Trust is a team sport: Vanta's new product capabilities help your team win

Maintaining continuous compliance and trust isn't a one-person or one-team job; trust is created and sustained by a network of employees, vendors, auditors, and more. However, working with this extended team can get messy—communication is spread across multiple surfaces, action items are tracked in different documents and tools, and coordination becomes manual and time-consuming. 

‍

Security and GRC teams need tools that simplify collaboration with their network of stakeholders, so they can focus on maintaining continuous compliance. They need solutions that make it easy to delegate work, communicate contextually, and empower their colleagues to take ownership of their contributions to the organization's security.

‍

In today’s edition of Vanta Delivers, we’re introducing new features and capabilities that streamline collaboration with your extended team, ensuring continuous security and trust. Vanta’s Trust Management Platform helps you seamlessly coordinate work with employees, vendors, auditors, and customers—so you can focus on what matters most. We know that trust is a team sport—and Vanta makes it easy to win.

‍

Level up collaboration and accountability with Vanta teams

For scaling security and compliance teams, Vanta offers an automated, centralized platform that unites various programs—like compliance, internal and external risk, and customer trust—all in a single solution. But we know trust is not solely the responsibility of the security team, which is why we’ve made it easier than ever to collaborate with other departments within Vanta. 

‍

We’re thrilled to announce that Vanta now provides teams and granular user access, which allows you to add collaborators to Vanta with a limited user role so they only get access to the items you assign to them. This allows you to delegate work while maintaining least privilege access.

‍

You can also create teams in Vanta to represent the departments you’ll work closely with—like engineering, legal, or HR—and assign teams as owners, eliminating process bottlenecks. Teams can determine their own notification settings (to email, Slack, or Microsoft Teams), ensuring they’re alerted via their preferred tool when action is needed from them on a security-related task.

‍

"Team-based ownership has been hugely beneficial in our day-to-day operations. Previously, we struggled with getting other teams into Vanta to review controls on a regular basis. Now that we've integrated teams and set up alerting in Slack, it's allowed us to have more eyes on control failures in a much more seamless fashion."

- Michael Aguirre, Director of Security Operations at Ontra

‍

‍

‍

‍Team ownership and granular user access is available now on tests and documents for Vanta customers on the Growth plan. This will become available on additional Vanta objects in the coming months.

‍

Fast-track vendor security reviews with the Vanta Exchange

Managing vendor risk is a major challenge in security programs and the rise of SaaS tools, AI technologies, and third-party breaches further complicates vendor monitoring and oversight. Organizations need an efficient way to conduct accurate vendor security reviews with confidence, ensuring they have the evidence they need while quickly validating AI-generated answers against vendor responses. The vendors on the other end of these reviews want to unblock deals, minimize time spent on questionnaires, and expose only what’s necessary for a buyer to complete the security review. 

‍

We’re excited to launch the Vanta Exchange—an experience that enables direct collaboration between buyers and vendors. It streamlines evidence gathering, automates follow-ups, and keeps external risk processes on track, providing full visibility so security teams can confidently complete vendor reviews on time. This marks a major milestone toward building a fully integrated Vendor Risk Management experience within Vanta.

‍

"The automated evidence requests and streamlined questionnaire flow in the Vanta Exchange have proven incredibly useful, even within just a week of trial use."

- Roze San Nicolas, CISSP, Director of Information Security at MERGE

‍

The Vanta Exchange provides a seamless, integrated experience that keeps buyers and vendors aligned. Unlike outdated, disjointed workflows that require switching between tools to share evidence or complete questionnaires, Vanta connects everything into one continuous process. Buyers can track progress, stay updated on requests, and get real-time visibility into vendor status, while vendors can better fulfill requests and manage tasks—ensuring that both parties contribute what’s needed, when it’s needed, making for more efficient vendor security reviews.

‍

‍

The Vanta Exchange will be available in beta for all Advanced VRM customers in April.

‍

Ensure the completeness and accuracy of audits by sharing test source data

Companies undergoing an audit must regularly interact with their auditor, but these exchanges are often time-consuming and spread across email, Slack, and phone calls. Companies want an efficient way to collaborate with their auditors, sharing relevant information while maintaining control over what is disclosed to them. 

‍

Vanta is transforming audit collaboration with several enhancements to improve the entire audit process. These enhancements include: 

‍

• Flexible auditor access to test source data: Allows auditors to validate what’s behind Vanta’s automated tests, ensuring audit completeness and accuracy. You can grant auditor access to the test source data when the audit is created, or at any time after.
• Enhanced flexibility with the Auditor API: Gives you the flexibility to select your preferred auditor, even if they don't work within the Vanta platform by enabling them to connect their preferred tools to Vanta via a REST API.

‍

These features help streamline the audit process, centralize audit management, and enable real-time collaboration with your auditor while granting you complete control over your data.

‍

‍

‍

The ability to share test source data is available now for all Vanta customers and auditors.

‍

Answer security questionnaires in the format your customers need

Security questionnaires today come in all shapes and sizes—it’s not just through spreadsheets, but often in the form of a document or web-based portal. In fact, Vanta estimates that portal-based questionnaires now make up half of security questionnaires, and the average questionnaire has nearly 100 questions. 

‍

Security and compliance teams are expected to respond to questionnaires promptly while ensuring they return questionnaires to customers in the same format they were received. For organizations to stay competitive and keep their sales process humming along, they need to find efficient ways to complete questionnaires, no matter the format.

‍

We’re excited to announce that Vanta now automates web-based portal questionnaires and expands to support for DOCX and PDF questionnaire formats. This is in addition to the automation for spreadsheet-based questionnaires we already support. Security and compliance teams can now fully automate and collaborate on responses in all these formats, replacing the previous one-by-one approach with the browser extension.

‍

Here’s the enhanced process for automating web-based portal questionnaires: 

1. Import the questionnaire: Import questions directly from the portal into Vanta
2. Automate responses: In minutes, Vanta fills out the questionnaire, drawing from your knowledge base of documents and past questionnaire responses
3. Review and collaborate: Teams can refine and collaborate on responses within Vanta
4. Save new responses: Approved answers are added to the knowledge base for future use
5. Export back to the portal: Quickly fill the responses with just a few clicks

‍

Automating responses in bulk will reduce the time teams spend responding to questionnaires, while still providing customers with the information they need in the format they prefer.

‍

‍

Document and portal questionnaire automation will be available in beta for all customers with Questionnaire Automation in May.

‍

Make security and compliance collaboration easy with Vanta

At Vanta, we’re committed to building solutions that help security and GRC teams work smarter, not harder. With our latest product capabilities, we’re helping security organizations unlock automation and continuous controls monitoring across their entire network of stakeholders—making it easier to achieve trust as a team.

‍

If you’re ready to see Vanta in action, request a demo today and discover how our platform can transform your security and compliance workflows. Already a Vanta customer? See how you can add these exciting new features to your instance and elevate your Vanta experience by contacting your account manager.