Vanta
Description de Vanta
Vanta simplifie le processus complexe et fastidieux de préparation à un audit SOC 2. Grâce à ses outils d'évaluation des écarts, d'évaluation des risques et de correction faciles à utiliser, le temps de préparation à un audit SOC 2 est réduit, vous permettant ainsi d'économiser beaucoup de temps, d'énergie et d'argent. Lorsque votre entreprise est prête pour l'audit SOC 2, vous pouvez travailler avec le cabinet d'audit partenaire Vanta de votre choix. Chaque partenaire d'audit a convenu d'une remise fixe pour les clients et est formée à réunir des preuves directement dans Vanta.
Qui utilise Vanta ?
Vanta est adopté par des entreprises cloud comptant entre 2 et 1 000 employés.
Vanta ne vous convainc pas tout à fait ?
Comparer avec une alternative populaire
Vanta
Alternatives à Vanta
Avis sur Vanta
David
Smooth and seamless SOC2 preparation
Commentaires : We needed to get a SOC2 audit completed quickly to satisfy a customer need. Most "traditional" audit shops told us it would take 12 - 15 months. With the automation features, customer support, and auditor integration, we were done end-to-end (from signing up with Vanta to receiving our SOC2 report) in just over 5 months. Very smooth process from beginning to end - went almost exactly as advertised during the sales process - that's rare and unexpected these days.
Avantages :
User interface was intuitive - provided a clear "checklist" approach for actions to take and problems to resolve. Vanta Agent (for our laptops and (virtual) servers at AWS) is very useful to ensure continuous oversight of what's on the machine and when it needs to be updated. Working with our auditor to get our first SOC2 was also seamless and painless - the auditor plugged right into our Vanta instance and downloaded/monitored everything remotely - no need for screen shots or sending lots of documentation.
Inconvénients :
Would have been nice to have more integrations with some of our existing tools (monday.com, AWS Code Commit, etc.) to make the process even more automated. The automated policy generator is nice for filling holes in an existing policy suite, but isn't great if you have to make a lot of customizations to it as the "automated" part breaks down once you edit it offline. Two minor things in an overall great experience.
Sarah
Great Resource for Security Compliance
Commentaires : The support at Vanta is incredible and the platform continues to be a huge asset to our security compliance program.
Avantages :
I use Vanta every day for my work in compliance. The main Tasks page is extremely helpful in flagging and identifying where I need to focus my attention, which allows me to efficiently spend my energy. Being part of a smaller company (for now!), this platform was invaluable during our SOC 2 audit as a source of evidence for many technical and operational controls. My favorite features include a space for hosting security policies (they have so many awesome customizable templates, too) and tracking who has reviewed and accepted them, allowing real-time reporting on technical controls that our customers can view, and vendor and other inventories to keep track of our resources.
Inconvénients :
I look forward to seeing more product enhancements in the future. I would love to see more integrations or an admin-facing API so that the same groups and dates used in our identity platforms aligned here, and other user-experience efficiencies like bulk sending email reminders or viewing a person's onboarding tasks plus their assigned computer's information within one row on the same page.
Chris
Alternatives envisagées :
Compliance simplified
Commentaires : Very good. We have been able to formalize our internal security programs and successfully completed our SOC2 audit. The Vanta team has always been very responsive to our needs, soliciting feedback and promptly answering questions (no matter how basic) and guiding is in the right direction.
Avantages :
We love that Vanta has made it easy for us to develop a comprehensive InfoSec program and helped us prepare for our SOC2 audit. Onboarding was straightforward and the continuous monitoring ensures ongoing compliance. The product integrates with most of the software we use day-to-day and has saved a lot of time.
Inconvénients :
There are some areas of the UI which are a bit rough around the edges and non-intuitive, I chalk this up to Vanta being a relatively new product. It has improved a lot since we became a customer and specific areas such as the employees onboarding/off-boarding flows show that the team is constantly iterating and responsive to user feedback. In addition, I would love to see more automation in the product - we are a smaller company without a dedicated IT team. Vanta does a great job of alerting us to issues, but being able to help us take steps to remediate would be much appreciated.
Evan
Vanta's automated tests are great. Dashboard is intuitive.
Commentaires : Vanta's dashboard is easy to follow. Instructions for how to fix failing tests are clear. I am happy that we don't have to create these tests ourselves. And I am thankful that Vanta tells us what's important.
Avantages :
As a software engineer in charge of preparing our cloud infrastructure for security compliance, I really enjoy the automated tests that Vanta deploys to our cloud providers. These tests are comprehensive. They would take us months to create ourselves. I am happy Vanta does this for us.
Inconvénients :
I do not know how to efficiently triage the information I get from Vanta notifications. I get a lot of notifications about failing automated tests in my email and in my Slack. I get "alarm fatigue" and end up ignoring most of the notifications.
Sarah
Top-Tier Automated Compliance Tracking
Commentaires : Vanta has been great to work with, and continues to listen to feedback and implement fixes wherever possible. They make the audit process easy and preparation ahead of the audit simple.
Avantages :
Vanta is continually growing to provide its clients with top-tier compliance tracking. While some pieces are still managed manually, that number is dwindling as Vanta continue to expand on their already extensive automated services. Vanta support is outstanding. Vanta also makes understanding compliance targets and requirements easy.
Inconvénients :
The frequent changes that Vanta undergoes as they continue to improve their platform can be mildly disruptive, but the payoff is always worth it. They integrate with some of the key components of our software stack but we'd like to see more as it relates to provisioning/deprovisioning, vendor management/security assessment, and MDMs.
