New in Vanta | October 2025

This past month, the Vanta team launched new features to help you: 

• Align with the Cyber Risk Institute (CRI) Profile fast
• Start prepping for FedRAMP 20x Low and Moderate today
• Balance transparency and control during your next audit with controlled audit views
• Stay aligned and audit-ready with clear scope visibility
• Configure granular Trust Center resource access for accounts
• Expand your use of the Vanta MCP server with all new data sets
• Centralize even more insights with six new and improved integrations

‍

Align with the Cyber Risk Institute (CRI) Profile fast

Financial institutions and their vendors are increasingly expected to align with the Cyber Risk Institute (CRI) Profile—a globally recognized framework that unifies regulatory expectations across FFIEC, DORA, MAS, APRA, and more.

‍

But without automation, aligning with CRI means interpreting 300+ diagnostic statements manually, tracking evidence in spreadsheets, and duplicating work across frameworks.

‍

Vanta changes that. We translate CRI’s diagnostic statements across all four CRI impact tiers into guided workflows that are easy to action. With AI-powered policy mapping, evidence evaluation, and AI remediation, Vanta helps you automate manual work and reduce supervisory exam fatigue. And because we map CRI to other major frameworks, you can reuse controls and evidence you already have, eliminating duplication while maintaining exam integrity.

Generally available across any plan.

‍

Start prepping for FedRAMP 20x Low and Moderate today

FedRAMP 20x is the next evolution in federal compliance, introducing continuous monitoring, automation requirements, and a new Key Security Indicator (KSI) based control model for cloud service providers. But with evolving guidance and limited early access, many teams are struggling to prepare. Vanta now supports both FedRAMP 20x Low and Moderate baselines, making it easier to get ahead of the public submission window expected in early 2026.

‍

With 400+ integrations and automated evidence collection, Vanta helps you build FedRAMP 20x readiness from day one. Teams can monitor control health in real time, surface gaps, and maintain compliance using Vanta’s continuous monitoring and AI-powered evaluation, which flags missing roles, dates, and key details in policy documents before audits.

‍

To simplify the shift to the new model, Vanta offers pre-mapped KSI controls, policy and documentation templates, and step-by-step workflows tailored for FedRAMP 20x Low and Moderate. You’ll also save time by reusing work from frameworks like SOC 2 and ISO 27001 through cross-framework control mapping, reducing duplication and keeping your program aligned in one unified dashboard.

‍

Whether you're preparing early or scaling after Phase 1, Vanta helps you move faster, stay ready, and lead the transition to FedRAMP 20x with confidence.

‍

‍

Generally available across any plan. 

‍

Balance transparency and control during your next audit with controlled audit views

During an audit, transparency is essential, but oversharing can create unnecessary risk. Without the ability to control what auditors see, many companies expose too much: internal details, irrelevant metadata, or in-progress tasks that distract from the actual population data auditors need to make sampling decisions. This can lead to confusion, audit inefficiencies, or even findings that could have been avoided.

‍

Vanta’s new controlled audit views gives you more control over the audit experience by limiting auditor visibility to only the information required to select samples and test controls. You can now choose a controlled view that hides sensitive fields and flattens the data. Auditors still get the clarity they need to do their job, but without the noise, and without the risk of exposing information that isn’t relevant to the audit.

‍

Combined with audit-specific pages and scoped metadata, controlled audit views makes it easier to align with auditors, reduce overexposure, and streamline your engagements.

‍

By giving you the flexibility to choose what’s shared, controlled audit views help your team maintain the right balance of transparency and control, while staying compliant, secure, and audit-ready.

‍

Controlled audit views are now available for customers on the Growth plan and above.

‍

Stay aligned and audit-ready with clear scope visibility

When multiple people manage framework scopes, it’s easy to lose track of what’s included or how things have changed. Without a clear view, teams risk incorrect scopes or missing context during audits. The new framework scope overview page brings transparency to scope management, giving you a single place to see what’s in scope across systems and people.

‍

Now, you can instantly view the total number and percentage of systems and people in scope for each framework, along with a complete change log showing who made updates and when. This shared visibility helps teams stay aligned, accurate, and audit-ready.

‍

‍

This is available for all Vanta customers on the Growth plan and above. 

‍

Configure granular Trust Center resource access for accounts

We recently introduced account views for all trust activities, giving customers a single place to see and manage everything related to trust. From tracking engagement across your Trust Center and questionnaires (coming soon) to managing NDAs and approving access requests, you can now do it all at the account level.

‍

Now, we’re taking it a step further by allowing you to specify granular access to specific Trust Center resources within each account. From any account page, you can configure access to individual documents. If an account has auto-approval enabled, only the specified documents will be automatically approved. If auto-approval is turned off, those document permissions will be pre-populated for any new viewers added to the account. This update ensures that viewers receive the right level of access based on what account they belong to while streamlining the approval process and reducing manual work for teams managing Vanta.

‍

‍

This is now available to all Vanta customers. 

‍

Expand your use of the Vanta MCP Server with all new data sets

We’re not just bringing agentic AI to Vanta—we’re bringing Vanta’s data and insights directly into the tools where teams already work through our MCP Server. Earlier this summer, we introduced the Vanta MCP Server for framework exploration and seamless test remediation, combining Vanta’s deep security and compliance expertise with the world’s leading AI tools to help engineering teams move faster. The Vanta MCP Server integrates with Anthropic’s Claude, VS Code, Windsurf, and Cursor, enabling intelligent, secure workflows that bridge compliance and engineering efficiency.

‍

Now, we’re delivering new sets of Vanta data that you can use over MCP: risks, vulnerabilities, people, documents, and integrations. With this richer data foundation, you can surface the insights you need and take action more broadly across your compliance program. For example, you can:

• Draft a report to GRC leadership on your top business risks and mitigation plans
• Conduct a check on your failing tests before you deploy to production
• Generate docs and policies to prove you’re handling access control correctly 
• Determine which employees are late on their compliance trainings 

‍

The Vanta MCP Server is now generally available for all Vanta customers. Learn how to get started here.

‍

Centralize even more insights with six new and improved integrations

This month, Vanta introduced six new and improved integrations to the platform, delivering more automation and centralized visibility across key systems. New integrations include Watchpoint for vulnerability scanning, Moxso for security awareness training and user access details, and LatticeFlow and ABV for user access details.

‍

We also introduced expanded capabilities in existing integrations, including:

• Wiz for Government support for customers leveraging Wiz’s FedRAMP High authorized cloud security platform
• SentinelOne Alerts Management, enabling customers to centralize CSPM alerts inside the Vanta platform

‍

Explore all our integrations or tell us about others you’d like to see.

‍

Try it for yourself!

Log in to your Vanta account to try out these new features today. If you’re not a Vanta customer and want to learn more, request a demo.

As always, we welcome your feedback. Let us know what you think by reaching out to your Customer Success Manager and stay in the loop on Vanta news on LinkedIn.