ALL RESOURCES
Company news
SaaStr Annual 2021: What Vanta is looking forward to
BlogsCompany news
September 21, 2021

SaaStr Annual 2021: What Vanta is looking forward to

SaaStr Annual 2021, taking place Sept. 27-29th, is the largest gathering for founders, executives, and venture capitalists in the Software as a Service industry. This is the first major tech event happening in the San Francisco Bay area since the start of the pandemic and we’re excited and proud to be a platinum sponsor.  


Of course, things will look a little different this year. Health precautions are a priority, so the event has taken on a new look and feel: think outdoor festival. There are over 40 acres devoted to attendees, which has been capped to 5,000 people for everyone’s safety. The open-air fairgrounds will provide the stage for over 150 speakers from the cloud and SaaS communities. The event is also hybrid -- if you can’t join in person, there is the option to stream from anywhere. Let’s get into what we’re looking forward to at SaaStr Annual 2021.

From the desk of Christina Cacioppo

First and foremost, we’re thrilled that Christina is presenting at this year’s SaaStr.

Christina will discuss how Vanta grew from $0 to $10MM in ARR prior to raising a Series A and what she learned from the process. Learn how Vanta has transformed from a very small team focused on SOC 2, to a leader in security compliance automation and continuous monitoring. Don’t miss her presentation on Wednesday, September 29th at 10:45 PDT, to hear details on the steps she took to achieve 400% year over year growth and Vanta’s pre-Series A journey.

Growing your product with Loom

Loom is an asynchronous video messaging service that helps businesses communicate better both internally and externally. The organization has served over two million users with improved workplace video messaging. Just about a year ago, Loom officially became SOC 2 compliant with the help of Vanta’s SOC 2 automated compliance platform. According to Loom, “Vanta adds another layer of continuous monitoring on items such as encrypted data stores, timely access disablement dates, vulnerability identification, and policy management. They integrate with our third-party systems to recommend SOC 2 industry best practices, aggregate audit evidence, and provide ongoing monitoring and support.”


Loom’s VP of Product, Anique Drumright, will be presenting on “The Secrets of Expanding from a Single Product to a Platform Play.” We’re excited to learn more about how Loom has expanded their business growth with strategies for understanding market signals and defining success for stakeholders. Anique also will be sharing her tips to effectively improve product development and ways to generate revenue opportunities.


Mastermind class with Notion

Notion is a startup that is considered a pioneer in the all-in-one collaboration application, where business tools can work seamlessly together. Notion’s capabilities appeal to both small and enterprise companies.


As the success of the organization took off, Notion partnered with Vanta to set up continuous monitoring of their technical services through APIs in order to instantly be able to identify security vulnerabilities. Notion said, “As a really small startup, you don’t even know what a security program is. Vanta was the scaffolding for us. It helped define what security for a startup looks like and built us a roadmap that would actually accelerate our sales.”


We’re eager to hear Notion’s Chief Revenue Officer, Olivia Nottebaum, discuss “How Community-Led Growth Drives Product-Led Growth.” Olivia will share how Notion has been successful at scaling to cater to enterprise-level customers and the complex aspects of product-led growth. She’ll also delve into the mandatory “ingredients” for achieving growth success.


From the desk of ProfitWell CEO

ProfitWell helps organizations understand churn and expansion revenue. The tool is used by customer success teams that value insights about retention and are looking for comprehensive ways to reduce customer turnover. ProfitWell has partnered with Vanta to achieve SOC 2 and continuous security monitoring, setting the capabilities for ongoing security compliance and growth.


ProfitWell CEO, Patrick Campbell, is taking the stage to present “A Playbook for Revenue Automation Based on 24,173 SaaS Companies.” Patrick will take a deep dive into ProfitWell’s unique data set and will share how the SaaS market has shifted in just the past year. We’re intrigued to hear the results on what is considered the new framework for revenue success and get some actionable takeaways from ProfitWell’s SaaS data.

Meeting Vanta customers

Aside from looking forward to learning from inspiring leaders and making lasting connections with other SaaS companies, we’re intent on meeting as many customers as we can in person.


We want the opportunity to hear your feedback. Schedule a time to meet with the Vanta PM team at SaaStr. During your meeting time, you will be able to share details about your experience with Vanta and learn about our product roadmap.


