Vanta announces new products to enhance GRC and trust programs

Vanta announced a number of new and upcoming products enabling customers to build, demonstrate and enhance their GRC and trust programs.

The new offerings include Vanta for Marketplaces to strengthen trust across a company’s entire ecosystem; adaptive scoping; AI-powered chat for Trust Centers; developer-first workflows for faster remediation; and expanded reporting capabilities.

The announcements coincide with a number of highlights for the company in 2024:

• Now continuously monitoring over 92 million resources across customers—from laptops to servers to employees—to ensure they remain secure and in compliance
• Remediating 871 million vulnerabilities for customers within their SLAs and demonstrating that progress to their auditor
• Establishing the market’s largest network of Trust Centers with customers’ Trust Centers garnering over 2.5M views
• Helping customers complete security questionnaires up to 5 times faster with Questionnaire Automation
• Surpassing $100 million ARR in under 5 years of entering the market and raising a $150 million Series C funding round at a valuation of $2.45 billion

“The bar for proving trust keeps getting higher. Security and GRC teams are tasked with monitoring and remediating a growing web of controls, vendors, questionnaires and risks, which is made even more complex by discerning buyers,” said Jeremy Epling, CCPO, Vanta. “Vanta now helps customers go beyond the standard of SOC 2, with continuous controls monitoring, automated evidence collection and tools to proactively demonstrate trust. In rolling out these new experiences, we’re ensuring that our customers can build, demonstrate and strengthen their trust programs as we raise the standard of security together.”

Vanta for Marketplaces to build a trust ecosystem

According to Vanta’s 2024 State of Trust, a majority (55%) of organizations say the security risks for their business have never been higher, highlighting the need to reduce risk across a company’s entire ecosystem, including integration and app marketplaces.

Vanta for Marketplaces is a new solution that enables organizations to strengthen trust in their network by tailoring custom frameworks to their unique marketplace requirements, allowing customers to see which partners meet these standards.

Companies like Snowflake and Atlassian are leveraging Vanta for Marketplaces to enable their marketplace partners to meet their standards of trust and compliance. Over 400 of Atlassian’s partners have achieved or are working toward their SOC 2 with Vanta, building confidence among Atlassian customers and driving increased app adoption on their Marketplace.

“Atlassian is committed to fostering a secure and trustworthy ecosystem for our customers and Marketplace Partners,” said Phil Grove, Group Product Manager – Ecosystem at Atlassian. “Through our collaboration with Vanta, we empower our partners to obtain compliance certifications that enhance their security frameworks and drive adherence to industry standards. Vanta’s support enables these partners to streamline essential security and compliance evaluations, facilitating faster cloud transitions, preserving trust, and focusing on delivering value to our shared customers.”

Scoping to control what auditors and customers see

Coming soon, Vanta will make it easy to control precisely which assets a company’s auditors and customers can see with adaptive scoping. Companies that work across multiple frameworks with multiple audits can apply rule-based logic to automatically tag assets to a given framework, limiting auditor visibility into only the items they need to review.

With scoping, customers get the full power of Vanta’s monitoring on all security resources, even if they aren’t required for an audit. By centralizing more of their program onto Vanta, customers have a single-source of continuous monitoring and automation while maintaining control over what’s visible externally.

AI-powered chat for Trust Centers

Today, Vanta is home to the largest network of public-facing trust centers. Trust Centers are now supercharged with an AI-powered chatbot that responds to queries with information pulled directly from an organization’s Trust Center, giving stakeholders, customers and prospects the documentation and answers they need in seconds.

AI-powered chat also provides companies with insights into the top security questions that their customers and prospects have about their controls, enabling security teams to stay one step ahead.

Developer-first workflows to reduce time to remediation

Vanta AI can now generate personalized Terraform code snippets to address failing tests, helping GRC teams work in lockstep with their developers to quickly remediate compliance gaps. The new feature helps teams remediate 175+ cloud tests across AWS, Azure, GCP and more, with alerts about what needs to be actioned and code snippets to implement fixes.

In addition, teams can now automate Jira ticket creation for any tests that fail. This ensures that stakeholders and development teams are alerted at the moment an issue occurs and can track progress against them in real time.

New reports and drill down capabilities

Following the launch of Report Center earlier this year, Vanta is releasing new reporting drill downs to help security and GRC teams go deeper into their data. Now available in Beta, these capabilities allow teams to view how their program has been trending over time while adding actionability and accountability to the data.

Coming soon, Questionnaire Automation reports will help teams quantify time saved on security questionnaires, and the Vulnerabilities reports will give a view of the status and history of their vulnerability compliance program.