current compliance posture against all 110 NIST SP 800-171 security requirements.

CMMC Level 2 customers can now track their SPRS Score automatically, directly inside Vanta. The score is calculated at the requirement level and updates in real time as you mark controls as Implemented or Not Applicable. When you hit 110 points, Vanta surfaces the guidance you need to complete your self-assessment and submit to the SPRS portal. 

Defense contractors using Vanta to manage their CMMC programs can now handle SPRS Score tracking end-to-end without leaving the platform — further strengthening Vanta's position as the leading compliance automation solution for government and defense-adjacent companies.

Included with CMMC framework purchase. Available on Vanta Government Cloud (app.vanta-gov.com) and commercial.

SharePoint integration for Customer Commitments

Keeping your Customer Commitments inventory complete requires that contracts actually make it into the system. Manual uploads work, but they don't scale. Every missed upload is a commitment that goes untracked.

Customers can now use SharePoint as a contract source for Customer Commitments. Connect your existing SharePoint environment directly from the Commitments settings page, and Vanta will continuously and automatically sync your contracts. Because this builds on Vanta's existing SharePoint connection, there's no additional OAuth setup required.

The result: A scalable, low-maintenance way to keep your commitments inventory up to date, without the operational overhead of manual uploads or custom API workflows.

Available with the Customer Commitments add-on.

Try it for yourself!

Log in to your Vanta account to try out these new features today. If you’re not a Vanta customer and want to learn more, request a demo.

As always, we welcome your feedback. Let us know what you think by reaching out to your Customer Success Manager, and stay in the loop on Vanta news on LinkedIn.

Access Review Stage Content / Functionality
Across all stages
  • Easily create and save a new access review at a point in time
  • View detailed audit evidence of historical access reviews
Setup access review procedures
  • Define a global access review procedure that stakeholders can follow, ensuring consistency and mitigation of human error in reviews
  • Set your access review frequency (monthly, quarterly, etc.) and working period/deadlines
Consolidate account access data from systems
  • Integrate systems using dozens of pre-built integrations, or “connectors”. System account and HRIS data is pulled into Vanta.
  • Upcoming integrations include Zoom and Intercom (account access), and Personio (HRIS)
  • Upload access files from non-integrated systems
  • View and select systems in-scope for the review
Review, approve, and deny user access
  • Select the appropriate systems reviewer and due date
  • Get automatic notifications and reminders to systems reviewer of deadlines
  • Automatic flagging of “risky” employee accounts that have been terminated or switched departments
  • Intuitive interface to see all accounts with access, account accept/deny buttons, and notes section
  • Track progress of individual systems access reviews and see accounts that need to be removed or have access modified
  • Bulk sort, filter, and alter accounts based on account roles and employee title
Assign remediation tasks to system owners
  • Built-in remediation workflow for reviewers to request access changes and for admin to view and manage requests
  • Optional task tracker integration to create tickets for any access changes and provide visibility to the status of tickets and remediation
Verify changes to access
  • Focused view of accounts flagged for access changes for easy tracking and management
  • Automated evidence of remediation completion displayed for integrated systems
  • Manual evidence of remediation can be uploaded for non-integrated systems
Report and re-evaluate results
  • Auditor can log into Vanta to see history of all completed access reviews
  • Internals can see status of reviews in progress and also historical review detail
Logo of incident.io
Incident.io
Logo of Lumos
Lumos
Icepanel logo on a white background.
IcePanel
Epsilon Logo
Epsilon3
The logo for supabase.
Supabase
EasyLLama Logo
EasyLlama
Qualifi Logo
Qualifi
Logo of toku
Toku
FEATURED VANTA RESOURCE

The ultimate guide to scaling your compliance program

Learn how to scale, manage, and optimize alongside your business goals.

DOWNLOAD FOR FREE

Table of contents

No titles!

Share this article

Share this article

Related Resources

How MSPs unlock growth with Vanta’s Service Partner Program
Company news
Blog

How MSPs unlock growth with Vanta’s Service Partner Program

Vanta’s Service Partner Program provides MSPs with essential tools to expand service offerings, accelerate growth, streamline operations, and stand out in a competitive market.

Vanta celebrates National Salesperson Day
Company news
Blog

Vanta celebrates National Salesperson Day

Vanta celebrates National Salesperson Day by sharing just some of what our team has been working on and how it feels be a part of such a dynamic sales organization.

Company news
Blog

Lessons learned from Vanta’s FedRAMP® 20x pilot program

A behind-the-scenes look at how Vanta navigated the FedRAMP 20x pilot.

Announcing the State of Trust Report 2024 and VantaCon agenda
Company news
Blog

Going beyond the standard: Announcing the State of Trust Report 2024 and VantaCon agenda

We’re excited to release our State of Trust Report 2024 and announce our lineup of all-star speakers and panelists for VantaCon 2024.

Related Resources

Build vs buy | Vanta
Company news
Blog
Why cheaper code isn’t always cheap

Here’s why building internal tools is often far more expensive than buying them.

VantaCon UK 2026
Company news
Blog
VantaCon UK 2026: Privacy joins the platform, the Agent gets smarter, and trust becomes a growth strategy

A recap of VantaCon UK 2026.

Vanta donates AARM
Company news
Blog
Vanta donates AARM to the Cloud Security Alliance

The AARM specification defines a new system category: runtime security for AI agents.

Vanta crosses $300M in ARR
Company news
Blog
Vanta crosses $300M in ARR as growth accelerates

For years, security teams proved trust once a year during audits, and their customers accepted static PDFs. That era is over.

The Vanta Community
Company news
Blog
Find your peers in the Vanta Community

Everything you need to know about the new Vanta Community, where security practitioners connect, learn, and level up

Vanta Delivers Calm-pliance
Company news
Blog
Goodbye audit chaos, hello Calm-pliance

Vanta Delivers new features that provide enterprise control, more agentic workflows, and privacy automation to help GRC teams build trust continuously.

First 90 days leading Developer Experience at Vanta | Vanta
Company news
Blog
First 90 days leading Developer Experience at Vanta: Building trust through better systems

Reflections on scaling engineering, AI-first workflows, and building trust at Vanta.

What is Vanta? | Vanta
Company news
Blog
What is Vanta?

With automated compliance, unified risk management, real-time proof, and an AI Agent that takes action, teams stay audit-ready and move faster.

Wiz names Vanta among its most popular integrations | Vanta
Company news
Blog
Wiz names Vanta among its most popular integrations

Vanta is recognized across four categories including most popular integration.

The Vanta 25 to Trust: Nominations are open
Company news
Blog
The Vanta 25 to Trust: Nominations are now open for 2026

The Vanta 25 to Trust: Nominations are open for 2026.

Vanta 2025 in review
Company news
Blog
Vanta 2025: Looking back, looking ahead

Here's what earning and proving trust looked like in 2025.

Company news
Blog
Trust at enterprise scale: Introducing Vanta’s Agentic Trust Platform

Vanta’s Agentic Trust Platform unifies risk and compliance into a single intelligent system so companies can prove trust continuously.

Get compliant and build trust—fast

Request a demo
G2 Badge Winter 2026 LeaderG2 Badge Winter 2026 Enterprise LeaderG2 Badge Milestone 'Users Love Us'