BlogProduct updates
September 23, 2025

New in Vanta | September 2025

Written by
Vicki Robertson
Reviewed by
No items found.

Accelerating security solutions for small businesses 

Tagore offers strategic services to small businesses. 

A partnership that can scale 

Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate.

Standing out from competitors

Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.

This past month, the Vanta team launched new features to help you: 

  • Structure risk registers the way your business is organized
  • Systematically track and resolve issues with issue management
  • Simplify and streamline stakeholder contributions with the my work page
  • Automate vendor security reviews with AI-powered insights
  • Keep your knowledge base fresh, accurate, and trustworthy with new verification settings
  • Unlock more automation with six new integrations on the Vanta platform

Structure risk registers the way your business is organized

Internal risk management today is often fragmented. Each function—legal, IT, HR, finance—tracks risk differently, usually in spreadsheets or siloed tools. Severity and impact are defined inconsistently and  accountability is unclear. The result is manual, reactive reporting where issues surface too late and responses cost more than they should.

Vanta’s multiple risk registers change this by giving every function its own structured space to manage the risks they know best. Legal can focus on regulatory obligations, IT on vulnerabilities, finance on exposures, and HR on people-related risks. Each department gets autonomy to own and track its domain, while Vanta applies a consistent framework across all registers. Risks are defined, measured, and prioritized in the same way everywhere in the organization. This balance of expertise and standardization means functions no longer work at cross-purposes, and leadership gains confidence that risk is being managed proactively and consistently across the business. 

Multiple risk registers is currently in preview and will be generally available in October on our Scale and Enterprise plans, and as an add-on for Growth customers.

Systematically track and resolve issues with issue management

Issues can come from anywhere—internal audits, external audits, or day-to-day operations. It’s not enough to simply fix them; you also need to demonstrate to auditors that you’re taking a structured, reliable approach to tracking and resolving them.

Vanta’s new issue management module gives you a centralized, purpose-built way to track and resolve issues across your security and compliance programs. You can bulk-import issues, log evidence, assign owners, and follow a consistent workflow to ensure nothing slips through the cracks.

It’s more than just a to-do list. With issue management, you capture the outcomes that matter—tying each issue to the relevant risks, controls, and policies for a complete picture of your program’s health. With AI-powered recommendations, Vanta suggests the right controls so you never lose sight of how issues impact program health across all frameworks. Everything is auditable, reportable, and connected so when audit season comes, you’re not scrambling: You have a clear record of what happened, how it was addressed, and who was responsible.

Issue management is generally available to all customers on Growth plans and above.

Simplify and streamline stakeholder contributions with the My Work page 

Trust is a team sport; security and compliance teams rely on strong collaboration from many internal stakeholders at the organization to maintain a continuous state of compliance. Teams that use Vanta to manage their security and compliance program can assign tasks and action items to individuals or teams, to create clear ownership and accountability. Now, these stakeholders have one simple, centralized page to view all of their assigned tasks in Vanta, on the my work page.

Tasks are organized by urgency and the specific nature of the assignment, whether approval is needed or the actual work itself. Users can use this centralized list to easily click into each outstanding item, taking them right to the task that needs attention. With the my work page in Vanta, work is centralized, streamlined, and made more efficient for every kind of stakeholder.

My work is generally available for all Vanta customers.

Automate vendor security reviews with AI-powered insights  

The new AI security review summary transforms how security teams approach vendor reviews by replacing manual, repetitive tasks with AI automation. Instead of sifting through vendor security reviews and pages of gathered evidence to understand a vendor’s security posture, teams now have instant, AI-generated overviews at the ready. The summary highlights key findings, strengths, and risk up front, allowing reviewers to quickly understand where attention is needed while reducing time and effort required for thorough due diligence. It even automatically compares evidence from prior reviews and highlights only the new or updated information, so teams can focus on what’s changed and make decisions faster.

The AI security review summary feature is available to all VRM add-on customers. Learn more about vendor risk management here.

Keep your knowledge base fresh, accurate, and trustworthy with new verification settings 

Companies rely on the knowledge base to provide accurate, up-to-date responses and documentation to power both Questionnaire Automation and their Trust Centers. But keeping that information current requires an automated system and governance. Without clear ownership, review cadences, and safeguards against outdated content, teams risk relying on stale information, resulting in diminished potential misrepresentation of security practices.

Now, we’re introducing new governance settings for the knowledge base. Every item—whether a document or a response in the response library—now can have a designated owner, a defined review cadence, and an expiration date. These are reinforced by automated workflows and notifications, ensuring updates happen on time. Teams can gain visibility into the overall health of the knowledge base, making it easier than ever to keep content fresh, accurate, and trustworthy.

This feature is available today for customers using Trust Center or Questionnaire Automation, on a core plan or above. Learn more in this Help Center article. 

Unlock more automation with six new integrations on the Vanta platform 

This month, Vanta introduced six new integrations to the ecosystem. Vanta users can integrate with Tailscale, Keeper, SimpleBackups, Four/Four and Bocada to streamline user access monitoring and centralize key compliance evidence. Users can integrate with HirePass to satisfy compliance background check requirements and easily bring the relevant evidence into Vanta. 

 

Explore all our integrations or tell us about others you’d like to see.

Try it for yourself!

Log in to your Vanta account to try out these new features today. If you’re not a Vanta customer and want to learn more, request a demo.

As always, we welcome your feedback. Let us know what you think by reaching out to your Customer Success Manager and stay in the loop on Vanta news on LinkedIn.