Not sure of your schedule just yet? Feel free to stop by and meet our team at booth 415. Not (yet) a customer? Come visit us anyways! We hope to see you there.



Written by
No items found.
Access Review Stage Content / Functionality
Across all stages
  • Easily create and save a new access review at a point in time
  • View detailed audit evidence of historical access reviews
Setup access review procedures
  • Define a global access review procedure that stakeholders can follow, ensuring consistency and mitigation of human error in reviews
  • Set your access review frequency (monthly, quarterly, etc.) and working period/deadlines
Consolidate account access data from systems
  • Integrate systems using dozens of pre-built integrations, or “connectors”. System account and HRIS data is pulled into Vanta.
  • Upcoming integrations include Zoom and Intercom (account access), and Personio (HRIS)
  • Upload access files from non-integrated systems
  • View and select systems in-scope for the review
Review, approve, and deny user access
  • Select the appropriate systems reviewer and due date
  • Get automatic notifications and reminders to systems reviewer of deadlines
  • Automatic flagging of “risky” employee accounts that have been terminated or switched departments
  • Intuitive interface to see all accounts with access, account accept/deny buttons, and notes section
  • Track progress of individual systems access reviews and see accounts that need to be removed or have access modified
  • Bulk sort, filter, and alter accounts based on account roles and employee title
Assign remediation tasks to system owners
  • Built-in remediation workflow for reviewers to request access changes and for admin to view and manage requests
  • Optional task tracker integration to create tickets for any access changes and provide visibility to the status of tickets and remediation
Verify changes to access
  • Focused view of accounts flagged for access changes for easy tracking and management
  • Automated evidence of remediation completion displayed for integrated systems
  • Manual evidence of remediation can be uploaded for non-integrated systems
Report and re-evaluate results
  • Auditor can log into Vanta to see history of all completed access reviews
  • Internals can see status of reviews in progress and also historical review detail

PCI Compliance Selection Guide

Determine Your PCI Compliance Level

If your organization processes, stores, or transmits cardholder data, you must comply with the Payment Card Industry Data Security Standard (PCI DSS), a global mandate created by major credit card companies. Compliance is mandatory for any business that accepts credit card payments.

When establishing strategies for implementing and maintaining PCI compliance, your organization needs to understand what constitutes a Merchant or Service Provider, and whether a Self Assessment Questionnaire (SAQ) or Report on Compliance (ROC) is most applicable to your business.

Answer a few short questions and we’ll help identify your compliance level.

1
2
3
4
!
👍

Does your business offer services to customers who are interested in your level of PCI compliance?

Yes
No

Identify your PCI SAQ or ROC level

The PCI Security Standards Council has established the below criteria for Merchant and Service Provider validation. Use these descriptions to help determine the SAQ or ROC that best applies to your organization.

Good news! Vanta supports all of the following compliance levels:

SAQ A

A SAQ A is required for Merchants that do not require the physical presence of a credit card (like an eCommerce, mail, or telephone purchase). This means that the Merchant’s business has fully outsourced all cardholder data processing to PCI DSS compliant third party Service Providers, with no electronic storage, processing, or transmission of any cardholder data on the Merchant’s system or premises.

Get PCI DSS certified

SAQ A-EP

A SAQ A-EP is similar to a SAQ A, but is a requirement for Merchants that don't receive cardholder data, but control how cardholder data is redirected to a PCI DSS validated third-party payment processor.

Learn more about eCommerce PCI

SAQ D
for service providers

A SAQ D includes over 200 requirements and covers the entirety of PCI DSS compliance. If you are a Service Provider, a SAQ D is the only SAQ you’re eligible to complete.

Use our PCI checklist

ROC
Level 1 for service providers

A Report on Compliance (ROC) is an annual assessment that determines your organization’s ability to protect cardholder data. If you’re a Merchant that processes over six million transactions annually or a Service Provider that processes more than 300,000 transactions annually, your organization is responsible for both a ROC and an Attestation of Compliance (AOC).

Automate your ROC and AOC

Download this checklist for easy reference

Questions?

Learn more about how Vanta can help. You can also find information on PCI compliance levels at the PCI Security Standards Council website or by contacting your payment processing partner.

The compliance news you need. Delivered securely to your inbox.