Access Review Stage Content / Functionality
Across all stages
  • Easily create and save a new access review at a point in time
  • View detailed audit evidence of historical access reviews
Setup access review procedures
  • Define a global access review procedure that stakeholders can follow, ensuring consistency and mitigation of human error in reviews
  • Set your access review frequency (monthly, quarterly, etc.) and working period/deadlines
Consolidate account access data from systems
  • Integrate systems using dozens of pre-built integrations, or “connectors”. System account and HRIS data is pulled into Vanta.
  • Upcoming integrations include Zoom and Intercom (account access), and Personio (HRIS)
  • Upload access files from non-integrated systems
  • View and select systems in-scope for the review
Review, approve, and deny user access
  • Select the appropriate systems reviewer and due date
  • Get automatic notifications and reminders to systems reviewer of deadlines
  • Automatic flagging of “risky” employee accounts that have been terminated or switched departments
  • Intuitive interface to see all accounts with access, account accept/deny buttons, and notes section
  • Track progress of individual systems access reviews and see accounts that need to be removed or have access modified
  • Bulk sort, filter, and alter accounts based on account roles and employee title
Assign remediation tasks to system owners
  • Built-in remediation workflow for reviewers to request access changes and for admin to view and manage requests
  • Optional task tracker integration to create tickets for any access changes and provide visibility to the status of tickets and remediation
Verify changes to access
  • Focused view of accounts flagged for access changes for easy tracking and management
  • Automated evidence of remediation completion displayed for integrated systems
  • Manual evidence of remediation can be uploaded for non-integrated systems
Report and re-evaluate results
  • Auditor can log into Vanta to see history of all completed access reviews
  • Internals can see status of reviews in progress and also historical review detail
Logo of incident.io
Incident.io
Logo of Lumos
Lumos
Icepanel logo on a white background.
IcePanel
Epsilon Logo
Epsilon3
The logo for supabase.
Supabase
EasyLLama Logo
EasyLlama
Qualifi Logo
Qualifi
Logo of toku
Toku
FEATURED VANTA RESOURCE

The ultimate guide to scaling your compliance program

Learn how to scale, manage, and optimize alongside your business goals.

DOWNLOAD FOR FREE

Table of contents

No titles!

Share this article

Share this article

Related Resources

Product updates
Blog

New in Vanta | June 2025

This past month, the Vanta team launched new features to help you monitor all of your resources while de-risking audits with adaptive scoping, and more!

What's New in Vanta 4.4.22
Product updates
Blog

What's New in Vanta 4.4.22

Spring is officially here and so is another product update. Learn more about AWS Lambda serverless monitoring, Asana task creation, and in-app policy editing.

Meet the Vanta MCP Server
Engineering
Blog

Built for the agentic era: Meet the Vanta MCP Server

We’re excited to announce that the Vanta MCP Server in now available via public preview—the first step towards bringing trust management into the emerging Model Context Protocol (MCP) ecosystem.

VantaCon 2022: Managing risk and unlocking growth with trust
Company news
Blog

VantaCon 2022: Managing risk and unlocking growth with trust

It's a wrap! Our inaugural user conference was a blast. Here's a recap of each product announcement unveiled at VantaCon 2022.

Related Resources

Product updates
Blog
New in Vanta | August 2025

This past month, Vanta launched a new CJIS framework, intelligent control scoping for SOC 2 and ISO 27001, and more.

Product updates
Events
AI-Powered Risk Management

Watch on-demand to see our new AI-driven features that help you reduce manual work, flag gaps in evidence, and streamline workflows with Slack integrations and continuous monitoring.

Product updates
Blog
New security capabilities for startups: Build enterprise-grade trust without compromising speed

Vanta’s security capabilities help startups build enterprise-grade trust at startup-level speed.

Product updates
Blog
New in Vanta | July 2025

This past month, the Vanta team launched new features to help you streamline policy management, identify threats with vendor continuous monitoring, and more.

Product updates
Blog
Streamline audit workflows with the Vanta + Fieldguide integration

The new Vanta + Fieldguide integration helps teams complete audits faster.

Product updates
Blog
New in Vanta | June 2025

This past month, the Vanta team launched new features to help you monitor all of your resources while de-risking audits with adaptive scoping, and more!

Product updates
Blog
Transform the audit experience with Vanta

We’re excited to introduce information requests lists (IRLs), adaptive framework scoping, and controlled audit views to streamline the audit experience and accelerate audit review times

Product updates
Blog
Root Cause Analysis (RCA) of Product Bug (Inc-868)

We are sharing this Root Cause Analysis (RCA) publicly to provide full clarity into the cause of Product Bug (Inc-868) and steps we’re taking to prevent it in the future. 

Force multiply your team and monitor your entire program with Vanta’s AI-powered Trust Management Platform
Product updates
Blog
Force multiply your team and monitor your entire program with Vanta’s AI-powered Trust Management Platform

Vanta’s new features and functionality supercharge your team and expand coverage across your environment.

Introducing the all-new Vanta AI Agent
Product updates
Blog
Introducing the all-new Vanta AI Agent to supercharge GRC teams

The Vanta AI Agent guides you through key compliance workflows and takes action on your behalf.

Product updates
Events
The First AI-powered Trust Management Platform

Discover how AI-powered features and adaptive scoping in Vanta are helping modern teams streamline GRC, reduce manual work, and tailor compliance programs to their business needs.

Product updates
Blog
New in Vanta | May 2025

This past month, the Vanta team launched new features to map controls to policies, streamline policy approvals, tailor your Trust Center, and more.

Get compliant and build trust—fast

Request a demo
G2 Badge 2025 - Best Software | Top 50 Governance, Risk, & Compliance ProductsG2 Badge 2025 - Best Software | Top 50 Security ProductsG2 Badge 2025 - Best Software | Top 100 Best Software Products